Technology Risk, Security & Compliance
Technology Risk, Security & Compliance at Kaiser Permanente
|Recommendations||35 people have recommended Chen|
Join LinkedIn & access Chen's full profile
Technology Risk, Security & Compliance
Over 18 years of experience in both military and civilian Cyber Security. Experienced in Cyber Warfare, Critical Infrastructure Protection and Threat Analysis. Extensive work experience as a team leader, individual contributor, mentor and training program leader.
Specialties: Cyber Security, Management Consulting Services, IT Risk Management, Fraud Management, Information Security & Data Protection, Business Continuity, Information Systems Design and Architecture.
Acted as the company's CISO and designed a line of security new services such as Security Incident and Event Management (SIEM) systems and Security Operation Centers (SOC).
Responsible for regulatory compliance such as ISO27000, ISO 33201 for Business Continuity, ISO 20000 (ITIL), NIST, PCI DSS (SP1), COBIT 5,HIPAA, SOX and AICPA – Service Organization Control (SOC 2 &3, SSAE-16). Responsible for Governance, Risk Management and Compliance (GRC) organizational framework.
Cyber security and Information Technologies Risk Management leader. Experienced in Threat Analysis, Cyber Defense, Business Continuity and Disaster Recovery planning. Skilled in business development,team leadership and team development. Builds, develops and directs first-class security and governance teams. Designs and implements information security architecture and best practices for organizations with a wide variety of risk postures in complex and distributed environments. Excellent team collaboration and teaming skills; excellent coaching, mentoring and people development skills; strong communication, facilitation and presentation skills.
Experienced in both military and civilian Critical Infrastructure Protection, trained various military cyber defense teams.
Mentored and led the TCISO training program which was design to provide IS and IT experts with technological capabilities and a general understanding of the field of information security. I held the position of a leading instructor on IT Risk Management and Business Continuity, and one of the key instructors in the Certified Information Systems Security Professional (CISSP) exam preparation program sponsored by ISC².
Designed, build and mentored the TCRMO program which covers over 300 IT Risk Management topics, frameworks and methods. The program was examined and approved by a pedagogic committee of the Technion, Israel Institute of Technology, and includes a preparation boot camp toward the Certified in Risk and Information Systems Control (CRISC) exam sponsored by ISACA.
Professional management and business development of the Security and Privacy department in Deloitte. Direct management of 6 employees, responsible for the professional and technological directive and training of 120 Enterprise Risk Services (ERS) consultants; Professional management of strategic security projects; Prepared over 130 organizations from the Retail, Medical, Financial and Energy sectors for the PCI-DSS, ITIL, NIST, HIPAA, ISO, SOX and local banking information security regulations.
Responsible for a 24 month-long project preparing Israel’s largest bank for information security regulatory compliancy; Responsible for strategic information security project management in both the financial and Hi-Tech sectors; Responsible for regulatory risk assessments on critical enterprise systems such as AS/400, DWH, SQL and on-line trading; Consulted and certified retail and Hi-Tech companies on PCI DSS, NIST, ISACA Control Objectives for Information and Related Technologies (COBIT) 4.1 and the ISO27000.
Headed the Information Systems, Information Technologies & Security department of a global video conferencing enterprise; Direct management of 4 system, application and infrastructure specialists in the Israeli HQ and professional management of the company’s IT specialists in the US, Germany and China.
Management of 2 fully redundant network sites and 10 additional remote sites across the country, and direct management of 3 system and infrastructure specialists.
IT, Security and Communication specialist providing infrastructure support and maintenance for various clients such as insurance companies, banks, governmental and military institutes.
Assisted Yoram Orzach, Author
Member of the Certification and Conferences Committee
Voluntary community work with the Israeli Ministry of Education on Safe Internet for children, including lecturing in kindergartens and elementary schools.
Professional ISACA Training
Over 300 million professionals are already on LinkedIn. Find who you know.