To create an environment where data and personal information can be easily managed while remaining secure and private—no matter the system/application or where it resides or traverses around the world.
Mary Ballard
Qualifications for Executive / Senior-Level Management
PROFILE
Accomplished, results-oriented professional with extensive experience in creating and managing corporate-wide information technology, security, compliance, assurance, and risk management programs as well as having implemented theses initiatives across global organizations. Possesses a proven track record of consistently establishing cost-saving initiatives and displays a firm grasp of all aspects of asset management and protection, including physical security, audit and compliance, and network/information (data)/IT security. Adept at utilizing broad based skills to enable easy collaboration among varying facets, thus, creating more operationally efficient, secure, and synergistic organizations. Remains abreast of changing trends to effectively assess various environments and maintain competitive advantages. Utilizes strong leadership skills to guide and motivate teams toward achieving and exceeding goals as well as maintaining client/customer satisfaction. Forms professional relationships with business unit leaders, government officials, and professional organizations around the world. Additional areas of expertise include:
Systems Design/Implementation, Operations Management, Quality Assurance
Project Planning & Management, IT Development & Reengineering, Continuity Management
Business Process Reengineering, Negotiations, Background/Due Diligence Investigations
Disaster Recovery, Best Practice Policy/Procedure Development, Infrastructure Enhancement
Lifecycle Development, Strategic Planning & Direction, Business Continuity, ISO Standards
Emergency Response Management, E-Commerce, Process Improvement, Data Protection
Business/Counter Intelligence, Investigative/Forensic Services, Global Alliances
Incident Response Planning & Management (CERT/NOC), Incident Response Planning & Management
SOX/GLBA/FISMA/SAS70/HIPAA/PCI Compliance, COBIT/ITIL Implementation, SAP Rollout & Enhancement
SELECTED HIGHLIGHTS
* Directed the planning and implementation of business process and technical
controls specifically designed to mitigate the risk to critical business
functions related to security breaches, weak business practices, and
disasters - this resulted in a 72% reduction in data loss, compromise, or
unauthorized access within the first year with estimated annual
savings of $2M.
* Lowered data theft/breach by approximately 85% (without additional costs
to the organization) by investigating and analyzing root causes and patterns
and implementing corrective action.
* Introduced a streamlined IT governance process and established a Project
Management Office (PMO) that reduced project costs by $7.6M through improved
budget control and by prioritizing unjustified and unreported projects.
* Created Business Impact Analysis & Risk Assessments that provided a
standardized methodology by which business critical functions, personnel,
vendors, and other dependencies were captured - this ensured a standardized
foundation on which evaluations and responses were built and resulted in a
38% reduction in audit findings.
* Implemented Business Continuity Plans (BCP), Emergency Response Plans (ERP),
and Disaster Recovery Plans (DRP) for a global organization with gross
annual revenues in excess of $2.26B; successfully prepared 100% of the major
critical businesses in the United Kingdom and enabled 95% preparedness for
organizations in the United States and 75% preparedness for organizations
throughout the rest of the world.
* Assisted in launching attachment blocking, spam filtering, and inappropriate
content filtering initiatives, which reduced inbound e-mail traffic by more
than 60% and neutralized 50% of all virus attacks.
* Established and managed a global, world class Cyber Security Incident Response
Program (CSIRP) to include the integration of virus response, alert management,
network vulnerability assessment, and forensics/investigations for incident
management.
* Established cost savings analysis and improvement solutions for Analog
Devices, which decreased data communications costs by 65% within the first
year of implementation, resulting in over $1M in savings.
CAREER TRACK
INFORMA PLC (London, UK)
Chief Security Officer & Director of Technology Risk Management 2005 to 2008
Directed the planning and implementation of controls designed to mitigate the
risk of loss of critical business functions related to security breaches and
disasters. Audited existing systems and directed the administration of
disaster recovery, business continuity, emergency response and security
policies, activities, and standards. Identified and analyzed security-related
risks to the organization. Provided development guidance and assistance in
the identification, implementation, and maintenance of information privacy
and compliance policies and procedures in coordination with management,
administration, and legal counsel. Administered and controlled a $2M capital
and expense budget.
* Created, implemented, and managed emergency response, business continuity,
and disaster recovery strategies.
* Identified gaps in risk posture by creating and conducting a Gap Analysis.
* Developed and successfully implemented a global corporate security program,
which strengthened the security of the global enterprise without incurring
additional costs to the corporation.
* Led efforts toward the retention of 10 key client accounts representing $1B
in gross annual revenue and the attainment of 50 new client accounts with
projected revenue earnings in excess of $750M.
* Developed an organization-wide security awareness program utilizing various
marketing channels, including e-mail, posters, web pages, and notice boards.
* Successfully introduced controls to ensure that processes and systems were in
compliance with legal and regulatory requirements for cross-border data
protection.
* Effectively managed the adoption of Corporate Information Security (CIS)
Standards in alignment with the International Organization for
Standardization (ISO 17799) and British Standard (BS 7799).
* Developed and managed the first IT governance committee.
* Developed and managed multi-year process enabling roadmaps to ensure compliance
and process improvement of global, cross-functional operations.
* Determined the probability of security-related incidents and developed
appropriate preventive strategies consistent with sound business judgment
and internal controls.
* Introduced a Convergent Security methodology, which focused on the
identification of security risks.
* Created a more responsive process for reporting security incidents while
ensuring security incidents and related ethical issues were investigated
and resolved without further disruption to operations.
