Profiles search

Daniel Erickson

Senior Director of Information Security and Compliance at Total Wine & More
Bethesda, MD, United States

Details

Education: Cybersecurity Certificate Program

Cybersecurity

Ithaca College

2020 : 2020

Bachelor of Science - BS

Accounting & Information Systms (ACIS)

Virginia Polytechnic Institute and State University
Experience: 2023 : Present

Total Wine & More

Senior Director of Information Security and Compliance

2020 :

Ithaca College

Cyber Security Advisory Board Member

2021 : 2023

Total Wine & More

Director of Information Security and Compliance

2020 : 2021

The Risk Management Association

TPRM Steering Committee Member

• Leader of the Information Security and Third Party Risk Management departments within the Risk Management division, responsible for driving adoption of Information Security and risk management best practices

• Head of the Incident Management and Response team tasked with coordinating the investigation and resolution of all information and cyber security related incidents.

• Guided the enterprise through several major initiatives, including; implementing the CIS Top 20 control and benchmark framework, overseeing the Information and Cyber Security programs through an IT transformation from on-premise to Azure cloud, creating a third-party service level agreement (SLA) tracking program, leading the enterprise wide privacy program to address GLBA, GDPR, and CCPA concerns, and currently delivering a data discovery and classification project set to complete in Q1 2021.

• Managed the Information Security compliance program; which includes conducting the annual FFIEC risk assessment, reviewing critical SOC 1 and SOC 2 reports, and responding to audit findings identified by internal and external auditors.

2019 : 2021

Bryn Mawr Trust

SVP and Information Security Officer
Company: Total Wine & More
Years of Experience: 18

Skills

Analysis, Business Analysis, Business Communications, Business Intelligence, Business Process, Business Process Improvement, Business Strategy, Change Management, COBIT, Continuous Improvement, Contract Management, COSO, Cross-functional Team Leadership, Cyber-security, Cyber Risk Management, Data Analysis, Data Management, Disaster Recovery, Enterprise Risk Management, ERP, General Data Protection Regulation (GDPR), Governance, Internal Audit, International Business, ISACA, ISO 27001, IT Audit, IT Compliance, IT Strategy, Key Performance Indicators, Management, Management Consulting, NIST 800-53, Organizational Development, Policy Analysis, Process Improvement, Professional Communication, Project Coordination, Project Management, Project Portfolio Management, Risk Management, Sarbanes-Oxley Act, SDLC, SOC , Strategic Communications, Strategic Planning, Strategic Thinking, System Administration, System Implementations, Training, Enterprise Risk

About

Information Security expert with more than 17 years of experience in information security, privacy, data governance, regulatory compliance, risk management, strategic planning, and third-party risk management. Detail-oriented problem solver with the proven ability to deliver complex technical projects. Adaptable leader leveraging strong communication skills to drive national and international teams in achieving organizational goals for accuracy and efficiency.



Areas of Expertise:

PCI DSS, Sarbanes Oxley, FFIEC, SOC 1 and SOC 2 reporting

IT Compliance

Data Governance

Risk Management

Cyber Security

Information Security

Strategic Planning

IT Auditing

Business Continuity

Crisis Management

Incident Response

Third Party/Vendor Management