Expert Details
Cyber Security and Information Technology
ID: 736089
Illinois, USA
He is licensed to practice law in Illinois and is a member of the United States Supreme Court Bar. Expert holds 24 professional designations in the areas of information security management, IT compliance, information privacy, fraud examination, IT audit, computer forensics, ethical hacking, business continuity planning, project management, cloud security, and process improvement, including the C|CISO, CISSP, CISM, CISA, CCSP, CIPP/US, CIPP/E, CIPM, CSSLP, PMP, CRISC, CGEIT, ISSMP, ISSAP, CFE, C|EH, CBCP, CCSK, DFCP, CIFI, CSOXM, CSOE, ITIL v3 Foundation, and Six Sigma Black Belt.
He holds an MBA from DePaul University's Kellstadt Graduate School of Business and a JD and an LLM in information technology and privacy law from the Expert Marshall Law School in Chicago. Expert has served as a director on several corporate and non-profit boards, is a regular speaker at industry conferences, and has served numerous clients in the legal, financial services, and healthcare industries as a freelance consultant. He is an advisor to YL Ventures GP, Ltd., Eclipz, Inc., Great North Labs, CloudSimple, CloudVector, OptimEyes, Inc., and ThirdPartyTrust. Expert was recognized as the Chicago CISO of the Year.
Education
| Year | Degree | Subject | Institution |
|---|---|---|---|
| Year: 2011 | Degree: Master of Laws (LLM) | Subject: Information Technology and Privacy Law | Institution: University of Illinois at Chicago |
| Year: 2011 | Degree: Juris Doctor (JD) | Subject: Law | Institution: University of Illinois at Chicago |
| Year: 2000 | Degree: Master of Business Administration (MBA) | Subject: Management Information Systems | Institution: DePaul University |
| Year: 1996 | Degree: Bachelor of Arts (BA) | Subject: Management Information Systems | Institution: University of Northern Iowa |
Work History
| Years | Employer | Title | Department |
|---|---|---|---|
| Years: 2019 to Present | Employer: Undisclosed | Title: Vice President and Chief information Security Officer | Department: Information Security |
Responsibilities:Lead an exceptionally talented group of information security professionals that includes teams focused on crisis management, security training and awareness, risk and compliance, identity management, managed file transfer, security engineering, security investigations, cyber intelligence, vulnerability management, security architecture, and application security. |
|||
| Years | Employer | Title | Department |
| Years: 2015 to 2019 | Employer: Paylocity Holding Corporation | Title: Vice President and Chief Information Security Officer | Department: Information Security |
Responsibilities:Assembled and led an extraordinary team of information security professionals that is responsible for ethical hacking, application security, penetration testing, security architecture, incident response, security strategy, forensic investigations, business continuity planning, disaster recovery, policy management, IT governance, IT compliance, third party service provider oversight, risk assessment, IT control design and implementation, vulnerability management, threat intelligence, audit coordination, security operations, security awareness training, information risk management, and privacy. |
|||
| Years | Employer | Title | Department |
| Years: 2011 to 2015 | Employer: Midland States Bancorp, Inc. | Title: Director of Information Security | Department: Information Security |
Responsibilities:Managed the information security program, coordinated IT audits and examinations, managed the business continuity planning and disaster recovery program, provided risk consulting services, performed vendor and acquisition due diligence, managed the service provider oversight / vendor management program, ensured compliance with legal and regulatory requirements, reported key risk indicators to the board, conducted risk assessments, oversaw security awareness training, developed and maintained policies and procedures, etc. |
|||
| Years | Employer | Title | Department |
| Years: 2008 to 2011 | Employer: Midwest Banc Holdings, Inc. | Title: Senior Vice President and Information Systems Security Officer | Department: Information Security |
Responsibilities:Managed the information security program, reported key IT risks to the board quarterly, developed and implemented policies and standards, ensured compliance with legal and regulatory requirements, managed the BCP / DRP program, managed the vendor and service provider oversight program, performed IT risk assessments, coordinated audits and examinations, performed control reviews and Sarbanes-Oxley Section 404 testing, administered the consumer privacy program, etc. |
|||
Career Accomplishments
| Associations / Societies |
|---|
| • Information Systems Audit and Control Association • Information Systems Security Association • International Association of Privacy Professionals • Association of Certified Fraud Examiners • United States Supreme Court Bar • Illinois State Bar Association |
| Licenses / Certifications |
|---|
| Expert is licensed to practice law in Illinois and is a member of the United States Supreme Court Bar. He holds 24 professional designations in the areas of information security management, IT compliance, information privacy, fraud examination, IT audit, computer forensics, ethical hacking, business continuity planning, project management, cloud security, and process improvement, including the C|CISO, CISSP, CISM, CISA, CCSP, CIPP/US, CIPP/E, CIPM, CSSLP, PMP, CRISC, CGEIT, ISSMP, ISSAP, CFE, C|EH, CBCP, CCSK, DFCP, CIFI, CSOXM, CSOE, ITIL v3 Foundation, and Six Sigma Black Belt. |
| Professional Appointments |
|---|
