SlideShare a Scribd company logo

Bill_Haase_Resume Dec 2015

Download as DOCX, PDF
B
Bill Haase
1 of 7
William T Haase 333 1st Street Apt C108, Seal Beach CA 90740 (614) 323-9836, williamthaase@gmail.com http://www.linkedin.com/in/billhaase Expert in Security, Privacy, Integration Technologies with an ability to communicate complex ideas that develop a project and a team. Eclectic collection of talents & abilities to see data sets, patterns, technology, and use soft skills to bring people together to solve problems with experience in on site and off shore teams. My skills include areas of security, software architecture, data integration, and data communication technologies. I build revenue streams with these skills. Skills ● Cyber Security and Compliance Expert in Healthcare, Pharma and Financial Services ● Successful business development which has generated at least 20 million in new revenue from security services projects each year ● Proven track record of developing relationships as a trusted advisor ● Communication skills including writing, presentations and speaking ● Sales of services and software for security leveraging onsite and offshore model ● Presentation skills, and other soft skills which enable board room presentations and management decisions ● Management and team development leveraging an onsite / offshore model ● IT Security Thought Leadership using compliance requirements, industry standards and best practices ● Compliance alignment with control frameworks to integrate automation and processes ● Expert in Gap Analysis, Policy Development and Security Controls design and integration ● Planning and management of projects which mitigate delays for on time delivery ● IT Security and Software Expert with specialties in GRC and Identity and Access Management ● Listening, Diagnostics and Communication – Soft Skills ● An ability to integrate multiple domains of knowledge ● Developing and Closing Contracts and Partnerships in technology and consulting services ● Cross cultural integration, building teams, sound managers and leaders ● Consulting expert with no escalations but expertise with handling hostile clients ● Risk Identification and Management ● Identity and Access Management Expert with experience with Sailpoint, Tivoli, and Oracle ● Governance and Policy Expert (GRC) ● Measurement and the development of measures for processes and controls ● Compliance Expert for security and privacy regulation ● Legal and regulatory analysis with an ability to derive requirements ● Expert in diagnostics and root cause analysis – Roadmap development, planning and team building to achieve the results with measures that are demonstrable
● Expert in integration and architecture design of complex systems and code ● Multiple domain knowledge and thinking including Risk, Finance, Healthcare, Compliance, Security and Privacy expertise ● Expert in Identity and Access Management expert with governance and implementation experience with SailPoint ● Expert in GRC technologies including Archer, Modulo other Technologies and Processes ● Expert in Process development and policy development including NIST and ISO Standards ● Expert in Privacy and Security with Patents in Data Classification ● Developing requirements from regulation and law for information security and privacy including NERC-CIP, HIPAA, SOX, GLBA, EU Data Protection, SB1386, NIST 800 Series, PCI, FFIEC Information Security, ISO 27001, ISO 27002 and others ● Proven ability to identify client needs as well as communicate difficult and complex information. ● Extensive technical experience developing solutions and knowledge including networking, information security, privacy, systems architecture, SOA, and others. Experience Business Development and Sales Experience Currently I am helping develop and market cyber security services including IdM, GRC and Infrastructure Security for Healthcare and Pharma vertical markets and managing 14 accounts directly. In my last organization I served I met my sales targets every year for four years. I usually complete my sales target by end of February. Then work to expand that through the teams I manage. Last year I did a little over 20 million in new services revenue I have developed several new business offing’s include “Phase 0” assessments, workshops, and on site management of multiple projects called a “COE”. The assessments and workshops lead to “star-bursting” a client. This means multiple projects come from the initial engagement. I have extensive experience in writing Statements of Work that focus on client outcomes I have helped develop three security and privacy consulting practices – IBM, Oracle and Cognizant – I focus measures, market demand and the development and intellectual property. I look to add additional revenue to each services project by licensing intellectual property as a part of the services delivered. Partnership development and maintenance has been a key to adding additional revenue by leveraging my personal network and experience with vendors and clients.
Information Security and Privacy Projects Developed information security risk assessment methodology for a healthcare company and executed it based on new compliance obligations, the integration of business objectives and corporate policies. Developed architecture for integration of SEIM data to develop and support GRC reporting for compliance of PCI and HIPAA Omnibus. Developed integration of Identity Management and Physical Security to automate the complete provisioning of a new worker (Employee, Contractor or temp) Developed new data integrity strategy and processes to clean data and “clean” authoritative” sources Developed Healthcare Security Offerings, delivery methodology and managed all Healthcare and Life Science Security Projects for one of the largest Global Consulting Companies. Developed 7 new managers and teams across several clients across the 7 different States in the US. Developed and delivered “Phase 0” Consulting Assessments and which delivered roadmaps for multiple projects at each client. Each roadmap developed for a client included at least 7 projects and multiple work streams to enable the client to reduce their risks and reach their compliance and business efficiency objectives. Developed and Delivered HIPAA Omnibus IT Risk Assessment offering and delivered this engagement at several large Healthcare Organizations. This included developing a IT Risk maturity model, Assessment tools and framework as well as IT Risk Register and mitigation roadmap. Developed and delivered offing’s in Identity and Assessment for healthcare, Insurance and International Banking clients. Including the delivery with Oracle suite, SailPoint and Tivoli Products. This included developed custom entitlement management systems for two large banks and the implementation of Identity Management and Identity Governance programs at several Healthcare companies, retail companies and media companies. Developed security requirements integrating NERC-CIP and corporate security standards for an Identity Management Infrastructure which included systems integration and enterprise architecture. Developed and designed a new consulting methodology for demonstrable compliance based on aligning policy, standards and requirements to controls and audit trail artifacts. Served as a subject matter expert in security and privacy concerns for clients. Expert in Privacy and Security architecture and management. Key delivery focus starts with policies, management processes and application architecture for application, network, system, and operational security, and on the proper handling and protection of personal information for privacy. Demonstrated ability to turn policies into procedures and system architecture design for software, databases and networks.
