Kirk Wyckoff
Details
Digital Communications
Franklin University
Bachelor of Arts - BA
English / Writing
Southern New Hampshire University
➤ Standardized the tooling framework that increased visibility of data risks and fueled changes into business, leading to reducing risks exposed publicly by 30%-40% and data access issues by 20%. Implemented, trained team, and led the adoption of tooling and technologies that enable data-centric security that aligns with risk.
➤ Defined and influenced the database administration team to adopt a data segmentation strategy that strengthened the defense of sensitive data.
➤ Enabled company to securely transition into a Work From Home (WFH) model in response to the COVID-19 pandemic. Assessed and strengthened IT controls that led to zero breaches.
➤ Chosen as member of the CISO Cabinet and Information Governance Committee. Contribute to defining the information security roadmap and setting up the data security strategy for the company.
2019 : Present
Nationwide
Director – Data Security, Information Security Organization
➤ Recruited to accelerate the transformation of third-party information risk management program to reduce risk to the business and assets. Expanded and managed team of 7 third-party risk consultants in assessing procedures, digital assets, and controls for hundreds of third-party vendors and services.
➤ Modernized and matured the Third-Party Information Risk Management Program from CMM2 to CMM4 standards that improved value to business within 3 years. Streamlined the processes, implemented a proactive and data-driven model, and capitalized on innovative automation to understand risk factors and increase supplier risk assessments by 60%.
➤ Restored morale and mobilized the third-party risk assessment team in achieving results. Leveraged servant-based leadership to communicate the vision and purpose that elevated performance and engagement levels to 92%.
2016 : 2019
Nationwide
Manager and Capability Lead – Third-Party Information Risk Management, Cyber Security Organization
➤ Drove high-profile initiative to align Omnicare’s Information Security Program and infrastructure architecture with CVS Health standards. Led and directed team of 20 in deploying and adopting corporate’s Qualys vulnerability scanning and logging tools, information security policies and procedures, and network/server/storage architectures.
➤ Credited with maintaining employee optimism and motivation during a rapid and stressful acquisition.
➤ Provided the technical and strategic leadership for the architectural design and deployment of critical infrastructure projects, encompassing DMZ, Active Directory, Citrix, Qualys, PKI, and CyberArk.
2014 : 2016
CVS Health (Previously Omnicare)
Senior Manager – Service Operations, Information Security & IT Architecture
➤ Spearheaded, built, and assumed responsibility for the Public Key Infrastructure (PKI) for all internal applications that strengthened security posture by standardizing certificate requirements.
➤ Developed the processes, trained the team, and introduced Microsoft PKI that centralized the management of digital certificates. Evangelized the adoption of Microsoft PKI product across the enterprise.
➤ Administered and optimized enterprise-wide Windows Active Directory environment to meet the needs of 32,000 employees nationally. Collaborated with project managers and delivery leaders to ensure seamless engagement with identity and access management team for the implementation of new solutions
2009 : 2014
Nationwide
Senior Directory Services Engineer – Identity and Access Management
➤ Developed the Information Security Program that improved visibility and mitigation of business and compliance risks.
➤ Built the team, defined the roadmap, implemented tools, and created information security policies, procedures, and controls for data destruction/handling, enterprise security intelligence, vulnerability management, risk analysis, and security awareness.
➤ Partnered with legal team to standardize eDiscovery capabilities that streamlined the litigation process.
➤ Led the implementation of IT controls that enabled organization to comply with annual SOX initiatives.
➤ Grew and elevated effectiveness of systems infrastructure team in achieving consistent uptime and performance of systems infrastructure.
2005 : 2009
Century Insurance Group
IT Operations Manager / IS Security Manager
Skills
Agile Methodologies, Agile Project Management, Analytical Skills, Automation, Business Resilience, Cloud, Cloud Computing, Cloud Security, Communication, Cybersecurity, Data Classification, Data Governance, Data Loss Prevention, Data Protection, Data Protection Program , Design Thinking, Information Security, Information Security Management, Information Systems Risk Management, Information Systems Security , Information Technology, Infrastructure Management, IT Controls, IT Infrastructure Management, IT Management, IT Operations, IT Outsourcing, IT Risk Management, IT Security Best Practices, Leadership, Management, Needs Assessment, Operations Management, Policies & Procedures Development, Privacy Law, Process Automation , Project Management, Risk-Based Decision Making, Risk Management, Servant Leadership, Strategic Planning, Strategic Vision, Team Leadership, Team Management, Technology Roadmapping, Threat & Vulnerability Management, Unix Administration, Vulnerability, Vulnerability Scanning, Windows Server
About
Certified Information Systems Security Professional (CISSP)
Certified Information Systems Risk Manager (CISRM)
Certificate of Cloud Security Knowledge (CCSK)
Foundations of Design Thinking
MCSE & UNIX Certifications
Prince2
★ ★ ★
Results-driven and collaborative leader with a proven track record introducing and driving the adoption of strategies, automation, and best practices to mitigate business and compliance risk and protect critical assets for enterprises. Strength in identifying the needs, defining and communicating the vision, and influencing the implementation of models, policies, processes, and technology to strengthen resiliency of complex environments. Skill in building, leading, and mobilizing teams in applying risk-based approaches, Agile methods, and design thinking methods to proactively solve complex problems, strengthen security postures, and support evolving regulatory and business goals.
★ ★ ★
Career Highlights Include:
➥ Created a formalized Data Protection Program for Nationwide Insurance that reduced risks exposed publicly by 30%-40%, minimized data access issues by 20%, and enabled company to transition to Work From Home (WFH) model due to the COVID-19 pandemic with zero breaches.
➥ Matured the Third-Party Information Risk Management Program for Nationwide Insurance in alignment with CMM4 standards that increased supplier risk assessments by 60% and improved business value.
➥ Directed the successful alignment of Omnicare’s Information Security Program with CVS Health standards—following acquisition—that minimized potential risks across the enterprise.
➥ Championed and built the Public Key Infrastructure (PKI) for Nationwide that elevated security posture across portfolio of applications.
★ ★ ★
StrengthsFinder Themes:
Arranger >> Expert in aligning strategies and resources for maximum results.
Input >> Strength in capturing and analyzing data for positive disruption.
Learner >> Focus on learning and continuously improving skills and competencies.
Relator >> Talent for forging collaboration among teams to achieve goals.
Strategic >> Skill in defining creative solutions to complex problems.