Michael Peters

Chief Information Security Officer CISO

June 2010 to Present

Directed all facets of information security operations for this international dominant cross-channel B2B, B2C commerce software development solution provider. The company’s progressive workforce model is comprised of employees operating predominantly from SOHO locations as well as International and Domestic business locations. Responsibilities include cloud security, data security, security architecture, threat & incident management, compliance, risk management, compliance activities, identity & access control, change management, business continuity, disaster recovery, forensics, and legal discovery.

• Led the company to its first progressive SSAE16 (SAS70) compliance certification with 100% success; a first among the Company’s peers.
• Provided PCI certification support to 100% of the firm’s clientele.
• Established the first profitable security service offering to the company’s portfolio adding significant progressive value add with a 70% average margin.
• Innovated secure and 100% PCI compliant commerce architecture within Cloud and Social Networking environments alleviating all client risk and reducing total client costs by 40%.
• Provided security, governance, and regulatory security services to CIO, CTO, CSO, CISO, CRO, General Counsel and other officers of many Fortune 500 client and partner companies.
• Created and implemented 100% of the organization’s originating Information Security & Technology Policy governance documentation sets based on ISO 27001/2 standards.
• Provided SOX audit support to 100% of the firm’s clients with requirements.
• Provided and implemented legal language for contractual business relationships in harmony with domestic and international cyberspace laws.
• Maximized operational stability, regulatory compliance, and security oversight by establishing first Change Advisory Board to handle change management and change controls.
• Enhanced operational success by creating the first Architectural Review Committee.

Chief Security Officer CSO

September 2009 to February 2010

Oversaw all information security for premier payment acceptance services company supporting >171,000 merchants and financial institutions in US and 11 other countries. Managed data security, security architecture, threat & incident management, compliance, risk management, physical security, executive protection, surveillance, identity & access control, change control, business continuity, disaster recovery, forensics, and legal discovery. Supervised team of 48 security professionals and seven direct managerial reports. Directed activities of outsourced domestic and offshore resources. Administered $8M+ budget.

• Created and implemented 100% of the organization’s originating Information Security & Technology Policy governance documentation sets based on ISO 27001/2 standards.
• Improved service delivery levels 500% and reduced costs 600% by upgrading enterprise-level identity management program to resolve customer and employee service disruptions.
• Enhanced operational success by creating the first Architectural Review Committee.
• Consolidated 100% of the corporate-wide compliance, regulatory, risk, and operational processes by implementing the first Enterprise Risk Management framework.
• Eliminated electronic and physical vulnerabilities by implementing and re-architecting enterprise-level, disaster-resistant, multi-tiered security infrastructure.
• Maximized operational stability, regulatory compliance, and security oversight by establishing first Change Advisory Board to handle change management and change controls.
• Routinely collaborated with Board of Directors, CIO, CTO, CRO, General Counsel, and other officers.

Chief Information Security Officer CISO

2007 to 2009

Directed corporate security operations for $166B Top 30 commercial bank with >1800 locations in 13 states. Supervised staff of four direct and 25 indirect reports. Administered $5M+ budget. Oversaw information security, risk management, change management, compliance, threat/incident management, data security, business continuity, disaster recovery, forensics, and legal discovery.

• Eliminated $1M+ in costs and risk by implementing internal enterprise forensics and E-Discovery program.
• Produced $1M in recurring savings by implementing consolidated identity management system.
• Dramatically improved IT security by leading business alignment initiative and implemented 100% of the organization’s originating Information Security & Technology Policy governance documentation sets based on ISO 27001/2 standards.
• Saved $500K+ in outsourcing expenses by implementing enterprise legal review and case management program to support corporate legal department.
• Facilitated two major acquisitions by leading integration of customer and employee information.
• Delivered $1M+ in savings by introducing holistic technology-based controls that eliminated employee waste and cyber-criminal activities.
• Served as Chairperson of Legal Hold Sub-Committee, Fraud Prevention Committee, and Change Advisory Board, and voting member of Record Retention Committee, IT Review Board, and MIS Steering Committee.
• Routinely collaborated with Board of Directors, CIO, CRO, General Counsel, and other officers.

Chief Information Officer - Director of Security Services

1999 to June 2007

Advising CIO-CSO supporting high-profile, Fortune 50, 100, and 500 companies. Planned and led complete engagements. Supervised international project teams.

• Created complete disaster recovery plan for Bank of America’s electronic data stores.
• Led information security and Sarbanes-Oxley (SOX) ISO 17799-2000 compliance initiative for First Data. Project encompassed Western Union and several other First Data companies.
• Directed SOX, HIPAA, FFIEC, PCI, FISMA and GLBA compliance projects for Humana. Implemented comprehensive compliance security audit framework based on ISO 27001/2, COBIT, ITIL, COSO, NIST, and other criteria.
• Managed SDLC and engineering of intrusion prevention IPS suite of products.
• Chief Architect for Holistic Operational Readiness Security Evaluation project, which delivered consolidated framework for legislative and industry security and IT operational requirements.
• Provided security, governance, and regulatory security services to CIO, CTO, CSO, CISO, CRO, General Counsel and other officers of many Fortune 50+ client and partner companies.

Information Security Consultant, DR DBA

January 2007 to May 2007

Information Security and Compliance Audit Consultant

October 2006 to January 2007

Information Security and Compliance Audit Consultant

June 2006 to October 2006

IT Auditor, Project Management - Compliance and Security

November 2005 to June 2006

Information Security and Compliance Audit Consultant

August 2005 to November 2005

Information Security and Compliance Audit Consultant

March 2005 to August 2005

Information Security Consultant, Project Management

March 2005 to March 2005

Information Security Consultant, Project Management

December 2004 to February 2005

Information Security and Compliance Audit Consultant

October 2004 to December 2004

Information Security and Compliance Audit Consultant

July 2004 to October 2004

Senior Information Security Engineer, Project Manager

July 2000 to July 2004

Senior Network Security Administrator

June 1998 to December 1999