Information Security Officer
Responsible for the development, implementation, and management of policies, procedures, standards, controls, and awareness for Information Security best practices in UW-Platteville's Information Technology environments. Coordinate the mitigation of security threats, vulnerabilities, and risks to include preventative measures, disaster recovery (DR), and business continuity planning (BCP). Work with senior management, business partners, the UW-System, and auditors in the development and implementation of compliance with applicable laws e.g. PCI-DSS, HIPAA, FERPA, etc.
- Identified gaps in current business process recovery capabilities. Created multi-phased plan for analysis and implementation of BCP/DR framework including planning, technical capacity, exercises and reporting.
- Analyzed environment to identify security awareness needs and coordinated procurement and implementation of a security awareness tool.
- Worked with internal partners and external consultants to identify gaps, needs, and best practices for PCI compliance.
- Served as interim Co-Chair of the [company name] Technology and Information Security Council (UW-TISC)