Profiles search
David Taylor - CISSP
Vice President- Information Security Officer at Savings Bank of Danbury
New York, NY, United States
Details
Experience:
2020 : Present
Savings Bank of Danbury
Vice President-Information Security Officer
Manager, Security Operations
Responsible for Oversight and continuity of Cyber Security Operations and incident response to support merger of GE’s Transportation business with Wabtec. Scope expansion to include the commercial product portfolio, as well as legacy Wabtec infrastructure and operations.
Duties included TSA and project delivery around transition to MSSP services, Siem and EDR solutions, SNOW and process automation and optimization in accordance with NIST and ISO frameworks. Stakeholder for cyber security to related projects around infrastructure/firewall strategy, Vendor management, AD design, HPA, VPN, as well as data protection/DLP.
2019 : 2019
Wabtec Corporation
Manager- Cyber Security Operations
Security Operations program manager for the business with many delegated CISO responsibilities including : Incident Response, Vulnerability management, Metrics and Reporting, ISO 27002 and SOx Compliance, Third Party Security oversight, Firewall Security oversight, JV and acquisition security. Cloud security response and architecture development and strategy.
2013 : 2019
General Electric (GE)
Security Operations Program Manager- IT Security-GE Transportation
Tasked with reducing the operational risks of over 25,000 endpoints via the use of data driven action and a suite of security tools. Expansion of prior role to include Server devices and the GIS business customer population. Responsible for release and development review, and signoff for all infosec related deployments.
Key Contributions :
Provided wing to wing security architecture guidance and leadership to our IT governance and SDLC tollgates processes
Sarbanes Oxley- Control owner for both Ensure System Security, and Manage Operations elements of compliance related documentums for GE corporate.
Kicked off and led the most successful patching drive in company history, reducing aged patching defects by 99.5 %
Developed framework to allow thourough actionable reporting and client support for the GIS business populations
Created and maintained Server Build configuration standards to which all server deployments are configured with and audited to abide by
2009 : 2013
General Electric Corporation
Information Security leader- GE Corporate
Challenged with the task to manage and improve our enterprise-wide information-security operations program, oversee efforts to identify and evaluate all critical systems and processes. Design and implement security processes and procedures and perform cost benefit analysis on all recommended strategies. Collaborate with internal and cross-business teams to share efforts to reduce duplicity and achieve broader standardization. Conducted and coordinated in-depth compliance audits and penetration testing, presenting all results to senior management.
Key Contributions :
Provided wing to wing security architecture guidance and leadership to our IT governance and SDLC tollgates processes
Sarbanes Oxley- Control owner for multiple DS 5.x controls, documented and submitted for GE corporate.
Developed and maintained Infosec scanning and metric reporting for over 10,000 endpoints, 500 Applications, and 300 subnets.
Designed, maintained and improved workflows for all departmental operational activities
Succesfully led deployment of a Network Access Control solution to allow real time assessment and remediation of endpoints utilizing our network resources
Led steering committee to oversee and implement company-wide policies and procedures governing corporate security, email and Internet usage, access control, and incident response.
2007 : 2009
GE
GE Corporate Security Operations Leader-GE Corporate
Savings Bank of Danbury
Vice President-Information Security Officer
Manager, Security Operations
Responsible for Oversight and continuity of Cyber Security Operations and incident response to support merger of GE’s Transportation business with Wabtec. Scope expansion to include the commercial product portfolio, as well as legacy Wabtec infrastructure and operations.
Duties included TSA and project delivery around transition to MSSP services, Siem and EDR solutions, SNOW and process automation and optimization in accordance with NIST and ISO frameworks. Stakeholder for cyber security to related projects around infrastructure/firewall strategy, Vendor management, AD design, HPA, VPN, as well as data protection/DLP.
2019 : 2019
Wabtec Corporation
Manager- Cyber Security Operations
Security Operations program manager for the business with many delegated CISO responsibilities including : Incident Response, Vulnerability management, Metrics and Reporting, ISO 27002 and SOx Compliance, Third Party Security oversight, Firewall Security oversight, JV and acquisition security. Cloud security response and architecture development and strategy.
2013 : 2019
General Electric (GE)
Security Operations Program Manager- IT Security-GE Transportation
Tasked with reducing the operational risks of over 25,000 endpoints via the use of data driven action and a suite of security tools. Expansion of prior role to include Server devices and the GIS business customer population. Responsible for release and development review, and signoff for all infosec related deployments.
Key Contributions :
Provided wing to wing security architecture guidance and leadership to our IT governance and SDLC tollgates processes
Sarbanes Oxley- Control owner for both Ensure System Security, and Manage Operations elements of compliance related documentums for GE corporate.
Kicked off and led the most successful patching drive in company history, reducing aged patching defects by 99.5 %
Developed framework to allow thourough actionable reporting and client support for the GIS business populations
Created and maintained Server Build configuration standards to which all server deployments are configured with and audited to abide by
2009 : 2013
General Electric Corporation
Information Security leader- GE Corporate
Challenged with the task to manage and improve our enterprise-wide information-security operations program, oversee efforts to identify and evaluate all critical systems and processes. Design and implement security processes and procedures and perform cost benefit analysis on all recommended strategies. Collaborate with internal and cross-business teams to share efforts to reduce duplicity and achieve broader standardization. Conducted and coordinated in-depth compliance audits and penetration testing, presenting all results to senior management.
Key Contributions :
Provided wing to wing security architecture guidance and leadership to our IT governance and SDLC tollgates processes
Sarbanes Oxley- Control owner for multiple DS 5.x controls, documented and submitted for GE corporate.
Developed and maintained Infosec scanning and metric reporting for over 10,000 endpoints, 500 Applications, and 300 subnets.
Designed, maintained and improved workflows for all departmental operational activities
Succesfully led deployment of a Network Access Control solution to allow real time assessment and remediation of endpoints utilizing our network resources
Led steering committee to oversee and implement company-wide policies and procedures governing corporate security, email and Internet usage, access control, and incident response.
2007 : 2009
GE
GE Corporate Security Operations Leader-GE Corporate
Company:
Savings Bank of Danbury
About
Solutions oriented GE groomed, current CISSP, and formerly GSEC certified IT Security leader with notable success directing a broad range of corporate IT initiatives while participating in planning and implementation of information-security solutions in direct support of business objectives.
Profile Photo
