Information Security Leader Seeking a Great Opportunity
- Clearwater, Florida (Tampa/St. Petersburg, Florida Area)
- Computer & Network Security
Chris Trautwein's Overview
Chris Trautwein's Summary
I am a seasoned information security leader with 16 years of professional experience that possesses the necessary combination of business acumen and technical skills required to develop and lead security programs. I excel at leading information security teams by motivating and empowering team members to develop and utilize the skills necessary to continuously improve the security program and themselves. I succeed by understanding that security is a critical business support function that must work effectively with business units to enable the organization to accomplish its goals and objectives
Chris Trautwein's Experience
Chief Information Security Officer
Nonprofit; 51-200 employees; Information Technology and Services industry
October 2009 – May 2014 (4 years 8 months) Clearwater, FL
• As (ISC)2's first CISO, developed and lead information security and physical security programs resulting in the company having no publically disclosed breaches during my tenure.
• Developed security strategy and adjusted as necessary to ensure continuous alignment with corporate strategy, goals, and objectives.
• Managed all financial aspects of the security program including budgeting, expense monitoring, and contract negotiations.
• Performed all aspects of security personnel management including hiring, professional development, and performance management.
• Performed vendor management activities including: establishing and maintaining excellent rapport; enforcing SLAs; and continuous performance monitoring.
• Performed project management activities ensuring successful completion of security projects on-time and within budget.
• Performed extensive business process reengineering to establish repeatable processes that maximized the organization’s return on investment in technology and personnel resources.
• Developed, documented, and implemented all information security policies and procedures.
• Performed annual risk assessment and reported results to executive management and technical personnel. Used assessment results as input for strategy development/modification and continuous security program improvement.
• Evaluated and selected all security technologies deployed in the environment including firewall, IPS, SIEM, vulnerability assessment, application control, and antivirus.
• Designed incident response process and directed incident response activities.
• Implemented vulnerability assessment, management, and remediation program to effectively assess actual risk and prioritize vulnerability remediation activities.
• Developed, documented and tested organization's Business Continuity Plan.
Director, Information Security & Network Services Consulting Practice
Privately Held; 51-200 employees; Management Consulting industry
June 2005 – October 2009 (4 years 5 months) Tampa/St. Petersburg, Florida Area
• Provided information security, IT audit, and regulatory compliance consulting services for organizations in a wide variety of industries including retail, hospitality, manufacturing, healthcare, government and professional services.
• Performed internal and external vulnerability assessments for organizations in industries including financial services, retail, manufacturing, and local government.
• Successfully lead a multi-year business process improvement project resulting in the consolidation of nine disparate business systems into a single CRM system resulting in a multi-million dollar annual savings for the client.
• Lead or participated in numerous information security program management consulting engagements including strategy development, independent staffing evaluations, security solution selection and implementation.
• Performed PCI compliance assessments for retail organizations. Formerly certified as a PCI Qualified Security Assessor (QSA).
• Consulted for numerous organizations performing SOX IT general controls audits on behalf of internal audit.
• Developed Business Continuity Plan for an international retail organization.
Chris Trautwein's Volunteer Experience & Causes
Chris Trautwein's Skills & Expertise
- Information Security
- Computer Security
- Network Security
- Information Security Management
- Vulnerability Management
- Vulnerability Assessment
- Penetration Testing
- IT Audit
- ISO 27001
- Security Audits
- PCI DSS
- Identity Management
- Information Assurance
- Application Security
- Security Architecture Design
- Business Continuity Planning
- Security Policy
- Security Awareness
- Computer Forensics
- Data Security
- IT Management
- Risk Assessment
- Incident Response
- Business Continuity
Chris Trautwein's Publications
Official (ISC)2 Guide to the SSCP CBK, Second Edition
Authors: Chris Trautwein
- Auerbach Publications
- December 15, 2010
Authored the Risk, Response, and Recovery chapter for the Official (ISC)2 Guide to the SSCP CBK
Chris Trautwein's Certifications
- August 2004
- June 2007
Chris Trautwein's Education
Chris Trautwein's Additional Information
Contact Chris for:
- career opportunities
- consulting offers
- new ventures
- job inquiries
- expertise requests
- business deals
- reference requests
- getting back in touch