Developed compliance requirements matrix for data protection and privacy controls. This included all national and international law governing data transfers, and sensitive data types using in delivery of financial services. Served as lead technical architect on the development of custom integrated security services software architecture for a large insurance company. This effort included discovery and development of security requirements and development of a security services architecture for a diverse computing environment that included over 50 mainframes, 1,000's of UNIX servers and thousands of Microsoft NT servers. This effort required the integration of IBM's software development method using UML and Rational Rose and security principles and services that provided common security services across and beyond the enterprise. Developed a patent in the area of data classification which was used as the basis for multiple consulting engagements to support enterprise security and privacy programs globally. Developed HIPAA assessment and remediation methodology which was used at four of the largest Blue Cross Blue Shield insurance companies. Served as the technical director for the Oracle Protected Enterprise Practice and developed the offerings and methodology to deliver customer results. One of the founding consultants for the IBM Privacy Practice which developed patents and methodology to enable organizations to meet privacy compliance requirements globally. Application Development Projects Served as lead integration architect for a Medicaid Portal for a large us Healthcare Payor. This included developing the a federated identity management services and access management services for the Portal integration with several internal systems. Served as a trusted advisor and lead security architect for several large projects including a joint venture between Oracle and a large service provider offering turn-key outsourcing solutions for human resource management. Resulting in a turn-key system supporting multiple fortune 100 companies including many in financial services. Developed and designed a new SOA based authorization service for the largest auto insurance company. This had strict performance and compliance requirements. In addition, this component had to be able to support all the companies’ platforms including mainframe, UNIX and MS NT Servers. Designed and developed a SOA based credit card processing service that including requirements from the Payment Card Industry Security Standard. Designed and developed complete stock and bond trading system, Asset-backed bond analysis and aggregation system and automated trading systems for investment banks, investment management companies and pension systems.
Software Implementation Projects Developed and implemented a new Identity Management and access control software implementation methodology which would support compliance requirements for banking and insurance companies operating in the United States. Developed and led the implementation of new methodology for multi-product security software solutions including three first of kind solutions;New authorization system, Data migration, cleansing and privacy controls, data protection for privacy and PCI compliance. Designed, integrated and packaged solutions for supporting regulatory compliance around COTS software solutions including SAP, Siebel and PeopleSoft. Identified and developed integrated security software sales solutions around regulatory compliance requirements for Sarbanes-Oxley, PCI, HIPAA, GLB, FFIEC Information Security, Basel II, and NIST 800 Series. This included developing sales support presentations, white papers and other sales support tools. Consulting Experience and Expertise Develop, manage and sell consulting services including assessments, policy development engagements and security architecture upgrades to meet regulatory compliance obligations. Develop the organization's methodology and intellectual property including The Baseline set of policies, standards, procedures and controls. Developed, managed and implemented a method for delivering consulting services which maximized the value to the client derived from skills, repeatable processes and methodology and intellectual property. Served as one of the developers for the Method for Architecting Secure Solutions at IBM Serve as an industry expert and public speaker at conferences and standards bodies for IT Governance, Risk, and Compliance (GRC). Served on OASIS standards development committees and Liberty Alliance Developed strategy, whitepapers and books for privacy, HIPAA, SOX and PCI compliance Work Employment History WiPro – Senior Practice Manager – Sales – Oct 2015 to Present Cognizant – Associate Director – June 2011 – Sept 2015
Logic Trends – Senior Manager – June 2009 – April 2011 Independent Security Consulting - August 2007 – May 2009 Oracle – Principal & Associate Director – January 2006 – July 2007 IBM – Managing Consultant & Senior Technical Specialist – January 2001 – November 2005
Experience Deriving Requirements from Law, Regulation and Standards ISO 27001, ISO 27002 NIST 800 Series (including 800-171 and 800-39) OECD Privacy Principles NERC-CIP Gramm-Leach Bliley Act California SB 1386 HIPAA Payment Card Industry Security Standard Basel II: International Convergence of Capital Measurement and Capital Standards – A Revised Framework BIS Sound Practices for the Management and Supervision of Operational Risk Standards for Safeguarding Customer Information - FTC 16 CFR 314 Privacy of Consumer Financial Information - FTC 16 CFR 313 Safety and Soundness Standards - Appendix of OCC 12 CFR 30 Federal Financial Institutions Examination Council - Information Security Formal Education and Professional Training ● Bachelor of Science degree from Ohio State University with majors in Marketing and Finance and Minor in Computer Science ● Certified IBM Consultant ● Certified Tivoli Engineer ● Certification as a Novell Network Engineer ● Certified Netscape Consulting Engineer ● A founder and Chairman of the Board of Directors for the Network Professionals Association ● Experienced speaker on network security, eBusiness systems and systems integration ● HIPAA Consultant with experience in the development of the security and privacy sections of the law ● Extensive marketing strategy development and training in emerging markets

