John (Jack) Dempsey
Education:
Bachelor's Degree, Information Technology - Security
Western Governors University
Experience:
Responsible for attaining enterprise security and governance goals
Monitor and manage the security vulnerability management program
Act as the subject matter expert for security and compliance questions
Support Sales and Customer Success teams on RFPs, security questionnaires, assessments, and contract terms
Partner with Legal on matters related to compliance and security policying
Implement and maintain security policies, standards, and guidelines, including disaster recovery, risk management, and incident response
Develop strategic risk guidance for development and operations, including evaluation and recommendation of technical controls
Monitor cybersecurity threats and direct teams to develop appropriate response and mitigation strategies
Manage Knowbe4 and other security awareness programs, helping educate our workforce on proper security risk and mitigation strategies as well as compliance requirements
Lead incident response efforts and help determine the appropriate courses of action. Provide leadership, training, and guidance to internal staff members
Assist in preparing financial forecasts and budgets for security operations (e.g., tools, contracts, and audit costs)
2022 : Present
Unanet
Director of Information Security
Responsible for developing, implementing, and monitoring a strategic, comprehensive enterprise cybersecurity and IT risk management program based on MARS-E, FedRAMP, NIST, ISO, and PCI requirements and standards.
Provide the vision and leadership necessary to manage the risk to the organization and will ensure business alignment, effective governance, data and system availability, integrity, and confidentiality.
Provides the direction for corporate data and cybersecurity protection and oversees IT governance, risk, and compliance activities.
Develop corporate security strategy, security awareness programs, security architecture, and security incident response.
Manages the Security Operations team and responds to events.
Manages the compliance team and acts as the Company Compliance Officer
Leads the company incident response activities.
Provides strategic risk guidance for IT projects, including evaluation and recommendation of technical controls.
Collaborates with internal and external auditors, federal and state examiners to ensure security programs follow relevant laws, regulations, and policies.
Maintains current knowledge of industry and regulatory trends and developments in enterprise technologies.
2021 : 2022
Faneuil Inc
Director, Information Security (CISO)
Provide ongoing thought leadership, education, and guidance on IT Security Governance.
Develop and implement IT Governance programs to support client business objectives and goals.
Lead risk, security, & privacy assessments.
Conduct regulatory compliance assessments using PCI, HIPAA, NIST, ISO, & SOC 2 standards
Assist organizations with cloud security architecture design and implementation
Recommend cost-effective security controls
Write security policies, standards, procedures, and baseline documents
2019 : 2021
Online Business Systems
Senior Consultant
Lead cross-functional teams to deliver innovative cloud security solutions.
Provide thought leadership and collaboration with customers and internal teams to drive transformative cloud security solutions.
Develop guiding principles, standards, and company best practices for cloud security deployment.
Assist clients in migrating to the cloud by providing strategic direction, implementation guidance, and ongoing managed service offerings.
Assist team members in identifying and closing opportunities through customer meetings and presentations.
Prepare presentations, statements of work, and supporting documentation.
2019 : 2019
SoftwareONE
Cloud Security Practice Leader
Responsible for monitoring and managing the execution of consulting services projects within the Western region.
Responsible for the quality of services delivered, specific revenue and profit goals, employee retention, maintaining program documentation, and has a key role in business development activities.
Works with Sales and Marketing to identify and drive new business.
Provides sales-engineering support to the National Sales Team
Develops and maintains productive working relationships with customers that allow sales and marketing goals to be achieved.
Ensures that customers are satisfied with consulting services.
Makes recommendations to management regarding service additions, pricing, sales projections, and marketing plans.
Provides proposal solutions and statement of work descriptions for services in the region.
Works with Executive Steering Committees, Chief Information Security Officers, Privacy Officers, and Cybersecurity teams to design, implement and test security controls.
Provide subject matter expertise in Cybersecurity Governance, Risk, and Compliance programs.
Leads enterprise risk and security assessments using PCI, NIST, HIPAA, FISMA, SOC 2, ISO 27001, and 27018 security frameworks
2018 : 2019
Sword & Shield Enterprise Security, Inc.
Technical Director of West Coast Operations
Company: Unanet
Years of Experience: 24