Jim Rigney

Education: M.S.

Technology Management

Stevens Institute of Technology

2006 : 2011

Post grad cert

Advanced Project Management

Stevens Institute of Technology

2006 : 2011

B.S.

Police Science

City University of New York-John Jay College of Criminal Justice

1990 : 1994

Experience: Responsible for operationalizing Follett’s Information Security strategy, and roadmap, and leading the InfoSec team.

Responsible for overseeing all Security operations, projects, and Security infrastructure.

Responsible for an enterprise-wide information security management strategy and ensuring the execution of these plans.

Identify legal, regulatory, and contractual requirements and develop architecture and standards related to information systems.

Lead engineering teams to establish/implement/monitor/enforce a comprehensive security program to ensure appropriate levels of confidentiality, integrity, safety, privacy, and recovery of information controlled and processed by Follett.

2022 : Present

Follett Higher Education

Senior Director - Information Security Architecture, Engineering & Operations

• Leader of a geographically distributed team, and responsible for strategic program oversight and tactical execution, procedure development, and technical and project management for End Point, Email Security, Logging and Monitoring, Event and Incident Management (SEIM), Security Engineering, Firewall management and monitoring, Proxy server management and monitoring, and third-party service provider management.

• Provide named ownership for security controls and centrally manage security technology investments in a managed technology portfolio.

• Responsible for driving process implementation, refinement, troubleshooting and monitoring, short and long-term project management, cross-team collaboration, tuning, metrics, and KPI's driving proactive improvements.

• Lead crisis/incident event management incidents for Cybersecurity Operational issues

• Continually provide technical coordination, oversight and leadership for staff and serve as escalation point for complex technical issues

• Drive bottoms-up improvements for Cybersecurity Operations (including Level-1 & Level-2 Incident management, Change management and Problem management)

• Plan, design, implement and provides ongoing support of Cybersecurity systems of high complexity in key customer facing and corporate environments to fulfil the business needs

• Established industry leading operational practices/methodologies for problem resolution in a global, 24 x 7, high volume, high availability, critical production environment, based on metrics (KPI and KRI’s).

• Continually provide technical coordination, oversight and leadership for staff and serve as escalation point for complex technical issues.

• Lead development of Cybersecurity Solutions, testing and QA functions to ensure that projects are securely delivered and fulfil expectations

• Provide highest level of technical consultancy to ensure problem resolution is achieved in the shortest possible timeframe

2022 : 2022

AECOM

Director, Security Engineering & Operations

• Design, Architect, Implement and Support Global Enterprise Internet, B2B, Cloud Network infrastructure and Consult on major Infrastructure and Business Network Security Projects

• Responsible for facilitation between end-users, developers, infrastructure operations, and architecture teams utilizing emerging technologies such as Identity Access Management, Patch Management, Encryption solutions, Firewall technologies, Host and Network-based Intrusion Detection Systems, and policy management solutions.

• Develop short- and long-term security strategies, conduct risk assessments, and provide reports to the senior leadership team regarding current state, open concerns, and prior risk assessments.

2021 : 2022

CVS Health

Senior Advisor | Enterprise Connectivity Engineering

• Spearhead the delivery of IT professional services to mid to large enterprises, leading a team of direct consultants and ~10 indirect reports, providing guidance on business information security strategies, risk program assessment and mitigation, and security risk management.

• Serve as the Trusted Advisor to collaborate with key stakeholders in the business line to address, resolve and reduce cybersecurity issues during the full systems life-cycle process partnering with clients in various industries, including Financial Services, Banking, Healthcare, Insurance, and Pharmaceuticals.

• Currently assigned to a Fortune 5 client as a Business Information Security expert managing 5 projects.

• Responsible for facilitation between end-users, developers, infrastructure operations, and architecture teams utilizing emerging technologies such as Identity Access Management, Patch Management, Encryption solutions, Firewall technologies, Host and Network-based Intrusion Detection Systems, and policy management solutions.

• Delivered leadership in transforming the network from an internal computing model to a complex, hybrid, multi-public cloud and Cloud SaaS environment.

• Consistently achieved 99.997-99.999% infrastructure availability metric – Sigma 5.7-5.9.

• Aligned annual initiatives as well as a long-term strategy with senior leaders and business plans.

• Key contributor to network integration strategy for the merger of two fortune 50 companies, implementing the new organizational model and completing the integration of the IT Networks Teams with a $221M annual budget

• Support 300 business partners, 200 internal sites domestically and internationally, 5 Data Centers, and AWS and Azure IaaS deployments

2018 : 2021

Hybrid Pathways

Principal Consultant (Business Information Security Expert to Clients)

• Managed a team of 3 Practice Managers and 10 indirect Senior Consultants/Associates responsible for the development and delivery of information security and compliance consulting services to domestic and international clients

• Provided clients in the Financial Services and Life Science industries, including key relationships with Fortune 50 companies services including Risk Management, Information Security, Enterprise Architecture, and Identity & Access Management.

• Executed Enterprise cloud migration strategies, assessed feasibility, identified dependencies, and focused on the appropriate business objectives (e.g., agility, ROI, global expansion, digital transformation).

• Developed security architecture strategy, planning & implementation for Enterprise clients, defining roadmaps to bridge gaps from current to the future state for business, information, and technology capabilities; guided technical staff across multiple projects.

• Implemented solutions that maintained compliance with GDPR, PCI-DSS, HIPAA, HITRUST, SSAE, Sarbanes Oxley, NERC CIP, and Nuclear Cyber regulatory requirements.

• Directed delivery of solutions to clients independently or a practice manage on upwards of 5 projects concurrently accountable for project budgets, timelines, engagement costs, customer expectations, and project deliverables.

• Acquired requirements and deployed SIEM solutions for a world-renowned multi-purpose indoor arena in New York City, inclusive of global affiliate locations.

• Delivered network and security architecture re-design for $1B+ Communication company; Solution included high-value network segmentation and continuous monitoring plan via CMDB analytics engine

• Architected and facilitated the implementation of a data center hosting environment for Fortune 50 Managed Health Care company to support enterprise and global affiliates

2018 : 2018

TUV Rheinland OpenSky

Managing Principal (Practice Director) - Secure Cloud Enablement / Advanced Cyber Defenses

Company: Follett Higher Education

Years of Experience: 21