* Implemented Lifecycle Development and Change Management methodologies
reducing operational failures by 45%.
and resolved without further disruption to operations.
* Established and managed centralized global Project Management Office (PMO)
based on best practice project management and project team development
and training.
STATE STREET CORPORATION (Quincy, MA)
Vice President, Corporate Information Security 1999 to 2005
Developed and managed key global information security initiatives for a $3B
worldwide corporation providing investment management services. Oversaw key
information security initiatives, including cyber intrusion, vulnerability
assessment, risk analysis, management reporting, regulation requirements,
Internet technologies, incident response, TQM process improvement, and
standards revisions. Facilitated analysis and concept testing of emerging
technological security products for integration. Negotiated vendor
partnerships and contracts.
* Created the first Corporate Information Security program and pro-actively
crafted key elements to meet client requirements and projected government
regulations.
* Restructured and revised information security standards and processes to
incorporate new Regulatory Compliance requirements, which reduced audit
findings.
* Designed and implemented training and awareness programs that increased
organizational knowledge of critical information security issues.
* Automated processes for reporting termination of employees, utilizing
PeopleSoft enterprise applications, which decreased overpay and
regulatory fines.
* Managed a cross-functional team that successfully implemented and rolled
out a self-service password reset utility, which ensured inter-operability
and compatibility with key systems and global sites.
* Initiated and maintained metrics for management reporting of security patches.
ANALOG DEVICES (Norwood, MA)
Program Manager for Corporate Information Systems 1997 to 1999
Managed corporate initiatives and data communications for 65 sites worldwide
within a $772M company that provided high performance integrated circuits.
Oversaw tactical analysis, process development, trend reporting, and system
support of WAN/LAN networks and Internet services. Maintained operational
security of the global network. Gathered, analyzed, and rated vendor costs
and service levels to facilitate negotiations of worldwide contracts.
* Initiated and developed metric analysis tools to enhance trend analysis
and solution processes, which led toward a global network availability
of 99.5%.
* Saved the company over $2.5M by negotiating a 5-year contract with a major
Frame Relay Provider, including penalties for lack of service and
cancellation clause.
* Developed and managed the corporate chargeback structure, allowing zero
cost-base for corporate groups by ensuring assignments and dissemination
of costs throughout the organization.
* Spearheaded analysis, test support, and definitions of interoperability
issues associated with Y2K compliance, ensuring that there were no
interruptions or downtime during the new millennium rollover.
* Implemented TQM methodologies that resulted in a cost savings of $100K
within the first year, and consolidated Network Management and Enterprise
Solutions Groups, resulting in a 10% decrease of operational costs.
EXHIBITS BY DESIGN INC. (Merrimack, NH)
Corporate Sales & Marketing Director 1996 to 1997
Directed a professional team in the development of integrated marketing
programs within an organization specializing in event management and
marketing promotions. Managed the distribution of direct mailings and
promotional items. Monitored the sales team and brokers during the
duration of projects. Developed geographic/territory analysis. Generated
periodic management reports for tracking analysis. Oversaw budgets up to $5M.
* Developed relationships with potential customers; added 35 accounts and
produced $5M within one year (10% increase in gross profit).
* Established motivational programs that cut the sales executive turnover
rate by 50%.
* Instituted customer focus programs and critical problem resolution
processes, which led to the retainment of 10% of the customers.
MS. CARITA INC. (San Jose, CA)
Marketing Director of Corporate Accounts & Human Resource Director 1994 to 1996
Managed corporate marketing initiatives for a $30M leading provider of
label and graphics solutions. Oversaw benchmark planning, growth analysis,
research/design, marketing strategies, departmental budgets, and new
product developments. Trained, developed, and counseled staff members.
Established Marcom strategies and implementation processes for corporate
accounts. Deployed tracking mechanisms for expenditures.
* Initiated Hoshin management and Check-Act-Plan-Do (CAPD) processes,
which effectively improved organizational integration.
* Introduced new HR policies and benefit programs that reduced turnover
rates to less than 2% annually.
* Led the development and production of Marcom collateral for 100 clients,
providing oversight of on-sight installation of graphics and ad-hoc
production for Fall COMDEX 1995, which had zero defects, and high
levels of customer satisfaction.
CREDENTIALS
Master of Science in Management (MSM), Eastern Nazarene College
Bachelor of Arts in Management (BAM), Eastern Nazarene College
Member of the Project Management Institute (PMI); ASIS International, and ISACA
Certified Information Security Manager (CISM)
Certified Project Management Professional (PMP)
KEYWORDS
strategic/tactical planning, market development, P&L management,
crisis management, contract negotiations, quality control, customer relations,
vendor relations, labor relations, systems reengineering, statistical
process control, decision making, analysis, budget control,
staff training/development, forecasting, operations management,
business development, organizational leadership, team building,
insurance analysis, financial impact, program development, loss control,
workersà compensation, group life, operational and risk reporting,
loss prevention, credit exposure, performance-based culture, negotiations,
change management, lifecycle development, reengineering
NukeJobs is a nuclear jobs board that provides nuclear job seekers access to international directories of Nuclear Employers, Nuclear Resumes and Nuclear Jobs such as Nuclear Engineer Jobs, Nuclear Construction Jobs, Nuclear Power Plant Jobs, Nuclear Medicine Jobs, Nuclear Pharmacy Jobs, Nuclear Security Jobs, Nuclear Physics Jobs, Nuclear Reactor Jobs, Nuclear Material Jobs, Nuclear Safety Jobs, and Nuclear Waste Jobs.