Jim Rigney
Education:
M.S.
Technology Management
Stevens Institute of Technology
2006 : 2011
Post grad cert
Advanced Project Management
Stevens Institute of Technology
2006 : 2011
B.S.
Police Science
City University of New York-John Jay College of Criminal Justice
1990 : 1994
Experience:
Responsible for operationalizing Follett’s Information Security strategy, and roadmap, and leading the InfoSec team.
Responsible for overseeing all Security operations, projects, and Security infrastructure.
Responsible for an enterprise-wide information security management strategy and ensuring the execution of these plans.
Identify legal, regulatory, and contractual requirements and develop architecture and standards related to information systems.
Lead engineering teams to establish/implement/monitor/enforce a comprehensive security program to ensure appropriate levels of confidentiality, integrity, safety, privacy, and recovery of information controlled and processed by Follett.
2022 : Present
Follett Higher Education
Senior Director - Information Security Architecture, Engineering & Operations
• Leader of a geographically distributed team, and responsible for strategic program oversight and tactical execution, procedure development, and technical and project management for End Point, Email Security, Logging and Monitoring, Event and Incident Management (SEIM), Security Engineering, Firewall management and monitoring, Proxy server management and monitoring, and third-party service provider management.
• Provide named ownership for security controls and centrally manage security technology investments in a managed technology portfolio.
• Responsible for driving process implementation, refinement, troubleshooting and monitoring, short and long-term project management, cross-team collaboration, tuning, metrics, and KPI's driving proactive improvements.
• Lead crisis/incident event management incidents for Cybersecurity Operational issues
• Continually provide technical coordination, oversight and leadership for staff and serve as escalation point for complex technical issues
• Drive bottoms-up improvements for Cybersecurity Operations (including Level-1 & Level-2 Incident management, Change management and Problem management)
• Plan, design, implement and provides ongoing support of Cybersecurity systems of high complexity in key customer facing and corporate environments to fulfil the business needs
• Established industry leading operational practices/methodologies for problem resolution in a global, 24 x 7, high volume, high availability, critical production environment, based on metrics (KPI and KRI’s).
• Continually provide technical coordination, oversight and leadership for staff and serve as escalation point for complex technical issues.
• Lead development of Cybersecurity Solutions, testing and QA functions to ensure that projects are securely delivered and fulfil expectations
• Provide highest level of technical consultancy to ensure problem resolution is achieved in the shortest possible timeframe
2022 : 2022
AECOM
Director, Security Engineering & Operations
• Design, Architect, Implement and Support Global Enterprise Internet, B2B, Cloud Network infrastructure and Consult on major Infrastructure and Business Network Security Projects
• Responsible for facilitation between end-users, developers, infrastructure operations, and architecture teams utilizing emerging technologies such as Identity Access Management, Patch Management, Encryption solutions, Firewall technologies, Host and Network-based Intrusion Detection Systems, and policy management solutions.
• Develop short- and long-term security strategies, conduct risk assessments, and provide reports to the senior leadership team regarding current state, open concerns, and prior risk assessments.
2021 : 2022
CVS Health
Senior Advisor | Enterprise Connectivity Engineering
• Spearhead the delivery of IT professional services to mid to large enterprises, leading a team of direct consultants and ~10 indirect reports, providing guidance on business information security strategies, risk program assessment and mitigation, and security risk management.
• Serve as the Trusted Advisor to collaborate with key stakeholders in the business line to address, resolve and reduce cybersecurity issues during the full systems life-cycle process partnering with clients in various industries, including Financial Services, Banking, Healthcare, Insurance, and Pharmaceuticals.
• Currently assigned to a Fortune 5 client as a Business Information Security expert managing 5 projects.
• Responsible for facilitation between end-users, developers, infrastructure operations, and architecture teams utilizing emerging technologies such as Identity Access Management, Patch Management, Encryption solutions, Firewall technologies, Host and Network-based Intrusion Detection Systems, and policy management solutions.
