Molly O’Brien, CISM, CDPSE, CIPP/US
Education:
BBA
Management Information Systems
Pace University - Lubin School of Business
Experience:
As of 5/23/19, due to the sale of Navigators, I am now part of The Hartford.
CIPP/US certification - Oct 23 2023.
Incident Management Lead for The Hartford’s Information Protection (THIP) team. SME for all security and data incident DIRT calls with Vendors and Privacy Law. Work on incidents from beginning to closure.
Perform 3rd-Party Security/Risk Assessments to evaluate the security practices and programs Hartford interests. Responsible for Commercial and Global Business Units, mostly UK, which covers GDPR requirements.
Review daily Splunk alerts and investigate as required.
Partner with Legal and Procurement teams to ensure the company’s interests are appropriately accounted for in contractual language that enforces privacy and security considerations.
Support business areas in responding to customer inquiries regarding The Hartford’s information security policies, programs and practices.
Approve remote access requests for vendor resources, based on diligence performed to ensure appropriate security protocols.
Respond to ad-hoc technical security consulting requests, including at times supporting teammates with security-related projects and support services.
Maintain awareness of existing and proposed security standards for state/federal regulations regarding information security and data privacy.
Identify and assesses the severity and potential impact of risks.
Communicate risk assessment findings to risk owners outside Information Security in a way that consistently drives objective, fact-based decisions.
2019 : Present
The Hartford
Information Security Senior Analyst, Business Security & Governance
On Aug 22, 2018 it was announced that Navigators was being sold. As of 5/23/19, I am now part of The Hartford.
•. Perform Third-Party risk assessments for The Hartford.
•. Track Multi-Factor logins to detect anomalous behavior. Set up new employees on Multi-factor portal and remove authentication method for departing employees.
• Daily monitoring of SIEM, Traffic statistics, and Malware information.
• Account monitoring. Track inactive user accounts and devices. Extend accounts in ADManager.
• Monitor and implement processes and procedures that comply with legislative requirements that impact security for the enterprise.
• Initiate and promote activities to create information security awareness within the organization.
• Assist with identification and remediation of security risks.
• Collaboration with Information Technology and corporate management to coordinate security initiatives and standards across the enterprise.
• Communicate regularly with Information Technology management to ensure that security policies are reviewed, enforced, and adhere to industry-recommended best practices.
• Set up new staff on security awareness training program & monitor Security Awareness Training progress. KnowBe4.
• Monitor encryption status on endpoints.
• Assist with audit evidence production.
2018 : 2019
Navigators, a brand of The Hartford
Senior IT Security Analyst
19 years at Transamerica
*Role changed in 2015 due to the merging of Divisions which created one, global security office.
Administrator and SME of McAfee’s Data Loss Prevention tool for the US division. Manage tool on a daily basis and spearheaded the completion of each implementation phase (Monitor, Notify, Block) for US employees. Worked with International teams in Hong Kong, China and Singapore to implement a solution for their Divisions.
Co-Lead of ISIRP (Information Security Incident Response) team. Managed security breaches which included Privacy & HIPAA events and daily collaboration with Privacy/Legal Team.
Lead for the Pension Business Cybersecurity RFP/RFI questionnaires regarding Information Security (ISO27000, NIST, COBIT related) and System processes for potential and current customers.
Worked on numerous projects to evaluate and mitigate risk in the environment.
Part of Local Response Team in Harrison office.
Self studied and passed CISM exam Dec, 2016.
2001 : 2018
Transamerica
Sr. Information Security Analyst, CISM
April 1, 2013 - Diversified, Transamerica Retirement Services, and Transamerica Retirement Management have come together under one new brand name — Transamerica Retirement Solutions.
___________________________________________________________________________
• Back-up to Information Security Officer for 13 years.
• Managed security incidents and worked with Legal Counsel regarding Privacy Laws and potential breaches.
• Responsible for the day-to-day execution of security processes and BCP program for our Division.
• Audited and maintained Information Security controls to ensure the confidentiality, availability, integrity and privacy of our data.
• Coordinated all SOX Entitlement Reviews pertaining to General Computer Controls.
• Systems liaison during SAS70/SOC1 annual audits.
• Performed Risk Assessments for applications.
• Maintained the Information Security intranet site and spearheaded the Awareness & Training program for our division.
• Implemented shredding services for Division from RFP to implementation.
• Performed clear desk audits.
• Implemented first building security software at Purchase location.
2001 : 2015
Transamerica Retirement Solutions
Sr. Information Security Analyst
• Managed a team of nine to support all aspects of Desktop Support from Tier 1 to Tier 3.
• Managed procurement of all hardware equipment and distribution.
• Worked with Management team to outsource Tier 1 support.
• Managed all aspects of remote support to all Regional Offices.
• Successfully converted all machines for Division from Windows 3.1 to Windows XP.
1999 : 2001
Diversified Investment Advisors, Inc.(Division of Transamerica)
Manager of Help Desk/Desktop Support
Company: The Hartford
Years of Experience: 33