Résumé

Steve M. Packard
CISSP, CISM, CCSP
203-815-3888 |  Packard.Stephen@gmail.com  |  LinkedIn


Cyber Security Risk Management Expert

Introduction: Experienced cyber expert seeking a position where my experience in the evaluation of cyber security risks, defensive measures and regulatory compliance requirements can make the biggest difference.  I have worked with a variety of organizations and technologies to better understand what risks are present and how those are best addressed.  My diverse technical background allows me to provide the best solutions to ensure maximum return on investment for cyber security, privacy and governance measures at organizations large and small.

My background in generative AI evaluation is a stand out quality available in few others.  Having had the privilege to work with some of the best developers early on, I was able to gain unique insight and experience in to both the potential of AI and its possible pitfalls, many of which are poorly known outside the development community. Generative AI is likely to be a major challenge to all fields in the near future and presents new and unknown risks and regulatory challenges, which I am eager to help organizations meet.

  • Innovative cyber security professional with 20+ years of experience
  • CISSP, CISM, and CSSP certified
  • Experienced working with AI developers and cutting-edge AI technology
  • Track record of success with ransomware defense, prevention, and recovery
  • Served in major role in first top-down risk assessment of AI risks for Google Labs
  • Fortune 500 level governance experience
  • Compliance with major regulatory laws and frameworks including NIST, ISO 27000, SOX, PCI DSS, GDPR

Professional Experience:

Deloitte Risk Financial Advisory, New York City, NY                                  2020 –2023
Cyber Risk Advisory Analyst

  • Provided data life cycle governance and support to fortune 50 company
  • Conducted risk assessment for ransomware vulnerabilities of client’s remote access infrastructure
  • Provided oversight of SOC center escalations
  • Oversaw cutting-edge assessment services to major client deploying world-class AI products
  • Aided in firm’s response to Solar Winds event, including arranging much of the PR and information response
  • Clients included: Google, AIG, Bank of America, Synovus Bank, Exelon and BNY Melon

Tyehimba Enterprises, Bridgeport, CT                                                       2017– 2019
Network and Infrastructure Consultant

  • Managed on-site and remote IT projects
  • Managed multiple workstreams involving teams of 10 or more onsite installers
  • Assisted in RFP responses and planning
  • Conducted PCI DSS auditing and enforcement

Techline Computing, Shelton, CT                                                              2014 – 2018
Cloud Services Manager

  • Assisted clients in determining needs for cloud services
  • Managed cloud recovery services
  • Provided incident response to companies from one to over 500 employees
  • Established new and innovative cloud migration services

Growing Possibilities, Guilford, CT                                                          2007 – 2013
Director of E-marketing & Chief Information Security Officer

  • Established new online sales from zero to over 1000 orders per month
  • Setup analytics, marketing and inventory tracking systems
  • Maintained system security for marketing system and other critical systems
  • Enforced compliance, especially with PCI-DSS

Education:

Charter Oka State College, New Britain CT
Bachelor of Science: Cyber Security – Graduated 2019

  • Graduated with “Honors in Scholarship”, institution’s equivalent of magna cum laude
  • 3.8 GPA, 3.92 GPA in Major

Professional Certifications:

(ISC)² CISSP (Click to Verify )
(ISC)² CCSP (Click to Verify)
ISACA CISM (Click to Verify)
AWS Certified Cloud Practitioner (Click to Verify)
AWS Solutions Architect, Associate (Click to Verify)

Skills and Expertise:

  • Documentation and writing of procedures for regulatory compliance
  • Privacy governance and policy
  • PCI DSS, CCPR, SOX, GDPR, GLBA, HIPPA and other security/privacy regulatory frameworks
  • NIST and ISO 27000 compliance management
  • Sarbanes-Oxley (SOX) governance
  • High level stakeholder management
  • Complex incident response
  • Crisis Management
  • Project management
  • Cyber security insurance
  • Risk management
  • Business continuity planning
  • Crisis management
  • Data Lifecyle management
  • Identity and Access Management
  • Penetration Testing
  • Firewall administration
  • Integration testing
  • Change management
  • IT asset inventory
  • Microsoft Office (Excel, Powerpoint, Word)
  • Programming in C, C++, JavaScript, SQL, Python, PHP, Java and others
  • Cloud services
  • Network administration
  • Generative AI
  • Corporate Governance