Profiles search
Marshall Lambert
Manager, Information Security Risk Management at Performance Food Group
Conshohocken, PA, United States
Details
Experience:
2022 : Present
Performance Food Group
Manager, Information Security Risk Management
Responsible for building and coaching a world-class team of analysts who serve as decision support between intertwined business and security objectives.
Oversee a multi-tiered cloud IaaS/PaaS use case authorization process, leading multiple operational security teams and IT stakeholders
Manage cyber risk quantification program, including executive-level top risk scenario reporting and ROI analyses for budgeted security projects
Manage security control assessments for all technologies that store, process, or transmit sensitive information
2021 : 2022
Highmark Health
Team Manager, Cyber GRC
- Responsible for defining cyber risk quantification tactical applications/services and developing associated procedures, process diagrams, sales pitches, etc
- Responsible for creation of a quantified enterprise-level cyber risk dashboard, tying in qualitative control assessment work, and leveraging a GRC tool (Archer) to continuously update
- Training/education of both internal team members and external individuals regarding the FAIR methodology and risk quantification in general
- Define business unit-level risk scoring in conjunction with FAIR for escalating decision-making and deliverable content
- Define scoping exercises and delineation between varying depth of analysis approaches for services
- Organize and run the Pittsburgh FAIR chapter
- Serve as change agent (cultural advisor) to GRC director, providing cultural risk assessment and associated mitigation plans
2018 : 2021
Highmark Health
Information Risk Consultant
2017 : 2018
Highmark Health
Associate Information Risk Consultant
Performance Food Group
Manager, Information Security Risk Management
Responsible for building and coaching a world-class team of analysts who serve as decision support between intertwined business and security objectives.
Oversee a multi-tiered cloud IaaS/PaaS use case authorization process, leading multiple operational security teams and IT stakeholders
Manage cyber risk quantification program, including executive-level top risk scenario reporting and ROI analyses for budgeted security projects
Manage security control assessments for all technologies that store, process, or transmit sensitive information
2021 : 2022
Highmark Health
Team Manager, Cyber GRC
- Responsible for defining cyber risk quantification tactical applications/services and developing associated procedures, process diagrams, sales pitches, etc
- Responsible for creation of a quantified enterprise-level cyber risk dashboard, tying in qualitative control assessment work, and leveraging a GRC tool (Archer) to continuously update
- Training/education of both internal team members and external individuals regarding the FAIR methodology and risk quantification in general
- Define business unit-level risk scoring in conjunction with FAIR for escalating decision-making and deliverable content
- Define scoping exercises and delineation between varying depth of analysis approaches for services
- Organize and run the Pittsburgh FAIR chapter
- Serve as change agent (cultural advisor) to GRC director, providing cultural risk assessment and associated mitigation plans
2018 : 2021
Highmark Health
Information Risk Consultant
2017 : 2018
Highmark Health
Associate Information Risk Consultant
Company:
Performance Food Group
About
Envisioning a world where the best cybersecurity decision is available at a moment's notice.
Profile Photo