Recommended

IANS 2015 RSA Presentation
IANS 2015 RSA PresentationIANS 2015 RSA Presentation
IANS 2015 RSA PresentationAndrew Sanders
 
Super CISO 2020: How to Keep Your Job
Super CISO 2020: How to Keep Your JobSuper CISO 2020: How to Keep Your Job
Super CISO 2020: How to Keep Your JobPriyanka Aash
 
The evolving threats and the challenges of the modern CISO
The evolving threats and the challenges of the modern CISOThe evolving threats and the challenges of the modern CISO
The evolving threats and the challenges of the modern CISOisc2-hellenic
 
Enterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEnterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEryk Budi Pratama
 
Ttss consulting(1)
Ttss consulting(1)Ttss consulting(1)
Ttss consulting(1)Steven Trom
 
GDPR project board deck (example)
GDPR project board deck (example)GDPR project board deck (example)
GDPR project board deck (example)Tommy Vandepitte
 
Data Security For Compliance 2
Data Security For Compliance 2Data Security For Compliance 2
Data Security For Compliance 2Flaskdata.io
 
2st Corporate Overview
2st Corporate Overview2st Corporate Overview
2st Corporate OverviewKarenLV
 

Recommended

IANS 2015 RSA Presentation
IANS 2015 RSA PresentationIANS 2015 RSA Presentation
IANS 2015 RSA PresentationAndrew Sanders
 
Super CISO 2020: How to Keep Your Job
Super CISO 2020: How to Keep Your JobSuper CISO 2020: How to Keep Your Job
Super CISO 2020: How to Keep Your JobPriyanka Aash
 
The evolving threats and the challenges of the modern CISO
The evolving threats and the challenges of the modern CISOThe evolving threats and the challenges of the modern CISO
The evolving threats and the challenges of the modern CISOisc2-hellenic
 
Enterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEnterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEryk Budi Pratama
 
Ttss consulting(1)
Ttss consulting(1)Ttss consulting(1)
Ttss consulting(1)Steven Trom
 
GDPR project board deck (example)
GDPR project board deck (example)GDPR project board deck (example)
GDPR project board deck (example)Tommy Vandepitte
 
Data Security For Compliance 2
Data Security For Compliance 2Data Security For Compliance 2
Data Security For Compliance 2Flaskdata.io
 
2st Corporate Overview
2st Corporate Overview2st Corporate Overview
2st Corporate OverviewKarenLV
 
A day in the life of a CISO (and advice for people looking to come into the C...
A day in the life of a CISO (and advice for people looking to come into the C...A day in the life of a CISO (and advice for people looking to come into the C...
A day in the life of a CISO (and advice for people looking to come into the C...Dimitrios Stergiou
 
GPS - Corporate Overview
GPS - Corporate OverviewGPS - Corporate Overview
GPS - Corporate OverviewTawnia Beckwith
 
From Cave Man to Business Man, the Evolution of the CISO to CIRO
From Cave Man to Business Man, the Evolution of the CISO to CIROFrom Cave Man to Business Man, the Evolution of the CISO to CIRO
From Cave Man to Business Man, the Evolution of the CISO to CIROPriyanka Aash
 
Discovery, Risk, and Insight in a Metadata-Driven World Webinar
Discovery, Risk, and Insight in a Metadata-Driven World WebinarDiscovery, Risk, and Insight in a Metadata-Driven World Webinar
Discovery, Risk, and Insight in a Metadata-Driven World WebinarConcept Searching, Inc
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'aFahmi Albaheth
 
BOLD Business Security
BOLD Business SecurityBOLD Business Security
BOLD Business SecurityBOLD Business
 
Security services mind map
Security services mind mapSecurity services mind map
Security services mind mapDavid Kennedy
 
(SACON) Ramkumar Narayanan - Personal Data Discovery & Mapping - Challenges f...
(SACON) Ramkumar Narayanan - Personal Data Discovery & Mapping - Challenges f...(SACON) Ramkumar Narayanan - Personal Data Discovery & Mapping - Challenges f...
(SACON) Ramkumar Narayanan - Personal Data Discovery & Mapping - Challenges f...Priyanka Aash
 
Cybersecurity solution-guide
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guideAdilsonSuende
 
Threat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the OutsideThreat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the OutsideDLT Solutions
 
Trofi Security Service Catalogue (1)
Trofi Security Service Catalogue (1)Trofi Security Service Catalogue (1)
Trofi Security Service Catalogue (1)Michael Trofi Jr. CISSP, CISM, CGEIT
 
(SACON) Sameer anja - Privacy in Technology: Kickstart of the Hackathon
(SACON) Sameer anja - Privacy in Technology: Kickstart of the Hackathon (SACON) Sameer anja - Privacy in Technology: Kickstart of the Hackathon
(SACON) Sameer anja - Privacy in Technology: Kickstart of the Hackathon Priyanka Aash
 
The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)PECB
 
What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017Doug Copley
 
2016 overview of lexis nexis risk solutions 16x9_march 8 2016
2016 overview of lexis nexis risk solutions 16x9_march 8 20162016 overview of lexis nexis risk solutions 16x9_march 8 2016
2016 overview of lexis nexis risk solutions 16x9_march 8 2016Kyle Etheridge, CFE
 
Isaca new delhi india privacy and big data
Isaca new delhi india privacy and big dataIsaca new delhi india privacy and big data
Isaca new delhi india privacy and big dataUlf Mattsson
 
COBIT
COBITCOBIT
COBITTelkom Institute of Management
 
Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3Doeren Mayhew
 
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...Myths and realities of data security and compliance - Isaca Alanta - ulf matt...
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...Ulf Mattsson
 
