Roderick Kaleho

Head of Cybersecurity | IAM | Public Speaker

Minneapolis, MN, United States

Details

Experience: Provide vision and leadership (strategic & tactical) across the security, risk, and privacy domains with proven record of building highly efficient and effective cybersecurity programs.

• Architected People-Process-Technology engine as a ‘security bus’ to automate and orchestrate all security activities in horizontal workflows saving 30% time and a significant workforce multiplier.

• Perform project and baseline service control reviews to ensure enterprise risk posture is maintained through BAU activity.

• Established automated KPI reporting across security and privacy frameworks (SOX, PCI, NIST, ISO, HIPAA, GDPR, GLBA) meeting regulatory and compliance objectives as well as providing executive leadership with real time risk visibility.

• Through solution and SME personas, drove utilization visibility, standardized processes and procedures, customized role-based training and skill development, product roadmap & strategy, and solution use case mapping and rationalization to provide cutting-edge visibility-risk-issue identification and resolution.

• Reduced internal search time by 25% and operational inefficiencies by 75% by consolidating institutional knowledge.

• Integrated security controls into security architecture framework and patterns to enable secure deployments and closed loop exception processes.

• Doubled team throughput in six months by driving motivation & inspiration, mentoring, aggressive cross-training, consolidating all work efforts into Azure DevOps; efforts established immediate credibility as a consultant and provided assurances to a large and concerned stakeholder contingent.

2021 : Present

LogicRiver

Head of Cybersecurity Transformation

Advise and consult on strategic direction for the security program. Mature security discipline verticals and enhance technology talent pool transition into corporate full time roles.

2017 :

Century College - Company

Information Security Advisory Board

Led 50-person cross-functional team composed of Architecture, Engineering, Access Management and Operations talent in driving advanced self-service functionality and automation inside of the security department.

2018 : 2021

Cargill

Director Security and Risk, IAM, Self Service and Automation

Developed the vision and guided 22-person cross-functional team in upleveling core processes for identity and access management (IAM), network, database, endpoint security, content filtering, data protection, encryption and cryptography. Brought a forward-thinking approach to addressing emergent security threats, and executed large-scale technology upgrades. Partnered effectively B2E, BEB and B2C.

2015 : 2018

MoneyGram International

Head of Information Security Engineering, IAM and Automation

Built a state-of-the-art InfoSec program, crystallized 9 disparate departmental functions into a cohesive eCommerce security offering, and managed all aspects of $10M security portfolio for Target.com. Authored a comprehensive suite of Security and Policy guidelines in alignment with broader company objectives.

2010 : 2015

AT&T

Senior Information Security Manager - Functional CISO

Company: LogicRiver

About

Addressing Cybersecurity root causes simultaneously address multiple symptoms. A systematic approach to automation, intake & service delivery, security architecture, end-to-end process mining, discovery, and deployment are all necessary to advance in the cybersecurity race.

My Unique Action Plan

• Automate the cybersecurity back-office to address speed, complexity, and visibility challenges

• Transform and operationalize Institutional Knowledge Management as a means to enable Intelligent Automation

• Automate and Streamline cybersecurity consulting and engagement to enable self-service and rapid technology adoption

• Customize dashboards for all stakeholder both inside and out of the security organization

• Top tier skillset advancement

Cybersecurity Management

• Team Development

• Institutional Knowledge Management

• Security Program Automation & Orchestration

• Solution optimization and rationalization

• Security Consulting & Briefings

• Service Management

Identity & Access Management

• IAM Governance & Framework

• Request, Approval, & Provisioning

• Access Review & Certification

• Authentication & Authorization

• Privileged Access Management

• Monitoring, Reporting, & Analytics

• Role & Rule Management

Governance Risk & Compliance

• Policies, Procedures, Standards, Guidelines

• GDPR, PCI, HIPAA, Sarbanes-Oxley

• Security Frameworks – NIST, ISO, SCF

• Project Risk Management

• Service BAU Risk Management

Security Architecture

• Manual and Automated security architecture patterns

• Technical and Procedural Control Mapping

• Enhanced exception management process

• Baseline security standards

• 3rd Party Security evaluation and selection

• Solution evaluation and selection

• Threat modeling engagements

• On-prem, Hybrid, and Cloud environments

• SABSA & TOGAF methodologies

Security Operations

• Patch management

• SIEM deployment and Operations

• Threat and Vulnerability Management

• Asset Management

• Asset reconciliation

• Incident Management

• Playbook development and maturity

Application Security

• Web Application Firewall deployment and operations

• Secure coding reviews

• Session Management