Pawel Wilczynski CISA,CISM,CCSK

Education: BS, Cum Laude

Bachelor of Science - Computer Science, Networking and Cloud Computing

Salem State University

2010 : 2021

AS

Network Technology & Administration

Bunker Hill CC

2007 : 2009

Forestry

Forestry

Forestry Technical High School in Białowieża, Poland

1997 : 2002

Experience: Pawel is a manager in BNN’s information systems and risk assurance practice, specializing in cyber security, risk, and IT systems assurance services. Clients turn to Pawel for help conducting cyber assessments, readiness assessments for major frameworks, standards and regulations : e.g : 23 NYDSS 500, PCI DSS, ISO 27001, GLBA, NIST CSF, FedRAMP, third-party risk assessments, CSA STAR and all things cyber.

WE CAN HELP YOU WITH :

• as a virtual Chief Information Security Officer (vCISO)

• Cybersecurity Assessment

• Compliance Readiness Assessments (NIST CSF, PCI DSS, ISO 27001, FedRAMP, CMMC, MS DPR, CSA STAR, HIPAA, Maine Insurance Data Security Act, 23 NYCRR 500)

• CSA STAR Attestation Level 2 : For SOC 2

• Merger and Acquisitions (M&A) Cyber Due Diligence

• Third Party Risk Assessment

• Insurance Agents’ Risk Assessment

• Internal Audit (as related to ISO 27001, 23 NYCRR 500 and HIPAA/HITECH)

• Risk Assessment

• Penetration Testing

• Vulnerability Assessment

He works with a variety of clients – both public and private – with a particular focus on financial and insurance institutions and the technology industry. His clients include financial institution services bureaus, regional banks, and software-as-a-service providers.

2022 : Present

Baker Newman Noyes

Cybersecurity Manager

- Risk Management

- IT Governance

- IT Compliance

- Business Continuity and Disaster Recovery

- Cybersecurity Training for employees

- Model Audit

- PCI DSS compliance

- NYDFS Compliance

2019 : 2022

The Andover Companies

Information Security Analyst III

Lead company-wide adoption of SharePoint online to streamline some paper-based business processes. Modernized Disaster Recovery and Business Continuity initiatives through tabletop exercises and continuous improvement. Closely monitored developing New York DFS regulation to be able to meet its requirements. Assisted with audit requests and responses.

ACHIEVEMENTS

- Risk Management Program

Co-developed and helped implement a new Risk Management Program, based on NIST CSF and NIST 800-53.

- Risk and Vulnerability Assessments, Penetration Testing

Coordinated periodic risk and vulnerability assessments combined with network and application penetration tests. Served as an input for continuous improvement needed to keep up with the changing threat landscape, new regulatory developments, and technology changes driven by business needs.

- Provided guidance on cyber regulatory compliance to ensure our program aligned with new and existing regulatory requirements. Guided business and technology groups to full 23 NYDFS 500 compliance.

- Compliance and Audit

Responded to several periodic compliance and audit requests.

- Model Audit Rule

Developed application with built-in approval allowing for secure evidence collection

2015 : 2019

The Andover Companies

Systems Engineer II

Supported companies from various industry verticals (Tech Ed, Biotech, CPA firm, law firm, Museum, and others) with a wide range of technology needs. Became a subject matter expert consultant among our client firms.

2013 : 2015

FlexManage (Acquired by New Era Technology 2021)

IT Consultant

Built on desktop support experience to become lead System Support Engineer, responsible for all systems’ availability, deployment and maintenance.

2011 : 2012

PetEdge

IT Systems Support Engineer

Company: Baker Newman Noyes

Years of Experience: 18

Spoken Language: English, Polish