20161021 JS Cybersecurity Service Proposal
20161021 JS Cybersecurity Service Proposal20161021 JS Cybersecurity Service Proposal
20161021 JS Cybersecurity Service ProposalCarl Bradley Pate
 
Derek J Mezack Resume 2015-AppSec_k
Derek J Mezack Resume 2015-AppSec_kDerek J Mezack Resume 2015-AppSec_k
Derek J Mezack Resume 2015-AppSec_kDerek Mezack
 
Resume_STrofimov
Resume_STrofimovResume_STrofimov
Resume_STrofimovSilviu Trofimov
 

More Related Content

What's hot

A day in the life of a CISO (and advice for people looking to come into the C...
A day in the life of a CISO (and advice for people looking to come into the C...A day in the life of a CISO (and advice for people looking to come into the C...
A day in the life of a CISO (and advice for people looking to come into the C...Dimitrios Stergiou
 
GPS - Corporate Overview
GPS - Corporate OverviewGPS - Corporate Overview
GPS - Corporate OverviewTawnia Beckwith
 
From Cave Man to Business Man, the Evolution of the CISO to CIRO
From Cave Man to Business Man, the Evolution of the CISO to CIROFrom Cave Man to Business Man, the Evolution of the CISO to CIRO
From Cave Man to Business Man, the Evolution of the CISO to CIROPriyanka Aash
 
Discovery, Risk, and Insight in a Metadata-Driven World Webinar
Discovery, Risk, and Insight in a Metadata-Driven World WebinarDiscovery, Risk, and Insight in a Metadata-Driven World Webinar
Discovery, Risk, and Insight in a Metadata-Driven World WebinarConcept Searching, Inc
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'aFahmi Albaheth
 
BOLD Business Security
BOLD Business SecurityBOLD Business Security
BOLD Business SecurityBOLD Business
 
Security services mind map
Security services mind mapSecurity services mind map
Security services mind mapDavid Kennedy
 
(SACON) Ramkumar Narayanan - Personal Data Discovery & Mapping - Challenges f...
(SACON) Ramkumar Narayanan - Personal Data Discovery & Mapping - Challenges f...(SACON) Ramkumar Narayanan - Personal Data Discovery & Mapping - Challenges f...
(SACON) Ramkumar Narayanan - Personal Data Discovery & Mapping - Challenges f...Priyanka Aash
 
Cybersecurity solution-guide
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guideAdilsonSuende
 
Threat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the OutsideThreat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the OutsideDLT Solutions
 
(SACON) Sameer anja - Privacy in Technology: Kickstart of the Hackathon
(SACON) Sameer anja - Privacy in Technology: Kickstart of the Hackathon (SACON) Sameer anja - Privacy in Technology: Kickstart of the Hackathon
(SACON) Sameer anja - Privacy in Technology: Kickstart of the Hackathon Priyanka Aash
 
The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)PECB
 
What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017Doug Copley
 
2016 overview of lexis nexis risk solutions 16x9_march 8 2016
2016 overview of lexis nexis risk solutions 16x9_march 8 20162016 overview of lexis nexis risk solutions 16x9_march 8 2016
2016 overview of lexis nexis risk solutions 16x9_march 8 2016Kyle Etheridge, CFE
 
Isaca new delhi india privacy and big data
Isaca new delhi india privacy and big dataIsaca new delhi india privacy and big data
Isaca new delhi india privacy and big dataUlf Mattsson
 
Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3Doeren Mayhew
 
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...Myths and realities of data security and compliance - Isaca Alanta - ulf matt...
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...Ulf Mattsson
 
20161021 JS Cybersecurity Service Proposal
20161021 JS Cybersecurity Service Proposal20161021 JS Cybersecurity Service Proposal
20161021 JS Cybersecurity Service ProposalCarl Bradley Pate
 

What's hot (20)

A day in the life of a CISO (and advice for people looking to come into the C...
A day in the life of a CISO (and advice for people looking to come into the C...A day in the life of a CISO (and advice for people looking to come into the C...
A day in the life of a CISO (and advice for people looking to come into the C...
 
GPS - Corporate Overview
GPS - Corporate OverviewGPS - Corporate Overview
GPS - Corporate Overview
 
From Cave Man to Business Man, the Evolution of the CISO to CIRO
From Cave Man to Business Man, the Evolution of the CISO to CIROFrom Cave Man to Business Man, the Evolution of the CISO to CIRO
From Cave Man to Business Man, the Evolution of the CISO to CIRO
 
Discovery, Risk, and Insight in a Metadata-Driven World Webinar
Discovery, Risk, and Insight in a Metadata-Driven World WebinarDiscovery, Risk, and Insight in a Metadata-Driven World Webinar
Discovery, Risk, and Insight in a Metadata-Driven World Webinar
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'a
 
BOLD Business Security
BOLD Business SecurityBOLD Business Security
BOLD Business Security
 
Security services mind map
Security services mind mapSecurity services mind map
Security services mind map
 
(SACON) Ramkumar Narayanan - Personal Data Discovery & Mapping - Challenges f...
(SACON) Ramkumar Narayanan - Personal Data Discovery & Mapping - Challenges f...(SACON) Ramkumar Narayanan - Personal Data Discovery & Mapping - Challenges f...
(SACON) Ramkumar Narayanan - Personal Data Discovery & Mapping - Challenges f...
 