• Delivered leadership in transforming the network from an internal computing model to a complex, hybrid, multi-public cloud and Cloud SaaS environment.
• Consistently achieved 99.997-99.999% infrastructure availability metric – Sigma 5.7-5.9.
• Aligned annual initiatives as well as a long-term strategy with senior leaders and business plans.
• Key contributor to network integration strategy for the merger of two fortune 50 companies, implementing the new organizational model and completing the integration of the IT Networks Teams with a $221M annual budget
• Support 300 business partners, 200 internal sites domestically and internationally, 5 Data Centers, and AWS and Azure IaaS deployments
2018 : 2021
Hybrid Pathways
Principal Consultant (Business Information Security Expert to Clients)
• Managed a team of 3 Practice Managers and 10 indirect Senior Consultants/Associates responsible for the development and delivery of information security and compliance consulting services to domestic and international clients
• Provided clients in the Financial Services and Life Science industries, including key relationships with Fortune 50 companies services including Risk Management, Information Security, Enterprise Architecture, and Identity & Access Management.
• Executed Enterprise cloud migration strategies, assessed feasibility, identified dependencies, and focused on the appropriate business objectives (e.g., agility, ROI, global expansion, digital transformation).
• Developed security architecture strategy, planning & implementation for Enterprise clients, defining roadmaps to bridge gaps from current to the future state for business, information, and technology capabilities; guided technical staff across multiple projects.
• Implemented solutions that maintained compliance with GDPR, PCI-DSS, HIPAA, HITRUST, SSAE, Sarbanes Oxley, NERC CIP, and Nuclear Cyber regulatory requirements.
• Directed delivery of solutions to clients independently or a practice manage on upwards of 5 projects concurrently accountable for project budgets, timelines, engagement costs, customer expectations, and project deliverables.
• Acquired requirements and deployed SIEM solutions for a world-renowned multi-purpose indoor arena in New York City, inclusive of global affiliate locations.
