JOHN RICHARDSON

Austin, TX 78745

[email protected]

https://www.linkedin.com/in/brainwerkz


Download PDF copy of my resume

Download PDF copy of my WGU capstone project


SUMMARY

Dedicated Senior Risk Manager with a proven track record of elevating Information Security and Risk Management programs. Possesses an in-depth grasp of security frameworks and standards, specializing in risk assessment, management, and compliance. Skilled in fostering collaboration across cross-functional teams to conduct thorough technology risk assessments and strategic operational realignment. Holds CISSP, PMP, and ITIL certifications, combining technical expertise with strong leadership acumen.

SKILLS

  • Risk Assessment and Management: Proficient in identifying, analyzing, and mitigating security risks and vulnerabilities in IT systems and networks.
  • Security Governance: Expertise in crafting and implementing robust security policies, procedures, and key risk indicators, fortifying organizational security.
  • Analytical and Problem-Solving Skills: Adept at dissecting complex security challenges, providing actionable insights, and spearheading effective risk mitigation strategies.
  • Communication and Collaboration: Exceptional communicator, known for seamless collaboration with stakeholders at all levels to orchestrate comprehensive technology and cybersecurity risk assessments.
  • Security Frameworks and Standards: Extensive knowledge and adherence to NIST Cybersecurity Framework, ISO 27001, CIS Controls, and PCI-DSS, upholding industry best practices.

EXPERIENCE

Technology Risk Manager, Senior

Charles Schwab (Financial Services)

08/2017 – Present

  • Pioneered the transformative Monitoring Metrics program, fortifying Cybersecurity Oversight to new heights.
  • Led as the Subject Matter Expert (SME) for SIEM and Security Data Sciences programs, establishing a gold standard in knowledge and leadership.
  • Engineered and executed validation programs for Information Technology Risk Management and Information Systems Risk Management, aligning meticulously with FFIEC IT Handbook and COBIT frameworks.
  • Seamlessly collaborated with the 1st, 2nd, and 3rd Lines of Defense as well as Business units to orchestrate all-encompassing technology and Cybersecurity risk assessments, ensuring no aspect was overlooked.
  • Provided technical SME support to empower other risk management teams in conducting annual Secure Software Development Lifecycle (SDLC) and Application assessments, driving excellence across the organization.

Owner

BrainWerkz (Professional Services Consulting)

02/2017 - 08/2017

  • Empowered SMBs through expert leadership in Network, Security, System Administration, and Project Management.

Manager, International I.T. Operations

360Training.com (Online training)

11/2015 - 02/2017

  • Initiated and led the Information Security program, cultivating an impregnable organizational environment.
  • Piloted transformative IT Security and Data Center process enhancements through meticulously scheduled audits.
  • Engineered Security Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs) for heightened oversight by Executive Management.
  • Crafted comprehensive policies and procedures for the Information Security program, harnessing the power of NIST 800-53, CIS SANS Top 20, and more.
  • Led in-depth Risk and Business Impact analyses, instating robust Disaster Recovery and Business Continuity policies.
  • Developed and delivered End-user security awareness training programs to fortify the human element of security.
  • Effectively implemented PCI-DSS compliance scans and secured certification utilizing OpenVAS.
  • Directed and guided a Globally Distributed Team across diverse functional areas of IT Operations.
  • Rolled out Governance, Risk, and Compliance (GRC) software, specifically Practical Threat Analysis (PTA), elevating security and compliance measures.
  • Established a Performance Measurement Framework, resulting in a significant boost in internal customer satisfaction.

Executive IT Director

Southern Careers Institute (Technical Training)

09/2013 - 08/2015

  • Forged and executed a comprehensive Information Security strategy transcending disciplines, meticulously aligned with NIST 800-53 standards.
  • Pioneered the development of Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs), empowering Executive Management with heightened oversight.
  • Played a pivotal role as a key contributor within the Executive Steering Committee, shaping strategic decision-making at the highest level.
  • Guided intensive Security Risk Impact assessments, Business Impact analyses, and Gap Analysis, fueling profound operational realignment.
  • Steered and inspired the IT operations team to an unassailable record of success.
  • Conducted exhaustive vendor assessments and selection processes, executing the integration of Microsoft Office 365, AZURE, and FIM technologies.
  • Revolutionized project deployments by integrating best practices from the Project Management Body of Knowledge, ensuring seamless execution and exceptional results.

EDUCATION

  • M.S. Cybersecurity and Information Assurance, WGU -- 01/2021
  • M.A. Humanities, University of Houston, Clear Lake, TX -- 05/1995
  • B.S. Behavioral Science, University of Houston, Clear Lake, TX -- 12/1991

CERTIFICATIONS

  • CISSP #425805
  • PMP #1504010
  • ITIL Foundations v3 & v4
  • IT Project+, COMP001004072318
  • MCSE, 2084689

ORGANIZATIONS

  • ISC2 and ISC2 Austin Chapter – CISSP Exam Writer (Multiple sessions)
  • Project Management International (PMI) and PMI-Austin Chapter
  • ISACA