Linda Marcone

CISO | Speaker | Gartner CISO Governing Body

Spring, TX, United States

Details

Education: Doctor of Chiropractic

Chiropractor

Life University

1991 : 1996

Pre-Medical studies

University of Manitoba

1989 : 1991

Experience: 2022 : Present

Crate and Barrel

CISO - VP Information Security

$3B Retail, eCommerce and Financial Services (Public) company.

Leading and transforming the Information Security Program and Compliance Program (PCI, SOX, GLBA, Privacy) including a from scratch eCommerce build (Digital Transformation) and Cloud Transformation.

2019 : 2022

Conn's HomePlus

CISO, VP Information Security

$3 Billion Industry Leader in Manufacturing and eCommerce (Private Equity). Building the Information Security, Governance, Risk & Compliance, BCP/DR Programs from complete ground up for Serta Simmons Bedding the global leader in the Mattress Manufacturing industry. Information Security Strategy, Roadmap, Budget, MSSP, Framework (NIST CSF - Cyber Security Framework, ISO and ITIL), Risk Management, Policies, Security Technologies, Processes, and SOX, PCI Compliance.

Leading IT Transformation and Maturity in the area of Information Security for the enterprise, Leading Quarterly Information Security Council meetings with the Executive Team and BOD (Board of Directors) updates and Security leader for merger & acquisition of Tuft & Needle.

2019 : 2019

Serta Simmons Bedding, LLC

CISO - Sr. Director Information Security

Complete from scratch security and compliance program build - which included SOX readiness in order for the company to go Public and build out of brand new website (Tomorrow Sleep) including PCI compliance.

2015 : 2018

Serta Simmons Bedding, LLC

CISO - Director Information Security

$20 Billion Telecom, Cable TV and Internet Service Provider (Private Company).

Leader of Governance, Risk and Compliance (GRC), SOX, ITGC's, Internal/External Audit and PCI Compliance for Cox Communications

Created and Managed the following programs : Security Compliance Program, Risk Management Program, Third Party Risk Program, Security Exception Management Program, Security Policies and Standards, Security Training and Awareness Program. Also managed GRC Platform (RSA Archer) and platform development.

Reduced risk for the company significantly by re-engineering over 30 business processes and remediating a volume of sensitive records as part of building a Data Loss Prevention (DLP) program.

2012 : 2015

Cox Communications

Sr. Manager Governance, Risk and Compliance

Company: Crate and Barrel

Years of Experience: 27

Spoken Language: English, German

Skills Advisory Boards, Board of Directors, Budgets, CISSP, Cloud Computing, Computer Security, Confidentiality, Cross-functional Team Leadership, Data Privacy, Disaster Recovery, Executive Leadership, Firewalls, Governance, Incident Response, Information Security, Information Security Management, Information Technology, ISO 27001, ITIL, Leadership, Legal Requirements, Management, Mergers & Acquisitions (M&A), Network Security, Payment Card Industry Data Security Standard (PCI DSS), PCI DSS, Policy Development, Privacy Policies, Private Equity, Program Management, Project Management, Regulatory Compliance, Risk Assessment, Risk Management, Sarbanes-Oxley Act, SDLC, SEC Regulations, Security, Software Development Life Cycle (SDLC), Strategy, Team Mentoring, Telecommunications, Vendor Management, Vulnerability Assessment, Security Awareness, Customer Service, Visio, CompTIA, Penetration Testing, Technical Support, Integration, Data Center, Computer Forensics, Troubleshooting, Software Documentation, Networking, Business Process Improvement

About Executive Leader with 23 years experience in building and transforming Information Security (Cybersecurity), Risk, Compliance, Fraud and Abuse Programs

Industry Experience: Telecomm, ISP (Internet Service Provider), Cable TV / Media, eCommerce, Retail, Financial Services, Classified Ads and Manufacturing. Blockchain, Crypto and NFT hobbyist.

Governing body member for the Gartner / Evanta CISO board (Fortune 500)

Former Board Member of the Atlanta Infragard Chapter (FBI & Industry alliance)

Experience working with Law enforcement, FBI and within industry forums such as the NCFTA (National Cyber-Forensics Training Alliance for Phishing and Auto industry classified ad Fraud) .

Leadership style: Lead by example. Drive for developing staff, mentoring and building business trust relationships. Change & Transformation Leader and champion.

Interested in joining Board of Directors to share my expertise in Cybersecurity and Compliance.

Certifications: C-CISO (Certified Chief Information Security Officer), CISSP, ISA (Internal Security Assessor - PCI certification), SANS GIAC - Security Leadership Essentials, HISP (Holistic Information Security Practitioner, ITIL.

Specialties: Leadership, Transformation, building Information Security Teams & Programs, NIST, ISO, Budgets, Executive and Board level communications, ITGC's, Internal & External Audit, PCI, SOX, Governance, Risk & Compliance, Third Party Risk, Data Protection Agreement Contract language negotiation, Threat and Vulnerability, Patch Management, Security Awareness, Fraud & Abuse Prevention, Incident Response CSIRT, Metrics, Disaster Recovery, Business Continuity.