Profiles search
William Davenport, CRISC, CISSP
Information Security
Columbus, OH, United States
Details
Education:
Masters
Forensic Accounting
Florida Atlantic University
2010 : 2012
BA
Philosophy, Logic
Furman University
2002 : 2007
Forensic Accounting
Florida Atlantic University
2010 : 2012
BA
Philosophy, Logic
Furman University
2002 : 2007
Experience:
2021 : Present
TradeCentric
Senior Information Security Manager
Risk Management :
- Assess risks posed to the environment from all sources and identify controls required to remediate or lower risk
- Oversee resolution of risk remediation and create exceptions when needed
- Respond to client security questionnaires and represent the firm during audits
- Helped establish security awareness and phishing programs
Vendor Management :
- Develop security requirements for new applications based on security criticality and organizational - policies
- Establish notification and event tracking criteria on high-risk vendors
- Establish security checkpointss and designed security questionnaires for the project lifecycle
- Assess third party vendors using SIG/Lite, Prevalent, and Bitsight
- Procured, developed, administered, and maintained GRC tool. Tool used to :
---- Maintain and automate policy document authorization, version tracking, and exceptions
---- Document all risks and audit findings (IT Security and Internal Audit) as well as automate risk resolution process
---- Risk assess all enterprise applications
---- Establish metrics and related presentations for senior leadership
Policy Management :
- Created new business and IT security policies aligned to ISO, NIST, and the Standard of Good Practice (SoGP). Sidley was awarded ISO 27001 certification
- Aligned policies to business objectives, mission statement, and current capabilities of all facets of IT
- Review 3rd party penetration test results and work with system owners to remediate any findings
GDPR Preparedness
- Worked with privacy function to create and document application assessments and related privacy impact assessments
- Interviewed business and IT owners to identify application data owners and applicability of GDPR
- Created metrics to present to senior leadership that represent interview process, identified in-scope applications, and assessment completion status
2014 : 2020
Sidley Austin LLP
Sr. Information Security Analyst - Governance, Risk, and Compliance
Use tools such as ArcSight, LogRhythm, SiteProtector, Juniper Netscreen Manager, and TippingPoint to analyze IDS / IPS events. Provide endpoint threat management via McAfee ePolicy Orchestrator and mitigate issues as needed. Design, create, and deliver reports on client-dependent metrics. Gather and retrieve data to meet client audit specifications.
2011 : 2014
Hewlett-Packard Enterprise Services
Network Security Analyst
2008 : 2009
Palmetto Citizens Federal Credit Union
IT Operator
Math tutor for Algebra, Algebra 2, and Geometry. Instructed students from middle school through high school one-on-one via Tutor.com's chat and shared drawing space ("white board") software.
2005 : 2008
Tutor.com
Tutor II
TradeCentric
Senior Information Security Manager
Risk Management :
- Assess risks posed to the environment from all sources and identify controls required to remediate or lower risk
- Oversee resolution of risk remediation and create exceptions when needed
- Respond to client security questionnaires and represent the firm during audits
- Helped establish security awareness and phishing programs
Vendor Management :
- Develop security requirements for new applications based on security criticality and organizational - policies
- Establish notification and event tracking criteria on high-risk vendors
- Establish security checkpointss and designed security questionnaires for the project lifecycle
- Assess third party vendors using SIG/Lite, Prevalent, and Bitsight
- Procured, developed, administered, and maintained GRC tool. Tool used to :
---- Maintain and automate policy document authorization, version tracking, and exceptions
---- Document all risks and audit findings (IT Security and Internal Audit) as well as automate risk resolution process
---- Risk assess all enterprise applications
---- Establish metrics and related presentations for senior leadership
Policy Management :
- Created new business and IT security policies aligned to ISO, NIST, and the Standard of Good Practice (SoGP). Sidley was awarded ISO 27001 certification
- Aligned policies to business objectives, mission statement, and current capabilities of all facets of IT
- Review 3rd party penetration test results and work with system owners to remediate any findings
GDPR Preparedness
- Worked with privacy function to create and document application assessments and related privacy impact assessments
- Interviewed business and IT owners to identify application data owners and applicability of GDPR
- Created metrics to present to senior leadership that represent interview process, identified in-scope applications, and assessment completion status
2014 : 2020
Sidley Austin LLP
Sr. Information Security Analyst - Governance, Risk, and Compliance
Use tools such as ArcSight, LogRhythm, SiteProtector, Juniper Netscreen Manager, and TippingPoint to analyze IDS / IPS events. Provide endpoint threat management via McAfee ePolicy Orchestrator and mitigate issues as needed. Design, create, and deliver reports on client-dependent metrics. Gather and retrieve data to meet client audit specifications.
2011 : 2014
Hewlett-Packard Enterprise Services
Network Security Analyst
2008 : 2009
Palmetto Citizens Federal Credit Union
IT Operator
Math tutor for Algebra, Algebra 2, and Geometry. Instructed students from middle school through high school one-on-one via Tutor.com's chat and shared drawing space ("white board") software.
2005 : 2008
Tutor.com
Tutor II
Company:
TradeCentric
Years of Experience:
18
Skills
Active Directory, Analysis, CISSP, Computer Security, Disaster Recovery, Firewalls, IDS, Information Security, Information Security Management, IPS, Management, Microsoft Office, Network Security, Security, System Administration, Technical Support, Training, Troubleshooting, Vulnerability Assessment
Profile Photo
