Profiles search

Louis Morton, CISSP, CCSP

Security Leader, Communicator, Planner, Problem Solver, Helping Business Accelerate while Managing Risk
Fort Worth, TX, United States
Details

Education: BS

Management Information Systems

Ambassador University

1990 : 1994



Computer Science

Louisiana Tech University

1991 : 1992

LSU Shreveport

1991 : 1991

Ambassador College

1989 : 1990

Captain Shreve

1985 : 1989

Experience: * Leading all CyberSecurity functions (Operations, Engineering and Architecture), reporting directly to the CISO

* Span of responsibilities : SOC, SIEM, Incident Response, Digital Forensics, Identity Management, Security Assessment, Threat Intel, Vulnerability Management, Internal PKI and public Digital Certificates, Privileged Access Management, External Attack Surface Management, Security Risk Management

* Provide Cybersecurity leadership and guidance across the organization

* Manage Security OPEX and CAPEX Budget

* Lead all internal Cyber Security staff (6 direct reports) and our extended outsourced Security organization : MSSP/SOC and Outsourced IT Sec Infrastructure (approximately 25 personnel)

* Manage Security Vendor relationships, including contracts and renewals with 18 vendors

* Lead and Coordinate external Cyber Security assessments, and develop mitigation plans

* Develop action plans to continually improve Cyber Security Maturity

* Major Achievement : Team achieved #9 on Forbes 200 Most Cybersecure Companies (2023) by focusing on prioritizing and optimizing specific security capabilities. This required significant effort and cross-functional collaboration across NMG IT and external service providers.

2022 : Present

Neiman Marcus Group

Director of Information Security, Reporting to CISO

Cybersecurity Operations at Alcon includes : SOC (SIEM, IR, Threat Hunting), Security Assessment Services, AppSec, Secure SDLC, Threat and Vuln Mgmt, and Cyber Forensics. We focus on protecting Alcon data, applications and systems globally, including E-commerce, Digital, Cloud, IT, OT, Mobile, On-Prem and Work From Anywhere.

* Lead and Empower Security Service Operations Managers and Team members (approx 25 team members : staff plus providers)

* Set Direction and Objectives based upon CISO Strategy

* Manage Financials according to Budget

* Develop Services and negotiate SOWs (Statements of Work) with Security Service Providers

* Assist Alcon CISO as Deputy / Delegate on an as needed basis

2019 : 2022

Alcon

Director of Cybersecurity Operations (Global), reporting to CISO

• Provide IT Security and Risk Management Leadership and Guidance

• Plan & Coordinate Penetration testing and Remediation

• Review Commercial IT Projects at Planning/Demand Mgmt Stage - Provide InfoSec Direction

• Planning and Participation in Vendor Assessments and Lead Remediation Activities

• Vendor Contract Review and Negotiation for inclusion of IT Security and Audit requirements

• Plan and Execute Special Security Projects as Needed

• Engagement with Novartis Security Operations Center

• Lead various Novartis Security Projects as needed

• Manage IT Security of eCommerce solution

• Cloud Security, Infrastructure Security, Application Security

• Data Masking/Data Protection

• Security & Risk Assessment of Vendors

• IT Security Support/Assessment of M&A targets

2015 : 2018

Novartis

IT Security and Risk Manager, Commercial IT Information Security & Risk Management

• Employee since Octorber 2013 to Present

• Contractor via DISYS from April 2013 to October 2013

Responsibilities

• Collaborate and Execute on Global IT Security program initiatives for Alcon, in all aspects from Architecture and Design, Planning, Implementation and Operations

• Represent IT Security in the Alcon IT Governance Exception Review Committee

• Engineer, Deploy, Maintain, Document and Support the Nexpose vulnerability management toolset globally

• Set Requirements, and advise/assist in the design of the development of metrics and reporting utilizing SQL Server Reporting Capabilities to produce reporting for IT Site SPOCS (approximately 100 sites globally).

• Interface and Engage across Novartis Divisions with all levels of IT Operations, Infrastructure, Applications Engineering, Business teams, Architecture, Governance and Senior Leadership

• Provide guidance and recommendations in the remediation of IT Security vulnerabilities, including all infrastructure and application vulnerabilities

2013 : 2015

Alcon Laboratories, Inc.

Senior IT Security Analyst

• Served with an amazing team of IT Security professionals, performing Engineering and Operational Support of Security Infrastructure for several clients, including : Catalent Pharma Solutions, FHLB Seattle, First Group America

• Responsibilities included the Engineering and Operational support of BlueCoat ProxySG, Symantec SEPM, McAfee ePO, CheckPoint firewalls, internet DNS and Tripwire.

• Led client facing meetings with Client Directors of IT and IT Security, and Atos Account Leadership to discuss ongoing security service operations and projects.

• Executed as an individual contributor, providing services and support with very minimal management direction.

• Developed a detailed planned proposal to POC a Palo Alto Next-Gen Firewall solution to provide managed firewall, threat prevention, anti-malware, and content filtering services.

2012 : 2013

Atos

Senior Security Analyst

Company: Neiman Marcus Group

Years of Experience: 28

Skills Active Directory, Agile Project Management, Amazon Web Services (AWS), Antivirus, Application Security, Auditing, Checkpoint, CISSP, Communication, Computer Security, Confidentiality, Continuity of Operations, Data Center, Data Privacy, Disaster Recovery, DNS, Domain Name System (DNS), eCommerce, Enterprise Architecture, F5 BigIP, Firewalls, Governance, Hybris, Identity Management, IDS, Incident Management, Incident Response, Information Security, Information Security Management, Information Technology, Infrastructure, Integration, Intrusion Detection, ISO 27001, IT Management, IT Operations, IT Service Management, IT Strategy, Key Metrics, Networking, Network Security, PCI DSS, Security, Security Architecture Design, Security Audits, Servers, u.s. health insurance portability and accountability act (hipaa), Vulnerability Assessment, Vulnerability Management, Windows Server, IT Audit, Symantec Endpoint Protection, McAfee Antivirus, Bluecoat Proxies, Imperva, Demand Management, Symantec Endpoint, Security Architecture
About IT/Cyber Security Leader with 20+ years Security experience, embracing every opportunity develop. More importantly, I am focused on developing the talents of the teams I manage and serve. Over my career, I have worked in a in a range of roles including: Security Ops, Engineering & Architecture, Security Project Management, and in increasingly in Security Management and Leadership roles over the past ten years.



What makes me different?

• Risk-Based Decision Maker. There are good security practices, but rarely does one-size fit all. What's your data? What is the data worth to your organization, to the data subjects (PII), your competitors, or adversaries? Start by addressing those questions first, and then develop your security solution.

• How many Cyber Security people have you met who can speak with and (more importantly) listen to the Business? I am one of them. I am comfortable communicating with all levels of the organization up to and including the C-suite.

• Proven Public Speaking & Presentation Skills. I can also perform on stage (Community Theater).

• Team/Workgroup Collaborator and Individual Contributor. I enjoy actively participating, or leading group work sessions, and I frequently clean-up afterwards. No job too big or too small!



Let's Talk.