Scottard Banks

• Collaborated with medical professionals to communicate patient needs with accuracy and speed using hospital and medical codes.
• Maintained levelheadedness and efficiency in high-pressure situations, effectively prioritizing tasks to save lives and provide medical care.
• Conducted equipment and vehicle checks to maintain continuous and safe operation.
• Utilized oxygen tanks, EKG and IVs to perform various medical procedures.B
• Administered CPR, oxygen and other life-saving medical treatments.
• Immobilized patient for placement on stretcher and ambulance transport.

• Develop and implement a strategic, long-term information security strategy and roadmap to ensure that UCT’s information assets are adequately protected.
• Work with senior leaders across the business to assess and communicate acceptable levels of risk.
  Identify, evaluate, and report on information security risks, practices and projects to the Executive Committee and the Board of Directors, and provide subject matter expertise on security standards and best practices (e.g., FFIEC, Dodd-Frank, SOX, PCI, etc.).

Develop, mentor, and manage a high performing staff of information security professionals.
Chair the information security steering committee (or governance board, or advisory board).
Develop the Board’s understanding of security beyond a ‘compliance-only’ view.
Lead the development of up-to-date information security policies, procedures, standards, and guidelines, and oversee their approval, dissemination, and maintenance.
Ensure that the security management program is in compliance with applicable laws, regulations, and contractual requirements.
Act as the champion for the enterprise information security program and foster a security-aware culture.
Oversee the evaluation, selection and implementation of information security solutions that are innovative, cost-effective, and minimally disruptive.
Partner with enterprise architects, infrastructure, and applications teams to ensure that technologies are developed and maintained according to security policies and guidelines.
Manage regular intrusion detection and vulnerability reporting, internal and external IT audit groups reviews, and the coordination of all required fixes.
Develop business metrics to measure the effectiveness of the security management program and increase the maturity of the program over time.

• Monitor the industry and external environment for emerging threats and advise relevant stakeholders on appropriate courses of action.
• Liaison with law enforcement and other advisory bodies as necessary to ensure that the organization maintains a strong security posture.
• Oversee incident response planning and the investigation of security breaches, and assist with any associated disciplinary, public relations and legal matters.
• Oversee and lead the creation, communication, and implementation of a process for managing vendor risk and other third-party risk.
• Lead due diligence and post integration activities related to information security for all M&A activity.
• Organized professional with expertise in managing resources and optimizing performance. Proficient in providing valuable insights and supporting decision-making processes. Committed to enhancing productivity and contributing to overall success.

• IoT SmartHome, automation solution company
• Creation of overall strategy around risk, privacy, compliance, and internal audit program
• That interacts with Sales, product, engineering, operation, and physical security
• Developed and implemented the overall global privacy strategy and framework
• Creation of overall responsible disclosure and intake system for continuous testing of every product and service offering deployed
• Facilitated and identified security framework for COVID-19 and work-from-home protocol
• Implementation and coordination of certification and attestation
• obtained ISO 27001:2013 certification and SSAE 18- SOC 2 Type II
• Expanded within AWS and architecture of fully redundant solutions and compliance within production services
• Implemented ISMS with no exclusion with full creation of policy library, vendor, vulnerability, risk, and internal audit function
• Creation of a 5-year security roadmap and KPI for governance structure and board reporting
• Lead initiative to convert SOW and Manual to workflows that are being automated
• Designed and implemented of security awareness LMS that leverages animation, gamification, and interactive training
• Creation of content for marketing and external websites
• Working with shareholders to implement and coach other holding companies
• Implementation of Salesforce, HRIIS, and automation tool security
• Auditor and author of Internal Audit framework, schedule, and reporting
• Implementation and administration of security controls, CI/CD scans, technical security, and WAF security controls as well as directory and SAML 2.0 and Auth 2.0 profiles data
• Creation of data dictionary and security controls and retention and risk statements
• Development of (Alliance/ Consortium) to help shape reasonable industry standards in the vertical to ensure proper, effective, and efficient security solutions and interop.
• Managed new hire trainings and onboarding to educated employees on company policies and procedures.
• Investigated information security breaches to identify vulnerabilities and evaluate damage.
• Promoted security awareness among employees and clients to alleviate risks and breaches.
• Analyzed security procedure violations and developed plans to prevent recurrence.
• Audited networks and security systems to identify vulnerabilities.
• Worked closely with fellow security personnel to remedy and alleviate technology issues.
• Used penetration testing tools to identify weaknesses in security systems. As part of organizationAl bug bounty program.
• Mentored junior employees in departmental activities and procedures.

