Resume

Career Profile

Chief Information Security Officer with experience in prestigious organizations: MIT Lincoln Labs, New York University, Hewlett-Packard, Electronic Data Systems (EDS), and Microsoft. Exceptional team-building ability to develop, lead, and strengthen cybersecurity operations.  Approach: build alliances, develop teams, and reduce costs while protecting business activities from unexpected interruptions from security threats.

Career Highlights

  • Developed, implemented, and managed strategic, enterpriselevel information security and IT risk management programs across government, academic, financial, and healthcare environments.
  • Collaborate with stakeholders to facilitate risk assessment and risk management processes.
  • Developed and managed risk management frameworks including compliance and auditing controls.
  • Strong, agile leadership to enterprise information security organizations and teams.
  • Nurtured a partnership culture within organizations and servant leadership to direct in-person and hybrid teams.
  • Leadership role with IT strategic planning and risk management across complex enterprises.

Professional Experience

Cyber Foundry
Providence, Rhode Island USA
01/2017 to present
Chief Information Security Officer (CISO) / Founder (CEO)

Consulting Practice:  A boutique cyber security consulting firm offering enterprise-level strategy and implementation services for small and medium businesses.  Consulting services include pragmatic and understandable cyber security strategy and operational capabilities, and Incident Response Training for Executives and Incident Responders.

New York University
New York, New York USA
01/2021 to 10/2021
Chief Information Security Officer (CISO) / Director of Detection, Response, and Forensics Teams

NYU is a top global research university with an annual academic and research revenue of $3.7bn.  As director of the Detection, Response, and Forensics department, I led global efforts to implement and manage a Security Operations Center (SOC) and managed internal, matrix, and multi-national teams to implement security services for 13 global sites.

Accomplishments:

  • Provided strong leadership to build stakeholder relationships and implement programs across schools, campuses, and varied constituents involving a high degree of consensus building.
  • Analyzed, distilled, and communicated operational processes for offshore movement.
  • Collaborator in business technology planning with a focus on contributing critical knowledge of systems and processes.
  • Developed and managed budgets, acquisition strategies and contracts, and third-party vendor management including requests for proposals and contract negotiations.

Massachusetts Institute of Technology (MIT) Lincoln Laboratory
Lexington, Massachusetts USA
11/2018 to 10/2020
Chief Information Security Officer (CISO) / Cyber Security Sector Manager

MIT Lincoln Labs is a Federally Funded, Research and Development Center with an annual research revenue of $1bn.  As the team leader for cyber security operations within the Information Technology division, my responsibilities included the development, implementation, and operation of all cyber security operations within DoD classified and unclassified environments.  This role extended into protecting unique and threat adverse environments under a high degree of external interest and sensitivity and potential security threats.

Accomplishments:

  • Developed, managed, and operated DoD classified and unclassified security operations centers (SOC) in compliance with CMMC, FISMA, NIST Risk Management Framework, NIST SP800-53, and NIST SP800-171 standards.
  • Implemented ACAS and related vulnerability management technologies for the support of DoD classified systems.
  • Partnered with researchers to leverage the unique skills of the lab to detect and deter cyber security threats using ahead-of-market insights and technologies.
  • Built collaborative, strategic relationships with stakeholders within the lab to advance the cyber security capability and culture.
  • Analyzed SOC tooling and procedures allowing a reduction of duplicate capabilities and provided normalized operating procedures which were then automated through a Security Orchestration Automation and Response (SOAR) platform. 
  • Created and monitored performance analytics to measure effectiveness.

eSentire
Waterloo Ontario Canada
09/2016 to 09/2018
Chief Information Security Officer (CISO) / Principal Security Strategist

A Managed Detection and Response (MDR) company, my primary role was as a consultant and virtual CISO to clients in the FinTech and Legal industries who were procuring security services from the team.

Accomplishments:

  • Performed comprehensive risk assessments and business impact analysis with remediations.
  • Partnered with clients to define their risk and map out long-term strategies for their operations.

Hewlett-Packard Enterprise (Electronic Data Systems – EDS)
Plano, Texas USA
05/2003 to 05/2016
Chief Information Security Officer (CISO) / Enterprise Architect

Accomplishments:

  • Team leader to implement security services for the Navy Marine Corps Intranet (NMCI) program with 400,000 users and 1m+ assets globally.  Functioned in DoD classified and unclassified environments.
  • Developed and implemented team-based, DHS Continuous Diagnostics and Monitoring (CDM) program winning a position on a $6bn contract.
  • Team leader to develop and pitch FedRAMP cloud solution offerings to the US Government.
  • Provided services as a Virtual Chief Information Security Officer (CISO) to commercial clients.
  • Served as a HIPAA Compliance Officer and Lead Security Architect for CMS-focused software development efforts.

Microsoft
San Diego, California USA
10/1999 to 05/2003
Consultant / Engineer

  • Provided deep technical diagnostics for kernel debugging and active directory operations.
  • Consulted with and helped clients implement key Microsoft technologies.

Winchester Hospital
Boston, Massachusetts USA
01/1998 to 10/1999
Manager, Information Technology

Managed a team responsible for all aspects of networking, server, and desktop support for a community healthcare provider.

New England Medical Center / Tufts
Boston, Massachusetts USA
01/1996 to 01/1998
Senior Consultant

Managed networking and server technologies for a regional healthcare provider.

St. Mary’s Health Services / Mercy Health Systems
Grand Rapids, Michigan USA
01/1992 to 01/1996
Senior Consultant

Managed networking and server technologies for a community healthcare provider.

Data Link Systems
South Bend, Indiana USA
01/1990 to 01/1992
Production Coordinator

Managed the Software Development Lifecycle (SDLC) and go-to-market (GTM) operations for a software development company.

Education

Master of Business Administration (MBA)
The University of Texas at Dallas, Graduated 2011

Master of Science (MS)
Information Technology specializing in Security

Capella University, Graduated 2008

Bachelor of Science (BS)
Computer Information Systems
Excelsior College, Graduated 2006

Certifications

(ISC)2 Certified Information Systems Security Professional (CISSP) #29867

ISACA Certified Information Security Manager (CISM) #1014442

ISACA Certified in Risk and Information Systems Controls (CRISC) #1004569

Microsoft Certified Systems Engineer (MCSE) #1793697

Microsoft Certified Information Technology Professional (MCITP) #1793697

Amazon Web Services Certified Cloud Practitioner (CCP) #01783372

Honors & Volunteer Activities

Mensa International High IQ Society
Security Special Interest Group Coordinator

Clearances

US Department of Defense
US Department of Homeland Security

Contact Information

11 S. Angell Street #417
Providence, Rhode Island 22046
+1 571 833 3000
ciso@billweber.io

Download Resume