Judy Hatchett
Details
Security Technologies
University of Minnesota-Twin Cities
2017 :
In process
Master's Cybersecurity
Concordia University-St. Paul
2016 : 2018
Bachelor of Arts
Organizational Management
Bethel University
1998 : 2001
2020 : Present
Surescripts
VP, Information Security & CISO
Provide strategic and operational leadership and direction to the information security management organization that supports the information security capabilities, processes and standards. Oversee ongoing programs, projects that serve to protect data, confidentiality, integrity and availability while providing secure and reliable access by staff, partners, affiliates and vendors, to systems and information. Partners with executive leadership to determine acceptable levels of risk for the organization and drive executive approval and support for the resulting security improvement programs and projects.
2018 : 2020
Fairview Health Services
VP Information Security and CISO
Assists in providing and supporting information security strategy, policy, standards, architecture, processes and assessments to ensure that 3M information assets and critical processes are adequately protected with acceptable levels of controls. These controls enable the businesses to operate efficiently, cost-effectively and in compliance with regulatory and industry practices, world-wide.
Assisting in achieving HIPAA compliance for one of 3M's critical Healthcare business groups. Developing a Cloud agnostic security strategy. Representing Cybersecurity on 3M's Manufacturing and Process Engineering Infrastructure team.
2016 : 2018
3M
Sr. Global Manager, Information Security Risk & Compliance
Provide direct leadership and management of IAM functions. Actively lead and manage programs (directly and indirectly), to ensure on time delivery, budget and quality goals are met. Lead and drive definition, implementation and closure of projects, including requirements, project plans and resource needs with stakeholders and within team resources. Analyze service offerings, program portfolios and define success / failure metrics and ensure the tracking and reporting, status updates of all metrics. Assist in the development and execution of the overall Identity and Access Management roadmap. Lead the innovation and championing of processes/methodologies at all levels. Ensure understanding and implications of third party security technologies solutions that control access. Lead and oversee the delivery of services, capabilities and processes to mitigate risks. Assist in maximizing investment decisions by understanding the capabilities of existing IAM and aligning with business strategy. Ensure that ongoing training/awareness of IAM is delivered to customers, including internal teams whose processes are being re-engineered. Lead the optimization of security processes and controls, and thus reduce vulnerabilities and mitigate IAM risks. Manage staff in accordance with organizations policies and applicable regulations.
2015 : 2016
SUPERVALU
Sr. Director, Identity and Access Management
Identity and Access Management (IAM) Capability owner. Oversee and actively participate in a $13 million program. Responsible for facilitating project requirements, funding requests, project status, escalation and management of program timelines.
Responsible for managing the IT Service Management team that comprised of managing and execution of the following ITIL processes : Change Management, Incident Management, Asset Management, Configuration Management, Problem Management and development and migration to the Service Now toolset.
Lead a task force made up of internal resources, external auditors, and multiple 3rd party vendors to successfully remediate a regulatory IT Service Managment deficiency. The task force created new policy, standard, processes and IT General Controls while aligning with the IT long term strategy.
Manage the compliance and remediation of internal IT General Controls program in a multi-vendor environment. Partner with Internal Audit and 3rd Party Vendors to align on remediation and control framework.
Oversee the enterprise rollout of RSA Archer (General Risk and Compliance) software. This includes oversight on the develop framework, change governance, prioritization of rollouts and resources.
SAP Security Lead for leading the SAP Security Team (Internal Resources and Accenture).
2010 : 2015
Best Buy
Sr. Director IT Risk and Compliance
Skills
Budgets, Building Trust, Business Analysis, Business Intelligence, Business Process Improvement, Business Strategy, Change Management, cobit, Cross-functional Team Leadership, CSF, Databases, Data Center, Disaster Recovery, Enterprise Architecture, Enterprise Risk Management, Governance, Identity and Access Management (IAM), Identity Management, Information Security, Information Technology, Infrastructure, Integration, ITIL, IT Management, IT Service Management, IT Strategy, Leadership, Management, Network Security, Payment Card Industry Data Security Standard (PCI DSS), PCI DSS, Process Improvement, Program Management, Project Management, Requirements Analysis, Retail, Risk Assessment, Risk Management, SDLC, Software Development, software development life cycle (sdlc), strategic partnerships, Strategic Planning, Strategy, Team Leadership, Testing, Training, U.S. Health Insurance Portability and Accountability Act (HIPAA), Vendor Management, Vulnerability Assessment, Cross-functional Team
About
I am an experienced CISO with over two decades of cybersecurity expertise. I have a relentless commitment to safeguarding digital landscapes. Areas of expertise include Threat Management, Compliance, Identity and Access Management, Service Management, Enterprise Risk Management and e-Prescribing Fraud.