| • Licensed Attorney – Illinois Supreme Court – Admitted to Practice Law in 2011 • Member of the United States Supreme Court Bar – Admitted in June 2015 • Certified Chief Information Security Officer (C|CISO) – EC-Council • Certified Information Systems Security Professional (CISSP) – ISC2 • Certified Information Systems Auditor (CISA) – ISACA • Certified Information Security Manager (CISM) – ISACA • Certified in Risk and Information Systems Control (CRISC) – ISACA • Certified Cloud Security Professional (CCSP) – ISC2 • Certificate of Cloud Security Knowledge (CCSK) – Cloud Security Alliance • Certified Information Privacy Professional / United States (CIPP/US) – IAPP • Certified Information Privacy Professional / Europe (CIPP/E) – IAPP • Certified Information Privacy Manager (CIPM) – IAPP • Certified in the Governance of Enterprise Information Technology (CGEIT) – ISACA • Certified Secure Software Lifecycle Professional (CSSLP) – ISC2 • Information Systems Security Management Professional (ISSMP) – ISC2 • Information Systems Security Architecture Professional (ISSAP) – ISC2 • Certified Business Continuity Professional (CBCP) – DRII • Digital Forensics Certified Professional (DFCP) – DFCB • Certified Information Forensics Investigator (CIFI) – IISFA • Project Management Professional (PMP) – PMI • Certified Ethical Hacker (C|EH) – EC-Council • Certified Fraud Examiner (CFE) – ACFE • Certified Sarbanes-Oxley Manager (CSOXM) – SOX Institute • Certified Sarbanes-Oxley Expert (CSOE) – SOXCPA • ITIL v3 Foundation Certified – Office of Government Commerce – BCS-ISEB • Six Sigma Black Belt – American Society for Quality – Expert Rating |
| Awards / Recognition |
|---|
| • Chicago CISO of the Year Award – ISSA, ISACA, FBI InfraGard, AITP, and SIM • Managing Partner’s Achievement Award – Arthur Andersen LLP |
| Publications and Patents Summary |
|---|
| • Tribe of Hackers: Red Team – Wiley – Quoted Expert • CISOs Investigate: Vulnerability Management – Security Current – 2019 – Contributing Author • Life Inside the Perimeter: Understanding the Modern CISO – Nominet – 2019 – Quoted Expert • The CISO’s Days as Scapegoat Could Be Coming to an End – Wall Street Journal – 2019 – Quoted Expert • Tribe of Hackers – Threatcare Press – 2019 – Quoted Expert • Rating the Criticality of Data Assets – RiskSense Blog – 2019 – Co-Author • Get Ready for GDPR – Security Current – 2018 - Author • CISO Spotlight: Expert – Security Current – 2017 – Subject of Article • Open Source Software Provides Security – Security Current – 2017 – Quoted Expert • Gazing Ahead: Security Predictions – SC Magazine – 2016 – Quoted Expert • Is the Insurance Industry Keeping Up with Cyber Risk? – Asia Insurance Review – Co-Author • Next Stop for the CISO: The Office of the CIRO? – RSA Conference Blog – 2015 – Quoted Expert • Wise Words from CISOs at RSAC 2015 – RSA Conference Blog – 2015 – Quoted Expert • Why Neiman Marcus’ New CIO Matters – CyberDefenses Blog – 2014 – Quoted Expert • Security Guards – PM Network Magazine – 2014 – Quoted Expert • Banks Fighting on Two Fronts to Stop Intrusions – Security Magazine – 2014 – Quoted Expert • Chalk It Up: Boardroom Communication – SC Magazine – 2013 – Quoted Expert • Businesses Suffering from Cyber Warfare – Commercial Risk Europe Magazine – 2013 – Quoted Expert • COSO for CSOs – CSO Magazine – Author • The Future of Banking – ABA Banking Journal – 2012 – Quoted Expert • Revisiting Reader Privacy in the Age of the E-Book – The Expert Marshall Law Review – Author • Social Networking: Open Discovery v. Privacy – Information Security & Privacy News – Author • Security Certifications: Who Decides Know-How? – SC Magazine – 2010 – Quoted Expert • PCI: A Foundation for Smart Business – SC Magazine – Quoted Expert • ITU Toolkit for Cybercrime Legislation – United Nations 2010 – Contributing Drafter • Complying with the Red Flag Rules – ISSA Journal – 2009 – Author • Certified Information Security Manager Exam Review Manual – ISACA – 2008 – Contributing Author • The Legality of Honeypots – ISSA Journal – 2008 – Author • E-Discovery and the Federal Rules of Civil Procedure – 2007 – IT Governance Publishing – Author • E-Discovery: Implications of the FRCP Changes – ISSA Journal – 2007 – Author • Internet E-Mail Security – ISSA Journal – 2005 – Author • MCSE: Windows NT Server in the Enterprise for Dummies – 1998 – IDG Books – Co-Author • MCSE: Windows NT Server for Dummies – 1998 – IDG Books – Co-Author |
Additional Experience
| Other Relevant Experience |
|---|
| Speaking Engagements • CISO Panel – Secure CISO Chicago Conference – February 2019 • The Evolution of Cybersecurity – Security Insight Summit – December 2018 • Cybersecurity for Highly Regulated Areas – Global Cyber Security Initiative Conference – November 2018 • Aligning Information Security to Business Goals – Security Leadership Exchange – September 2018 • Speaking to the Board – Security Leadership Exchange – May 2018 • Ransomware – SC Magazine Virtual Conference – May 2018 • Security Predictions – Secure CISO Chicago Conference – May 2018 • CISO Panel – Secure CISO Chicago Conference – June 2017 • How to Protect and Grow Your Security Budget – CampIT Risk and Security Conference – February 2017 • Ransomware – SC Congress Chicago – October 2016 • Mergers & Acquisitions: The Cyber Security Risks – Cyber Security Exchange – January 2016 • Securing Big Data – Global Security Conference – May 2015 • Don’t Get Left Behind: Transitioning from CISO to CIRO – RSA Conference USA – April 2015 • Interview with Brad Expert – Security Influencers Channel – Guest on Show – July 2014 • Electronic Discovery in the Cloud – Cloud Security Alliance – Chicago Chapter Meeting – July 2013 • How Security and the CSO Can Provide Business Value – CampIT Risk and Security Conference – May 2012 • Three ‘C’ Words You Need to Know: Custody, Control, and Cloud – RSA Conference USA – February 2012 |