Cybersecurity solution-guide
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guide
 
Threat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the OutsideThreat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the Outside
 
Trofi Security Service Catalogue (1)
Trofi Security Service Catalogue (1)Trofi Security Service Catalogue (1)
Trofi Security Service Catalogue (1)
 
(SACON) Sameer anja - Privacy in Technology: Kickstart of the Hackathon
(SACON) Sameer anja - Privacy in Technology: Kickstart of the Hackathon (SACON) Sameer anja - Privacy in Technology: Kickstart of the Hackathon
(SACON) Sameer anja - Privacy in Technology: Kickstart of the Hackathon
 
The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)
 
What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017
 
2016 overview of lexis nexis risk solutions 16x9_march 8 2016
2016 overview of lexis nexis risk solutions 16x9_march 8 20162016 overview of lexis nexis risk solutions 16x9_march 8 2016
2016 overview of lexis nexis risk solutions 16x9_march 8 2016
 
Isaca new delhi india privacy and big data
Isaca new delhi india privacy and big dataIsaca new delhi india privacy and big data
Isaca new delhi india privacy and big data
 
COBIT
COBITCOBIT
COBIT
 
Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3Aicpa tech+panel presentation t6 managing risks and security 2014 v3
Aicpa tech+panel presentation t6 managing risks and security 2014 v3
 
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...Myths and realities of data security and compliance - Isaca Alanta - ulf matt...
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...
 
20161021 JS Cybersecurity Service Proposal
20161021 JS Cybersecurity Service Proposal20161021 JS Cybersecurity Service Proposal
20161021 JS Cybersecurity Service Proposal
 

Viewers also liked

Derek J Mezack Resume 2015-AppSec_k
Derek J Mezack Resume 2015-AppSec_kDerek J Mezack Resume 2015-AppSec_k
Derek J Mezack Resume 2015-AppSec_kDerek Mezack
 
April2016 PM GregWithamResume
April2016 PM GregWithamResumeApril2016 PM GregWithamResume
April2016 PM GregWithamResumeGreg Witham
 
general_resume_12 1 linked in
general_resume_12 1 linked ingeneral_resume_12 1 linked in
general_resume_12 1 linked inJohn Masiliunas
 
Prakhar Sood-Resume-CV
Prakhar Sood-Resume-CVPrakhar Sood-Resume-CV
Prakhar Sood-Resume-CVPrakhar Sood
 
David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016David Patterson
 
KEVIN M Cerri.docx 1 3 17
KEVIN M Cerri.docx 1 3 17KEVIN M Cerri.docx 1 3 17
KEVIN M Cerri.docx 1 3 17Kevin Cerri
 
Resume Proposal - Supply Chain Logistics
Resume Proposal - Supply Chain LogisticsResume Proposal - Supply Chain Logistics
Resume Proposal - Supply Chain LogisticsPeggy A. Brooks
 
Max Bolen Resume 12202016
Max Bolen Resume 12202016Max Bolen Resume 12202016
Max Bolen Resume 12202016Max Bolen
 
CV Haris Sanahuja (2016)
CV Haris Sanahuja (2016) CV Haris Sanahuja (2016)
CV Haris Sanahuja (2016) Haris Sanahuja
 
Disaster Survivors Step By Step Action Plan To Find Assistance
Disaster Survivors Step By Step Action Plan To Find AssistanceDisaster Survivors Step By Step Action Plan To Find Assistance
Disaster Survivors Step By Step Action Plan To Find AssistanceHelen Maddox
 
Resume System Engineer 5 Yrs Exp.
Resume System Engineer 5 Yrs Exp.Resume System Engineer 5 Yrs Exp.
Resume System Engineer 5 Yrs Exp.Shashank Bhargava
 
naif alolaiwi-Resume
naif alolaiwi-Resumenaif alolaiwi-Resume
naif alolaiwi-Resumenaif alolaiwi
 
Lainna dobosz resume
Lainna dobosz resumeLainna dobosz resume
Lainna dobosz resumelainnadaz
 
Shelley Lowe's Resume General All Skill Sets (1)
Shelley Lowe's Resume General All Skill Sets (1)Shelley Lowe's Resume General All Skill Sets (1)
Shelley Lowe's Resume General All Skill Sets (1)Shelley Lowe
 

Viewers also liked (17)

Derek J Mezack Resume 2015-AppSec_k
Derek J Mezack Resume 2015-AppSec_kDerek J Mezack Resume 2015-AppSec_k
Derek J Mezack Resume 2015-AppSec_k
 
Resume_STrofimov
Resume_STrofimovResume_STrofimov
Resume_STrofimov
 
ODell - Resume
ODell - ResumeODell - Resume
ODell - Resume
 
April2016 PM GregWithamResume
April2016 PM GregWithamResumeApril2016 PM GregWithamResume
April2016 PM GregWithamResume
 
general_resume_12 1 linked in
general_resume_12 1 linked ingeneral_resume_12 1 linked in
general_resume_12 1 linked in
 
Prakhar Sood-Resume-CV
Prakhar Sood-Resume-CVPrakhar Sood-Resume-CV
Prakhar Sood-Resume-CV
 
David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016
 
KEVIN M Cerri.docx 1 3 17
KEVIN M Cerri.docx 1 3 17KEVIN M Cerri.docx 1 3 17
KEVIN M Cerri.docx 1 3 17
 
Resume
ResumeResume
Resume
 
Resume Proposal - Supply Chain Logistics
Resume Proposal - Supply Chain LogisticsResume Proposal - Supply Chain Logistics
Resume Proposal - Supply Chain Logistics
 
Max Bolen Resume 12202016
Max Bolen Resume 12202016Max Bolen Resume 12202016
Max Bolen Resume 12202016
 
