Uploaded File
add photo
Reginald
Reginald.Simington@gmail.com
858-349-9507
San Diego, CA 92198
Senior Manager, Global Information Security and Risk Management
21 years experience W2
0
Recommendations
Average rating
8
Profile views
Summary

  • Technology Auditing, Client Relationship, Enterprise Risk Management
  • Senior Manager of Governance, Risk, and Compliance with compelling experience leading global IS and risk assessment, enterprise security, compliance, and technology auditsfor Teradata, LPL Financial, Ameriprise Financial, Target, and Fortune 500 clients of KPMG.
  • Skilled at developing security strategies, network audits, audit plans, operational security strategies, and security processes.
  • Established an identity access management department at LPL Financial. Established an audit readiness program at Teradata.
  • Excel at forging trusted security advisor relationships with business units, internal stakeholders, and clients. Expertise in information systems, threat identification, associated risks, and team leadership.
  • Lifelong learner with an MBA, multiple security certifications, and professional industry organization affiliations.

CORE COMPETENCIES & TECHNOLOGIES

  • Team Leadership
  • Information Security
  • Risk Management
  • Compliance Audits
  • MS Office Professional
  • Windows Server, JIRA, ServiceNow, Linux, SailPoint
  • AWS, Azure, and GCP Configuration and Support

Experience
Senior Manager, Global Information Security and Risk Management
Jan 2019 - Jan 2020
Led the global security, audit readiness team. Executed the controls self-assessment initiative and Information Security Management System (ISMS) governance and oversight. Identified, documented, assessed, and managed compliance and operational risks. Coordinated internal, external, and customer audits. Built and developed the audit readiness team.
  • 200% expansion of controls oversight realized by identifying, documenting, and implementing the appropriate controls necessary to minimize company risk to the company and pass internal, external, and customer audits.
  • Evaluated the design and execution of controls, documented, and tracked risks to closure with the risk register, and developed a strategic audit readiness program.
  • Stewarded company certification efforts encompassing ISO, PCI, HIPAA, SOC1/2, and FedRamp.
  • Responded to the need to establish a program to address the risk of the inadequate control environment by developing the audit readiness program as part of the governance, risk, and compliance department and executing 28 internal, external, and customer audits with minimal staff and resources.
Auditing Compliance HIPAA Information Security PCI Risk Management
Remove Skill
Vice President, Risk Management
Information Technology
Jan 2011 - Jan 2019

Oversaw the identity and access management (IAM) operations and program strategy. Directed 15 IAM staff. Developed and implemented operational processes and procedures while creating and maintaining policies and standards. Published key performance and compliance metrics. Championed continuous process improvement endeavors.

  • Provided governance over the identity lifecycle processes around user roles, segregation of duty rules, certification campaigns, and access controls to establish effectiveness, dependability, and efficiency.
  • Partnered and consulted with vendors and business unit to reduce risk to the firm.
  • Strengthened user access requirements by establishing the identity and access management group responsible for the oversight of internal controls for proper user access to systems and data, within the governance, risk, and compliance department.
  • Overcame a minimal budget to staff the department through insightful hiring and training of personnel by implementing initial and ongoing training programs for the staff and end users.
  • Installed a software system by evaluating vendor bids that met department needs and implementing the right application.
Project Management Risk Management Data Governance Process Improvement
Remove Skill
Legal and Risk
Information Technology
Jan 2013 - Jan 2019
Oversaw the identity and access management (IAM) operations and program strategy. Directed 15 IAM staff. Developed and implemented operational processes and procedures while creating and maintaining policies and standards. Published key performance and compliance metrics. Championed continuous process improvement endeavors.
  • Provided governance over the identity lifecycle processes around user roles, segregation of duty rules, certification campaigns, and access controls to establish effectiveness, dependability, and efficiency.
  • Partnered and consulted with vendors and business unit to reduce risk to the firm.
  • Strengthened user access requirements by establishing the identity and access management group responsible for the oversight of internal controls for proper user access to systems and data, within the governance, risk, and compliance department.
  • Overcame a minimal budget to staff the department through insightful hiring and training of personnel by implementing initial and ongoing training programs for the staff and end users.
  • Installed a software system by evaluating vendor bids that met department needs and implementing the right application.
No skills were added
Remove Skill
Senior Technology Auditor, Risk and Control Services
Jan 2006 - Jan 2010
Generated internal IT audits for Ameriprise Corporate and other business entities. Executed internal and external audit and SOX initiatives. Participated in audits and analyses of multiple business processes. Recognized risks inbuilt in technology, systems, and software. Worked with clients to improve risk containment initiatives.
  • Developed scope of work, project plans, and presentations.
  • Performed and documented reviews of service providers Type I and II SAS70s along with procedure changes for SOC1/2.
No skills were added
Remove Skill
Lead Process Analyst
Banking/Financial
Jan 2003 - Jan 2006
TTS Assurance Produced internal IT audits for Target Technology Services, Target Financial Services, and related business areas. Completed Target Technology Services-Assurance (TTSA) projects. Established positive working relationships with internal clients and external vendors.
  • Led the Visa CISP/PCI assessment project, TTSA audits of Target Bank, Target National Bank, and Target Financial Services, and TTSA projects related to privacy, OCC, FDIC, SOX, and PCI.
  • Trained and provided work direction for team members and interviewed potential hires.
  • Developed staffing plans and assisted management with department personnel planning.
  • Assisted with the SOX implementation by reviewing and following up on test work.
  • Assessed service providers Type I and II SAS70s.
No skills were added
Remove Skill
Consultant, Information Security Services
Information Technology
Jan 2000 - Jan 2003
Collaborated with Fortune 500 management teams to develop and implement IS security solutions. Participated in audits of Fortune 500 company information systems. Evaluated information security software solutions for potential client implementation.
  • Served as a trusted consultant and advisor on the Fortune 100 company security action committee, researched and evaluated new technology for Fortune listed companies, and audited the architecture and design of enterprise for SAS70 compliance.
  • Documented the overall control structure and framework for Type I SAS70s as well as the test of controls for Type II SAS70s.
Compliance Information Security
Remove Skill
Edit Skills
Non-cloudteam Skill
Education
Master's in Business Administration MBA
Amberton University
Minor: Strategic Leadership
Bachelor's in Business Management
Cardinal Stritch University
Certifications
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA)
Certified Information Systems Security Professional (CISSP)
Microsoft Certified Systems Engineer (MCSE)
International Information System Security Certification Consortium (ISC2), Member
Skills
Risk Management
2020
9
Data Governance
2019
8
Process Improvement
2019
8
Project Management
2019
8
Compliance
2020
4
Information Security
2020
4
Auditing
2020
1
HIPAA
2020
1
PCI
2020
1
Enterprise Security
0
1
IAM
0
1
JIRA
0
1
Linux
0
1
Microsoft Excel
0
1
Risk Assessment
0
1
Sailpoint
0
1
Stakeholder Engagement
0
1