Louis Morton, CISSP, CCSP
Education:
BS
Management Information Systems
Ambassador University
1990 : 1994
Computer Science
Louisiana Tech University
1991 : 1992
LSU Shreveport
1991 : 1991
Ambassador College
1989 : 1990
Captain Shreve
1985 : 1989
Experience:
* Leading all CyberSecurity functions (Operations, Engineering and Architecture), reporting directly to the CISO
* Span of responsibilities : SOC, SIEM, Incident Response, Digital Forensics, Identity Management, Security Assessment, Threat Intel, Vulnerability Management, Internal PKI and public Digital Certificates, Privileged Access Management, External Attack Surface Management, Security Risk Management
* Provide Cybersecurity leadership and guidance across the organization
* Manage Security OPEX and CAPEX Budget
* Lead all internal Cyber Security staff (6 direct reports) and our extended outsourced Security organization : MSSP/SOC and Outsourced IT Sec Infrastructure (approximately 25 personnel)
* Manage Security Vendor relationships, including contracts and renewals with 18 vendors
* Lead and Coordinate external Cyber Security assessments, and develop mitigation plans
* Develop action plans to continually improve Cyber Security Maturity
* Major Achievement : Team achieved #9 on Forbes 200 Most Cybersecure Companies (2023) by focusing on prioritizing and optimizing specific security capabilities. This required significant effort and cross-functional collaboration across NMG IT and external service providers.
2022 : Present
Neiman Marcus Group
Director of Information Security, Reporting to CISO
Cybersecurity Operations at Alcon includes : SOC (SIEM, IR, Threat Hunting), Security Assessment Services, AppSec, Secure SDLC, Threat and Vuln Mgmt, and Cyber Forensics. We focus on protecting Alcon data, applications and systems globally, including E-commerce, Digital, Cloud, IT, OT, Mobile, On-Prem and Work From Anywhere.
* Lead and Empower Security Service Operations Managers and Team members (approx 25 team members : staff plus providers)
* Set Direction and Objectives based upon CISO Strategy
* Manage Financials according to Budget
* Develop Services and negotiate SOWs (Statements of Work) with Security Service Providers
* Assist Alcon CISO as Deputy / Delegate on an as needed basis
2019 : 2022
Alcon
Director of Cybersecurity Operations (Global), reporting to CISO
• Provide IT Security and Risk Management Leadership and Guidance
• Plan & Coordinate Penetration testing and Remediation
• Review Commercial IT Projects at Planning/Demand Mgmt Stage - Provide InfoSec Direction
• Planning and Participation in Vendor Assessments and Lead Remediation Activities
• Vendor Contract Review and Negotiation for inclusion of IT Security and Audit requirements
• Plan and Execute Special Security Projects as Needed
• Engagement with Novartis Security Operations Center
• Lead various Novartis Security Projects as needed
• Manage IT Security of eCommerce solution
• Cloud Security, Infrastructure Security, Application Security
• Data Masking/Data Protection
• Security & Risk Assessment of Vendors
• IT Security Support/Assessment of M&A targets
2015 : 2018
Novartis
IT Security and Risk Manager, Commercial IT Information Security & Risk Management
• Employee since Octorber 2013 to Present
• Contractor via DISYS from April 2013 to October 2013
Responsibilities
• Collaborate and Execute on Global IT Security program initiatives for Alcon, in all aspects from Architecture and Design, Planning, Implementation and Operations
• Represent IT Security in the Alcon IT Governance Exception Review Committee
• Engineer, Deploy, Maintain, Document and Support the Nexpose vulnerability management toolset globally
• Set Requirements, and advise/assist in the design of the development of metrics and reporting utilizing SQL Server Reporting Capabilities to produce reporting for IT Site SPOCS (approximately 100 sites globally).
• Interface and Engage across Novartis Divisions with all levels of IT Operations, Infrastructure, Applications Engineering, Business teams, Architecture, Governance and Senior Leadership
• Provide guidance and recommendations in the remediation of IT Security vulnerabilities, including all infrastructure and application vulnerabilities
2013 : 2015
Alcon Laboratories, Inc.
Senior IT Security Analyst
• Served with an amazing team of IT Security professionals, performing Engineering and Operational Support of Security Infrastructure for several clients, including : Catalent Pharma Solutions, FHLB Seattle, First Group America
• Responsibilities included the Engineering and Operational support of BlueCoat ProxySG, Symantec SEPM, McAfee ePO, CheckPoint firewalls, internet DNS and Tripwire.
• Led client facing meetings with Client Directors of IT and IT Security, and Atos Account Leadership to discuss ongoing security service operations and projects.
• Executed as an individual contributor, providing services and support with very minimal management direction.
• Developed a detailed planned proposal to POC a Palo Alto Next-Gen Firewall solution to provide managed firewall, threat prevention, anti-malware, and content filtering services.
2012 : 2013
Atos
Senior Security Analyst
Company: Neiman Marcus Group
Years of Experience: 28
What makes me different?
• Risk-Based Decision Maker. There are good security practices, but rarely does one-size fit all. What's your data? What is the data worth to your organization, to the data subjects (PII), your competitors, or adversaries? Start by addressing those questions first, and then develop your security solution.
• How many Cyber Security people have you met who can speak with and (more importantly) listen to the Business? I am one of them. I am comfortable communicating with all levels of the organization up to and including the C-suite.
• Proven Public Speaking & Presentation Skills. I can also perform on stage (Community Theater).
• Team/Workgroup Collaborator and Individual Contributor. I enjoy actively participating, or leading group work sessions, and I frequently clean-up afterwards. No job too big or too small!
Let's Talk.