CV Haris Sanahuja (2016)
CV Haris Sanahuja (2016) CV Haris Sanahuja (2016)
CV Haris Sanahuja (2016)
 
Disaster Survivors Step By Step Action Plan To Find Assistance
Disaster Survivors Step By Step Action Plan To Find AssistanceDisaster Survivors Step By Step Action Plan To Find Assistance
Disaster Survivors Step By Step Action Plan To Find Assistance
 
Resume System Engineer 5 Yrs Exp.
Resume System Engineer 5 Yrs Exp.Resume System Engineer 5 Yrs Exp.
Resume System Engineer 5 Yrs Exp.
 
naif alolaiwi-Resume
naif alolaiwi-Resumenaif alolaiwi-Resume
naif alolaiwi-Resume
 
Lainna dobosz resume
Lainna dobosz resumeLainna dobosz resume
Lainna dobosz resume
 
Shelley Lowe's Resume General All Skill Sets (1)
Shelley Lowe's Resume General All Skill Sets (1)Shelley Lowe's Resume General All Skill Sets (1)
Shelley Lowe's Resume General All Skill Sets (1)
 

Similar to Bill_Haase_Resume Dec 2015

Perennial systems corporate overview presentation
Perennial systems corporate overview presentationPerennial systems corporate overview presentation
Perennial systems corporate overview presentationPerennial Systems
 
MCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service PresentationMCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service PresentationWilliam McBorrough
 
MCGlobalTech Service Presentation
MCGlobalTech Service PresentationMCGlobalTech Service Presentation
MCGlobalTech Service PresentationWilliam McBorrough
 
Axis Technology - Consulting Overview
Axis Technology - Consulting OverviewAxis Technology - Consulting Overview
Axis Technology - Consulting OverviewAxis Technology, LLC
 
Best Software Development Company |Salesforce Consulting Services in Singapor...
Best Software Development Company |Salesforce Consulting Services in Singapor...Best Software Development Company |Salesforce Consulting Services in Singapor...
Best Software Development Company |Salesforce Consulting Services in Singapor...InfoDrive Solutions
 
CV of Mohan M
CV of Mohan MCV of Mohan M
CV of Mohan MMohan M
 
Nine HIPAA Compliance Questions to ask Yourself
Nine HIPAA Compliance Questions to ask YourselfNine HIPAA Compliance Questions to ask Yourself
Nine HIPAA Compliance Questions to ask YourselfLERNER Consulting
 
Certification+: The Most Comprehensive Compliance Solution
Certification+: The Most Comprehensive Compliance SolutionCertification+: The Most Comprehensive Compliance Solution
Certification+: The Most Comprehensive Compliance SolutionPYA, P.C.
 
Nassers Pitchbook 03032010
Nassers Pitchbook 03032010Nassers Pitchbook 03032010
Nassers Pitchbook 03032010Nasser J Khan
 
Nassers Pitchbook 03032010
Nassers Pitchbook 03032010Nassers Pitchbook 03032010
Nassers Pitchbook 03032010Nasser J Khan
 

Similar to Bill_Haase_Resume Dec 2015 (20)

MullaneyChrisER
MullaneyChrisERMullaneyChrisER
MullaneyChrisER
 
A smarter way to manage identities
A smarter way to manage identitiesA smarter way to manage identities
A smarter way to manage identities
 
Infoprive Brochure
Infoprive Brochure Infoprive Brochure
Infoprive Brochure
 
Perennial systems corporate overview presentation
Perennial systems corporate overview presentationPerennial systems corporate overview presentation
Perennial systems corporate overview presentation
 
S Rod Simpson Resume
S Rod Simpson ResumeS Rod Simpson Resume
S Rod Simpson Resume
 
MCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service PresentationMCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service Presentation
 
Accenture_JDs.pdf
Accenture_JDs.pdfAccenture_JDs.pdf
Accenture_JDs.pdf
 
MCGlobalTech Service Presentation
MCGlobalTech Service PresentationMCGlobalTech Service Presentation
MCGlobalTech Service Presentation
 
DEPL Consulting Brochure
DEPL Consulting BrochureDEPL Consulting Brochure
DEPL Consulting Brochure
 
Axis Technology - Consulting Overview
Axis Technology - Consulting OverviewAxis Technology - Consulting Overview
Axis Technology - Consulting Overview
 
Dhrub_Resume_New
Dhrub_Resume_NewDhrub_Resume_New
Dhrub_Resume_New
 
Best Software Development Company |Salesforce Consulting Services in Singapor...
Best Software Development Company |Salesforce Consulting Services in Singapor...Best Software Development Company |Salesforce Consulting Services in Singapor...
Best Software Development Company |Salesforce Consulting Services in Singapor...
 
CV of Mohan M
CV of Mohan MCV of Mohan M
CV of Mohan M
 
Resume
ResumeResume
Resume
 
Nine HIPAA Compliance Questions to ask Yourself
Nine HIPAA Compliance Questions to ask YourselfNine HIPAA Compliance Questions to ask Yourself
Nine HIPAA Compliance Questions to ask Yourself
 
Ahmed Helmy CV
Ahmed Helmy CVAhmed Helmy CV
Ahmed Helmy CV
 
ARITA Brochure
ARITA Brochure ARITA Brochure
ARITA Brochure
 
Certification+: The Most Comprehensive Compliance Solution
Certification+: The Most Comprehensive Compliance SolutionCertification+: The Most Comprehensive Compliance Solution
Certification+: The Most Comprehensive Compliance Solution
 
