James D. Grisham
CISSP-ISSMP, CISM, CyRP, CTPRP
Experience Summary
20+ Years of leadership experience in Global Cybersecurity, Governance, Risk, Compliance and Strategic Trusted Advisor working with CxO’s
Domain Expertise
- Cybersecurity Executive Leadership, Governance, Compliance, Privacy and Audit
- Cybersecurity Architecture – Strategy, Cloud, IAM, Operations, Management, Investigations & Reputational Protection
- Cybersecurity Compliance – GLBA/FFIEC, PCI-DSS, NCUA, SEC/FDA, 27001 & 9001 Series, HIPAA-HITECH, FDA, SOX, FedRAMP
- Privacy – CCPA & GDPR
Accomplishments
- Global consulting and transformation of secure infrastructures across a multitude of industries
- Management, leadership and technical driver of highly complex and advanced security solutions and process reengineering
- Established global cybersecurity practices, processes, models & methods to cost effectively deliver highly secure solutions within identifiable; operational characterises, compliance requirements and cost constraints
- Assisted organizations with transitioning information security spend with ROI and value versus a cost center.
- Roles performed include: CISO, Director of Information Security and Officer, Global Manager of Information Security and Compliance, Senior Manager, & Trusted Advisor
Industry and Sectors
Banking / Financial / Insurance, Communications, M&A, Energy / Power, Pharmaceutical, Health Care, Legal, Manufacturing, Retail, Hospitality, and Government.
Previous Experience / Partners
AMD, Anixter, Amgen, Blue Shield of California, Comcast, Stanford University, Greater Bay Bank, Les Concierges, Eli Global, Liberty Group, City of Oakland, Oakland Intl Airport, Carnival Cruise Lines, Grant Thornton, Schneider Electric
Notables
- Graduate of Carnegie Mellon University – Heinz College CISO Executive Certificate, Cybersecurity Risk Management 2019
- Appreciation of Service – Robert Half Technology 2014
Illustrative Projects
- Designed, implemented, and managed a new Information Security Program for a Global Mergers and Acquisitions Firm.
- New acquisitions were vetted through a full assessment process prior to on-boarding using industry standards.
- Minimized acquisition risk based on assessment methodology and remediation processes.
- Managed a Union Organization major breach with forensics and remediation
- Identified system and individual responsible for breach and loss of $300K in revenue.
- Conducted investigation, recovered funds, and provided remediation to minimize future occurrences.
- Designed, implemented and managed a new Information Security Program for a Hospitality company.
- Organization passed PCI compliance and customer audits.
- Based on comprehensive strategy and implementation, won client contract worth 40 million in revenue.