• Web-based Physical Therapy EMR Solution
• Creation of a comprehensive certified risk-based information security program and governance structure
• Design and development of risk-based methodology and information security program
• Obtained ISO 27001:2013 certification over EMR, Medical billing, and operational support organization(s), HITRUST rating 5, PCI -DSS 3.2 certification (Marketplace and Salesforce) Design and implementation of Information Security Architecture and
• Secure SDLC that includes cloud providers (AWS, Gsuite, and
• Azure) and private data center Creation of an AI-based orchestration incident response framework that included 3rd party and customer monitoring, with the integration of SIEM and smart response threat protection
• Designed and Implementation of comprehensive risk escalation
• Alignment of awareness program and gamification that align high risk (phishing, ransomware, and extortion ware trending) Budget forecasting and management of financial spending, ROI, and TCO
• Reduce yearly spending by highly effective negotiation and partnership
• Management of multi-location security professionals across 9 states and offshore and nearshore personnel.
• Engineered and oversaw [Type] environment by developing zones and aliases.

• University of California healthcare system
• Oversight and management of t UC medical system with mentoring & development of 12 university management systems
• Established and trained CISOs across the systems and criteria for evaluation
• Creation of organizational structures based on the NIST CSF framework
• Scottard Banks
• Executive Risk and Information Security
• Senior level Information Security and Risk executive who innovates and enhances security and risk programs
• Dedicated professional and certified:
• C-CISO, CRISC, CISSP, NSA IAM, ISO
• Communicated and enforced compliance with state and local laws while emphasizing company standards of professionalism and safety.
• Used two-way communication to generate enthusiasm and foster atmosphere receptive to open exchange.
• Inspected security systems to maintain consistent operational availability and to detect evidence of tampering.
• Warned violators of rule infractions and escorted unauthorized persons off premises.
• Maintained calm composure during emergencies while communicating with local law enforcement and emergency response services.

• We are a non-profit, local healthcare organization known for community service and outstanding medical quality
• Our organization encompasses; - 5 Magnet designated acute care hospitals - 11,000 employees
• Created a role to address overall deficits and weaknesses, in the absence of a structured information security program
• Performed Hitech audit on all IoT and address FDA security absence in the solution being put into the organization
• Created strategic information security program and roadmap
• Provided annual State of Security presentation to the Board of
• Directors and auditing board on risk
• Introduced a cost-reducing process based on Six Sigma to address acquisition, mergers, and joint development
• Reduced Technology costs by negotiating best-of-breed vetting
• Deputy CIO /CISO Xerox HRO
• Managed new hire trainings and onboarding to educated employees on company policies and procedures.
• Analyzed system risk to identify and implement appropriate security countermeasures.
• Audited networks and security systems to identify vulnerabilities.
• Worked closely with fellow security personnel to remedy and alleviate technology issues.
• Reviewed security bulletins and vulnerability patch releases.
• Mentored junior employees in departmental activities and procedures.
• Collaborated with stakeholders to implement and update disaster recovery plans.
• Researched and designed advanced computer forensic tools.

• (NYSE: XRX) is a technology leader that innovates the way the world communicates, connects, and works
• Designed and Implemented SAAS/PAAS/IAAS security solution and security services for Xerox's HRO solution
• Which included IdP, WAF, IDS/IDP, SIEM, database encryption, and DLP
• Designed risk management scorecards that were presented graphically
• Managed data center operations from 5 to 2
• Provided implementation and guidance in SOW and contractual solution, and provided compliance and security effectiveness against EU Xerox Corporation (NYSE: XRX) is a technology leader that innovates the way the world communicates, connects, and works Privacy Act
• Obtained regulation and certification; SSAE 16 SOC I Type and ISO 27001:2013
• As well as vendor management protocols that reduced risk and accounted for vendor interaction.