Nassers Pitchbook 03032010
Nassers Pitchbook 03032010Nassers Pitchbook 03032010
Nassers Pitchbook 03032010
 
Nassers Pitchbook 03032010
Nassers Pitchbook 03032010Nassers Pitchbook 03032010
Nassers Pitchbook 03032010
 

Bill_Haase_Resume Dec 2015

  • 1. William T Haase 333 1st Street Apt C108, Seal Beach CA 90740 (614) 323-9836, williamthaase@gmail.com http://www.linkedin.com/in/billhaase Expert in Security, Privacy, Integration Technologies with an ability to communicate complex ideas that develop a project and a team. Eclectic collection of talents & abilities to see data sets, patterns, technology, and use soft skills to bring people together to solve problems with experience in on site and off shore teams. My skills include areas of security, software architecture, data integration, and data communication technologies. I build revenue streams with these skills. Skills ● Cyber Security and Compliance Expert in Healthcare, Pharma and Financial Services ● Successful business development which has generated at least 20 million in new revenue from security services projects each year ● Proven track record of developing relationships as a trusted advisor ● Communication skills including writing, presentations and speaking ● Sales of services and software for security leveraging onsite and offshore model ● Presentation skills, and other soft skills which enable board room presentations and management decisions ● Management and team development leveraging an onsite / offshore model ● IT Security Thought Leadership using compliance requirements, industry standards and best practices ● Compliance alignment with control frameworks to integrate automation and processes ● Expert in Gap Analysis, Policy Development and Security Controls design and integration ● Planning and management of projects which mitigate delays for on time delivery ● IT Security and Software Expert with specialties in GRC and Identity and Access Management ● Listening, Diagnostics and Communication – Soft Skills ● An ability to integrate multiple domains of knowledge ● Developing and Closing Contracts and Partnerships in technology and consulting services ● Cross cultural integration, building teams, sound managers and leaders ● Consulting expert with no escalations but expertise with handling hostile clients ● Risk Identification and Management ● Identity and Access Management Expert with experience with Sailpoint, Tivoli, and Oracle ● Governance and Policy Expert (GRC) ● Measurement and the development of measures for processes and controls ● Compliance Expert for security and privacy regulation ● Legal and regulatory analysis with an ability to derive requirements ● Expert in diagnostics and root cause analysis – Roadmap development, planning and team building to achieve the results with measures that are demonstrable
  • 2. ● Expert in integration and architecture design of complex systems and code ● Multiple domain knowledge and thinking including Risk, Finance, Healthcare, Compliance, Security and Privacy expertise ● Expert in Identity and Access Management expert with governance and implementation experience with SailPoint ● Expert in GRC technologies including Archer, Modulo other Technologies and Processes ● Expert in Process development and policy development including NIST and ISO Standards ● Expert in Privacy and Security with Patents in Data Classification ● Developing requirements from regulation and law for information security and privacy including NERC-CIP, HIPAA, SOX, GLBA, EU Data Protection, SB1386, NIST 800 Series, PCI, FFIEC Information Security, ISO 27001, ISO 27002 and others ● Proven ability to identify client needs as well as communicate difficult and complex information. ● Extensive technical experience developing solutions and knowledge including networking, information security, privacy, systems architecture, SOA, and others. Experience Business Development and Sales Experience Currently I am helping develop and market cyber security services including IdM, GRC and Infrastructure Security for Healthcare and Pharma vertical markets and managing 14 accounts directly. In my last organization I served I met my sales targets every year for four years. I usually complete my sales target by end of February. Then work to expand that through the teams I manage. Last year I did a little over 20 million in new services revenue I have developed several new business offing’s include “Phase 0” assessments, workshops, and on site management of multiple projects called a “COE”. The assessments and workshops lead to “star-bursting” a client. This means multiple projects come from the initial engagement. I have extensive experience in writing Statements of Work that focus on client outcomes I have helped develop three security and privacy consulting practices – IBM, Oracle and Cognizant – I focus measures, market demand and the development and intellectual property. I look to add additional revenue to each services project by licensing intellectual property as a part of the services delivered. Partnership development and maintenance has been a key to adding additional revenue by leveraging my personal network and experience with vendors and clients.
  • 3. Information Security and Privacy Projects Developed information security risk assessment methodology for a healthcare company and executed it based on new compliance obligations, the integration of business objectives and corporate policies. Developed architecture for integration of SEIM data to develop and support GRC reporting for compliance of PCI and HIPAA Omnibus. Developed integration of Identity Management and Physical Security to automate the complete provisioning of a new worker (Employee, Contractor or temp) Developed new data integrity strategy and processes to clean data and “clean” authoritative” sources Developed Healthcare Security Offerings, delivery methodology and managed all Healthcare and Life Science Security Projects for one of the largest Global Consulting Companies. Developed 7 new managers and teams across several clients across the 7 different States in the US. Developed and delivered “Phase 0” Consulting Assessments and which delivered roadmaps for multiple projects at each client. Each roadmap developed for a client included at least 7 projects and multiple work streams to enable the client to reduce their risks and reach their compliance and business efficiency objectives. Developed and Delivered HIPAA Omnibus IT Risk Assessment offering and delivered this engagement at several large Healthcare Organizations. This included developing a IT Risk maturity model, Assessment tools and framework as well as IT Risk Register and mitigation roadmap. Developed and delivered offing’s in Identity and Assessment for healthcare, Insurance and International Banking clients. Including the delivery with Oracle suite, SailPoint and Tivoli Products. This included developed custom entitlement management systems for two large banks and the implementation of Identity Management and Identity Governance programs at several Healthcare companies, retail companies and media companies. Developed security requirements integrating NERC-CIP and corporate security standards for an Identity Management Infrastructure which included systems integration and enterprise architecture. Developed and designed a new consulting methodology for demonstrable compliance based on aligning policy, standards and requirements to controls and audit trail artifacts. Served as a subject matter expert in security and privacy concerns for clients. Expert in Privacy and Security architecture and management. Key delivery focus starts with policies, management processes and application architecture for application, network, system, and operational security, and on the proper handling and protection of personal information for privacy. Demonstrated ability to turn policies into procedures and system architecture design for software, databases and networks.
