Judy Hatchett

Education: Master of Science - MS

Security Technologies

University of Minnesota-Twin Cities

2017 :

In process

Master's Cybersecurity

Concordia University-St. Paul

2016 : 2018

Bachelor of Arts

Organizational Management

Bethel University

1998 : 2001

Experience: Sets the vision, develops plans and oversees the execution of Enterprise Information and Physical Security, Business Continuity and Risk Management Programs. Lead the Risk and Security teams to ensure comprehensive, high-quality and effective risk and information security management in support of business goals. Set and execute risk and information security goals that build accountability within this team and across the organization.

2020 : Present

Surescripts

VP, Information Security & CISO

Provide strategic and operational leadership and direction to the information security management organization that supports the information security capabilities, processes and standards. Oversee ongoing programs, projects that serve to protect data, confidentiality, integrity and availability while providing secure and reliable access by staff, partners, affiliates and vendors, to systems and information. Partners with executive leadership to determine acceptable levels of risk for the organization and drive executive approval and support for the resulting security improvement programs and projects.

2018 : 2020

Fairview Health Services

VP Information Security and CISO

Assists in providing and supporting information security strategy, policy, standards, architecture, processes and assessments to ensure that 3M information assets and critical processes are adequately protected with acceptable levels of controls. These controls enable the businesses to operate efficiently, cost-effectively and in compliance with regulatory and industry practices, world-wide.

Assisting in achieving HIPAA compliance for one of 3M's critical Healthcare business groups. Developing a Cloud agnostic security strategy. Representing Cybersecurity on 3M's Manufacturing and Process Engineering Infrastructure team.

2016 : 2018

3M

Sr. Global Manager, Information Security Risk & Compliance

Provide direct leadership and management of IAM functions. Actively lead and manage programs (directly and indirectly), to ensure on time delivery, budget and quality goals are met. Lead and drive definition, implementation and closure of projects, including requirements, project plans and resource needs with stakeholders and within team resources. Analyze service offerings, program portfolios and define success / failure metrics and ensure the tracking and reporting, status updates of all metrics. Assist in the development and execution of the overall Identity and Access Management roadmap. Lead the innovation and championing of processes/methodologies at all levels. Ensure understanding and implications of third party security technologies solutions that control access. Lead and oversee the delivery of services, capabilities and processes to mitigate risks. Assist in maximizing investment decisions by understanding the capabilities of existing IAM and aligning with business strategy. Ensure that ongoing training/awareness of IAM is delivered to customers, including internal teams whose processes are being re-engineered. Lead the optimization of security processes and controls, and thus reduce vulnerabilities and mitigate IAM risks. Manage staff in accordance with organizations policies and applicable regulations.

2015 : 2016

SUPERVALU

Sr. Director, Identity and Access Management

Identity and Access Management (IAM) Capability owner. Oversee and actively participate in a $13 million program. Responsible for facilitating project requirements, funding requests, project status, escalation and management of program timelines.

Responsible for managing the IT Service Management team that comprised of managing and execution of the following ITIL processes : Change Management, Incident Management, Asset Management, Configuration Management, Problem Management and development and migration to the Service Now toolset.

Lead a task force made up of internal resources, external auditors, and multiple 3rd party vendors to successfully remediate a regulatory IT Service Managment deficiency. The task force created new policy, standard, processes and IT General Controls while aligning with the IT long term strategy.

Manage the compliance and remediation of internal IT General Controls program in a multi-vendor environment. Partner with Internal Audit and 3rd Party Vendors to align on remediation and control framework.

Oversee the enterprise rollout of RSA Archer (General Risk and Compliance) software. This includes oversight on the develop framework, change governance, prioritization of rollouts and resources.

SAP Security Lead for leading the SAP Security Team (Internal Resources and Accenture).

2010 : 2015

Best Buy

Sr. Director IT Risk and Compliance

Company: Surescripts

Years of Experience: 20