• Managed new hire trainings and onboarding to educated employees on company policies and procedures.%
• Managed new hire trainings and onboarding to educated employees on company policies and procedures.
• Advanced technical features and improved performance of network hardware.
• Managed organizational security posture by monitoring networks for potential threats, cyber espionage, malware and internal sabotage.
• Analyzed system risk to identify and implement appropriate security countermeasures.
• Promoted security awareness among employees and clients to alleviate risks and breaches.
• Worked closely with fellow security personnel to remedy and alleviate technology issues.
• Used penetration testing tools to identify weaknesses in security systems.
• Designed, implemented and maintained security systems and controls.
• Adaptable individual with exceptional interpersonal skills and talent for building relationships. Known for delivering outstanding service and enhancing client satisfaction. Focused on fostering positive interactions and creating collaborative environment.
• Developed strong organizational and communication skills through coursework and volunteer activities.
• Proved successful working within tight deadlines and a fast-paced environment.
• Developed strong communication and organizational skills through working on group projects.
• Versatile professional with strong problem-solving skills and history of adapting to diverse challenges. Applies innovative solutions and technical expertise to deliver exceptional results. Committed to streamlining processes and advancing organizational objectives.
• Demonstrated leadership skills in managing projects from concept to completion.
• Managed time efficiently in order to complete all tasks within deadlines.
• Maximized performance by monitoring daily activities and mentoring team members.

• (ASU) for a well-rounded college education
• The research university offers a wide variety of bachelor's, master's, and doctoral degree programs, with more than 250 majors
• Planned, designed, and implemented a fully robust security program that adhered to HIPAA, FERPA, PCI-DSS 3.0, DoD, FISMA, GLBA, and local and state laws and regulations
• Lead University-wide, security and compliance committee
• Architecture and engineering of overall awareness program for 75000 students, 5000 staff, and 800 faculty guests yearly
• Appointed to the Pandemic and Virginia Tech security initiative enabling AI-based review solutions
• Engaged to add to legal and security compliance contracts and requirements
• Designated HIPAA, Negotiated Statewide contracts for IdM, Vulnerability Management for ASU, NAU, and UofA
• Maintained a high-security environment that aligned with FISMA, NIST, and FIPS requirements
• With highly restricted environments based on DoD with a Bio-design facility
• Addressed problems quickly and reported clear information while working under minimal supervision.
• Developed and grew staff competencies through team development, implementation and support of specific training for various responsibilities.
• Oversaw safety of guests, employees and and assets by enforcing and regulating security policies and procedures and monitoring and maintaining security systems.

• Teradata leverages all of the data, all of the time, so customers can analyze anything, deploy anywhere, and deliver analytics that matters most to them
• And we do it on-premises, in the Cloud, or anywhere in between
• Created a delivery system of security services to support customer engagements
• Reviewed and aligned security programs with legislation and state and federal requirements
• Created solutions to support manufacturing banking and government security organization
• OCC, Federal Reserve, and OTS bodies were key parties represented
• Maintained and developed customer security solutions based on engagement and SOW requirements
• Management financials and time forecasting to maintain the budget and add value.
• Informed students and parents of policies and procedures regarding student behavior and disciplinary actions.
• Resolved various situations to cultivate strong student and parent relationships.

• First Command Financial Services creates customized financial plans for members of the United States Military
• Established security programs in banking and
• Implemented Information Security Program, Disaster Recovery,
• FFIEC Audit
• Open-Source IPS solutions implementation
• Policy and Procedure Development and approval

• Designed follow the sun VPN solution, 2fa, ROI/TCO model and business case Vulnerability management, VPN 99.999% uptime security solutions

• Optimized website exposure by analyzing search engine patterns to direct online placement of keywords or other content.
• Utilized graphic design software to prepare storyboards and mock-ups.
• Optimized text, graphics or multimedia assets for SEO or display and usability on internet-connected devices.
• Evaluated new emerging media or technologies and made recommendations for application within internet marketing or search marketing campaigns.
• Identified issues, analyzed information and provided solutions to problems.

• Identified potential risk exposure to develop corrective action plans.
• Conducted program analysis to improve efficiency and cost-effectiveness of operations.

• Created and supported West Pop and infrastructure for networks, and Sonnet implementations IETF task force on domains, and MPLS
• PERSONAL PROJECTS
• Elliptical Block chaining Using ECC to generate blockchain with less energy consumption
• Risk-Based Artificial Intelligence _ RAI platform and cloud agents help facilitate the risk posture and integration of any risk-based tool for integration and compile risk strategies and safeguards with predictive analysis
• Successfully deployed server overhaul of both wired and wireless networks, completing projects ahead of anticipated deadline.
• Reviewed system logs to determine usage levels, bandwidth, performance and system security to target inefficiencies and implement appropriate solutions.
• Effectively managed variety of mission-critical network tasks, which included vulnerability and application patching, data backups and network configurations.
• Performed root cause analysis of problems, documented faults in tracking system and generated daily reports.