• Delivered network and security architecture re-design for $1B+ Communication company; Solution included high-value network segmentation and continuous monitoring plan via CMDB analytics engine
• Architected and facilitated the implementation of a data center hosting environment for Fortune 50 Managed Health Care company to support enterprise and global affiliates
2018 : 2018
TUV Rheinland OpenSky
Managing Principal (Practice Director) - Secure Cloud Enablement / Advanced Cyber Defenses
Company: Follett Higher Education
Years of Experience: 21
• Global Security | Risk Management Executive
• Enterprise Strategic Planning | Execution
• Network Security Architecture
• Data | Cyber Protection and Defense
• Team Development | Management
• Security Department Leadership
• Cross-Functional Team Collaboration
• Departmental Budgeting | Costing
• IT Enablement | Transformation
• Cloud Enablement | Migration | Security
• Business Process Re-Engineering
• Critical Infrastructure Protection
• Disaster Recovery | Crisis Management
• Governance Risk | Compliance
• Project | Contract Analysis
𝘑𝘪𝘮 𝘩𝘢𝘴 𝘱𝘳𝘰𝘷𝘪𝘥𝘦𝘥 𝘴𝘦𝘤𝘶𝘳𝘪𝘵𝘺 𝘤𝘰𝘯𝘴𝘶𝘭𝘵𝘪𝘯𝘨 𝘴𝘦𝘳𝘷𝘪𝘤𝘦𝘴 𝘧𝘰𝘳 𝘤𝘭𝘪𝘦𝘯𝘵𝘴 𝘪𝘯 𝘍𝘪𝘯𝘢𝘯𝘤𝘪𝘢𝘭 𝘚𝘦𝘳𝘷𝘪𝘤𝘦𝘴, 𝘉𝘢𝘯𝘬𝘪𝘯𝘨, 𝘏𝘦𝘢𝘭𝘵𝘩𝘤𝘢𝘳𝘦, 𝘌𝘥𝘶𝘤𝘢𝘵𝘪𝘰𝘯, 𝘔𝘰𝘳𝘵𝘨𝘢𝘨𝘦 𝘚𝘦𝘳𝘷𝘪𝘤𝘦𝘴, 𝘗𝘶𝘣𝘭𝘪𝘴𝘩𝘪𝘯𝘨, 𝘎𝘢𝘮𝘪𝘯𝘨, 𝘏𝘰𝘵𝘦𝘭, 𝘙𝘦𝘵𝘢𝘪𝘭, 𝘚𝘰𝘧𝘵𝘸𝘢𝘳𝘦, 𝘐𝘯𝘴𝘶𝘳𝘢𝘯𝘤𝘦, 𝘊𝘰𝘯𝘴𝘵𝘳𝘶𝘤𝘵𝘪𝘰𝘯, 𝘔𝘢𝘯𝘶𝘧𝘢𝘤𝘵𝘶𝘳𝘪𝘯𝘨, 𝘌𝘯𝘦𝘳𝘨𝘺, 𝘊𝘩𝘦𝘮𝘪𝘤𝘢𝘭, 𝘊𝘰𝘮𝘮𝘶𝘯𝘪𝘤𝘢𝘵𝘪𝘰𝘯𝘴, 𝘎𝘰𝘷𝘦𝘳𝘯𝘮𝘦𝘯𝘵, 𝘗𝘩𝘢𝘳𝘮𝘢𝘤𝘦𝘶𝘵𝘪𝘤𝘢𝘭𝘴, 𝘉𝘶𝘴𝘪𝘯𝘦𝘴𝘴 𝘚𝘰𝘧𝘵𝘸𝘢𝘳𝘦 𝘢𝘯𝘥 𝘚𝘦𝘳𝘷𝘪𝘤𝘦𝘴, 𝘓𝘦𝘨𝘢𝘭, 𝘢𝘯𝘥 𝘕𝘰𝘯-𝘗𝘳𝘰𝘧𝘪𝘵.
𝐓𝐞𝐜𝐡𝐧𝐜𝐢𝐚𝐥 𝐂𝐨𝐦𝐩𝐞𝐭𝐞𝐧𝐜𝐢𝐞𝐬
𝑶𝒑𝒆𝒓𝒂𝒕𝒊𝒐𝒏𝒂𝒍 𝑻𝒐𝒐𝒍𝒔: MS Office Suite | FireMon | Splunk | Sumo Logic | Checkpoint 80.10 / 80.40 Cisco ASA Microsoft / Infoblox DNS | MacAfee Web Gateway | IDS/IPS. SIEM and Monitoring | Visio | Shell Scripting | Red Hat Enterprise Linux | Windows
𝑷𝒓𝒐𝒕𝒐𝒄𝒐𝒍𝒔: VLANs | Spanning Tree | multicast | VRF | QoS | BGP | OSPF | EIGRP as well as Metro Ethernet and MPLS connectivity/architecture. TCP/IP (IP | TCP | UDP | SNMP | DNS | DHCP | FTP | HTTP | HTTPS | ICMP | SMTP | ARP | IPSEC | NAT | STP | MSTP | RSTP | PVST | 802.1Q | DTP | HSRP | VRRP | GLBP | LACP | PAGP | AAA | TACACS | RADIUS | MD5 | VTP & SVI.
𝑺𝒐𝒇𝒕𝒘𝒂𝒓𝒆: Infoblox | Solarwinds | Sumo Logic | Cisco ISE | Firemon
𝑯𝒂𝒓𝒅𝒘𝒂𝒓𝒆: Routers (Nexus 1K | 5K |7K | ASR) | switches (6500/3750/3550 3500/2950) | Cisco Catalyst Switches | Firewalls (ASA. Checkpoint) | F5 LTM/GTM