Judy Hatchett
Education:
Master of Science - MS
Security Technologies
University of Minnesota-Twin Cities
2017 :
In process
Master's Cybersecurity
Concordia University-St. Paul
2016 : 2018
Bachelor of Arts
Organizational Management
Bethel University
1998 : 2001
Experience:
Sets the vision, develops plans and oversees the execution of Enterprise Information and Physical Security, Business Continuity and Risk Management Programs. Lead the Risk and Security teams to ensure comprehensive, high-quality and effective risk and information security management in support of business goals. Set and execute risk and information security goals that build accountability within this team and across the organization.
2020 : Present
Surescripts
VP, Information Security & CISO
Provide strategic and operational leadership and direction to the information security management organization that supports the information security capabilities, processes and standards. Oversee ongoing programs, projects that serve to protect data, confidentiality, integrity and availability while providing secure and reliable access by staff, partners, affiliates and vendors, to systems and information. Partners with executive leadership to determine acceptable levels of risk for the organization and drive executive approval and support for the resulting security improvement programs and projects.
2018 : 2020
Fairview Health Services
VP Information Security and CISO
Assists in providing and supporting information security strategy, policy, standards, architecture, processes and assessments to ensure that 3M information assets and critical processes are adequately protected with acceptable levels of controls. These controls enable the businesses to operate efficiently, cost-effectively and in compliance with regulatory and industry practices, world-wide.
Assisting in achieving HIPAA compliance for one of 3M's critical Healthcare business groups. Developing a Cloud agnostic security strategy. Representing Cybersecurity on 3M's Manufacturing and Process Engineering Infrastructure team.
2016 : 2018
3M
Sr. Global Manager, Information Security Risk & Compliance
Provide direct leadership and management of IAM functions. Actively lead and manage programs (directly and indirectly), to ensure on time delivery, budget and quality goals are met. Lead and drive definition, implementation and closure of projects, including requirements, project plans and resource needs with stakeholders and within team resources. Analyze service offerings, program portfolios and define success / failure metrics and ensure the tracking and reporting, status updates of all metrics. Assist in the development and execution of the overall Identity and Access Management roadmap. Lead the innovation and championing of processes/methodologies at all levels. Ensure understanding and implications of third party security technologies solutions that control access. Lead and oversee the delivery of services, capabilities and processes to mitigate risks. Assist in maximizing investment decisions by understanding the capabilities of existing IAM and aligning with business strategy. Ensure that ongoing training/awareness of IAM is delivered to customers, including internal teams whose processes are being re-engineered. Lead the optimization of security processes and controls, and thus reduce vulnerabilities and mitigate IAM risks. Manage staff in accordance with organizations policies and applicable regulations.
2015 : 2016
SUPERVALU
Sr. Director, Identity and Access Management
Identity and Access Management (IAM) Capability owner. Oversee and actively participate in a $13 million program. Responsible for facilitating project requirements, funding requests, project status, escalation and management of program timelines.
Responsible for managing the IT Service Management team that comprised of managing and execution of the following ITIL processes : Change Management, Incident Management, Asset Management, Configuration Management, Problem Management and development and migration to the Service Now toolset.
Lead a task force made up of internal resources, external auditors, and multiple 3rd party vendors to successfully remediate a regulatory IT Service Managment deficiency. The task force created new policy, standard, processes and IT General Controls while aligning with the IT long term strategy.
Manage the compliance and remediation of internal IT General Controls program in a multi-vendor environment. Partner with Internal Audit and 3rd Party Vendors to align on remediation and control framework.
Oversee the enterprise rollout of RSA Archer (General Risk and Compliance) software. This includes oversight on the develop framework, change governance, prioritization of rollouts and resources.
SAP Security Lead for leading the SAP Security Team (Internal Resources and Accenture).
2010 : 2015
Best Buy
Sr. Director IT Risk and Compliance
Company: Surescripts
Years of Experience: 20