  • 4. Developed compliance requirements matrix for data protection and privacy controls. This included all national and international law governing data transfers, and sensitive data types using in delivery of financial services. Served as lead technical architect on the development of custom integrated security services software architecture for a large insurance company. This effort included discovery and development of security requirements and development of a security services architecture for a diverse computing environment that included over 50 mainframes, 1,000's of UNIX servers and thousands of Microsoft NT servers. This effort required the integration of IBM's software development method using UML and Rational Rose and security principles and services that provided common security services across and beyond the enterprise. Developed a patent in the area of data classification which was used as the basis for multiple consulting engagements to support enterprise security and privacy programs globally. Developed HIPAA assessment and remediation methodology which was used at four of the largest Blue Cross Blue Shield insurance companies. Served as the technical director for the Oracle Protected Enterprise Practice and developed the offerings and methodology to deliver customer results. One of the founding consultants for the IBM Privacy Practice which developed patents and methodology to enable organizations to meet privacy compliance requirements globally. Application Development Projects Served as lead integration architect for a Medicaid Portal for a large us Healthcare Payor. This included developing the a federated identity management services and access management services for the Portal integration with several internal systems. Served as a trusted advisor and lead security architect for several large projects including a joint venture between Oracle and a large service provider offering turn-key outsourcing solutions for human resource management. Resulting in a turn-key system supporting multiple fortune 100 companies including many in financial services. Developed and designed a new SOA based authorization service for the largest auto insurance company. This had strict performance and compliance requirements. In addition, this component had to be able to support all the companies’ platforms including mainframe, UNIX and MS NT Servers. Designed and developed a SOA based credit card processing service that including requirements from the Payment Card Industry Security Standard. Designed and developed complete stock and bond trading system, Asset-backed bond analysis and aggregation system and automated trading systems for investment banks, investment management companies and pension systems.
  • 5. Software Implementation Projects Developed and implemented a new Identity Management and access control software implementation methodology which would support compliance requirements for banking and insurance companies operating in the United States. Developed and led the implementation of new methodology for multi-product security software solutions including three first of kind solutions;New authorization system, Data migration, cleansing and privacy controls, data protection for privacy and PCI compliance. Designed, integrated and packaged solutions for supporting regulatory compliance around COTS software solutions including SAP, Siebel and PeopleSoft. Identified and developed integrated security software sales solutions around regulatory compliance requirements for Sarbanes-Oxley, PCI, HIPAA, GLB, FFIEC Information Security, Basel II, and NIST 800 Series. This included developing sales support presentations, white papers and other sales support tools. Consulting Experience and Expertise Develop, manage and sell consulting services including assessments, policy development engagements and security architecture upgrades to meet regulatory compliance obligations. Develop the organization's methodology and intellectual property including The Baseline set of policies, standards, procedures and controls. Developed, managed and implemented a method for delivering consulting services which maximized the value to the client derived from skills, repeatable processes and methodology and intellectual property. Served as one of the developers for the Method for Architecting Secure Solutions at IBM Serve as an industry expert and public speaker at conferences and standards bodies for IT Governance, Risk, and Compliance (GRC). Served on OASIS standards development committees and Liberty Alliance Developed strategy, whitepapers and books for privacy, HIPAA, SOX and PCI compliance Work Employment History WiPro – Senior Practice Manager – Sales – Oct 2015 to Present Cognizant – Associate Director – June 2011 – Sept 2015
  • 6. Logic Trends – Senior Manager – June 2009 – April 2011 Independent Security Consulting - August 2007 – May 2009 Oracle – Principal & Associate Director – January 2006 – July 2007 IBM – Managing Consultant & Senior Technical Specialist – January 2001 – November 2005
  • 7. Experience Deriving Requirements from Law, Regulation and Standards ISO 27001, ISO 27002 NIST 800 Series (including 800-171 and 800-39) OECD Privacy Principles NERC-CIP Gramm-Leach Bliley Act California SB 1386 HIPAA Payment Card Industry Security Standard Basel II: International Convergence of Capital Measurement and Capital Standards – A Revised Framework BIS Sound Practices for the Management and Supervision of Operational Risk Standards for Safeguarding Customer Information - FTC 16 CFR 314 Privacy of Consumer Financial Information - FTC 16 CFR 313 Safety and Soundness Standards - Appendix of OCC 12 CFR 30 Federal Financial Institutions Examination Council - Information Security Formal Education and Professional Training ● Bachelor of Science degree from Ohio State University with majors in Marketing and Finance and Minor in Computer Science ● Certified IBM Consultant ● Certified Tivoli Engineer ● Certification as a Novell Network Engineer ● Certified Netscape Consulting Engineer ● A founder and Chairman of the Board of Directors for the Network Professionals Association ● Experienced speaker on network security, eBusiness systems and systems integration ● HIPAA Consultant with experience in the development of the security and privacy sections of the law ● Extensive marketing strategy development and training in emerging markets