Samsung Research America

Director Information Security

Information security executive with experience leading a risk-based information security program, developing security policy and creating a security-aware culture. A systemic thinker and communicator who can influence stakeholders to reduce organizational risk. Specialities • Governance, Risk and Compliance (GRC) • Security Policies, Standards, Procedures • Risk Assessment, Classification, Mitigation • Data Privacy, PII • Security Awareness • Identity and Access Management (IAM) • Program, Project Management • 3rd Party / Vendor Risk Management • Change Management • Physical Security • Regulatory Requirements: Sarbanes-Oxley (SOX), GDPR, HIPAA, PCI DSS • Security Frameworks: NIST, COBIT, SSAE16, SOC2, ISO 27001/2

Nashville

Tennessee

Information Technology and Services