ALLY FINANCIAL
12 billion dollar financial services company focusing on consumer banking and auto financing
2013-2015
Senior Director, Threat Assessment and Protection Services

• Incident Response and Threat Intelligence: Led the creation of a security threat intelligence program and improvement in incident response program. This resulted in decreased response times and improved tracking of remediation activities.

• Security Operations: Hired majority of team after reorganization due to geographical change. Achieved total migration of people, documentation and processes within nine months, supporting multiple technologies, including multiple Intrusion Detection Systems (IDS), Data Loss Prevention (DLP), Anti-virus, Vulnerability Scanning, Security Incident and Event Management (SIEM), Firewalls, Database Access Monitoring and other security tools with no disruption of services or capabilities. Developed a program to identify services, supporting processes and supporting technologies and created documentation for processes, increasing operational efficiency across the team.

• Information Security Metrics: Completely revamped teams information security metrics reported to executive leadership, removing focus on activities completed to actionable, executive level information that directly led to more informed risk decisions. Metrics are actionable and understandable by executive leadership.

• Patching: Implemented a collaborative approach to partnering with IT organization in the remediation of vulnerabilities. Removed focus on reporting vulnerabilities and focused on actionable activities, including patching and other activities. This directly resulted in substantial reductions in unpatched/under patched systems and significantly decreasing vulnerability assessment findings.

• Governance Self Service Portal: initiated and created a portal that tracked operational activities, operational documentation, vendor tracking/documentation and other operational artifacts into centralized, cross referenced portal site. This site was available as needed to key oversight groups reducing impact to operational team members.