JT Jacoby
Washington, DC
currently: Job hunting
|
Answers from JT
How would you describe your dream job in 10 words or less?
Information Technology Audit, Risk and Security Executive with extensive start-up and transformation experience across industries with emphasis in financial services. Governance, risk & compliance expertise domestic and offshore using best practice/regulatory frameworks such as COSO, HIPPA, EU Privacy, SOX, ISO, COBiT, etc. Forward looking with proven leadership abilities to meet business and regulatory requirements. Customer-focused with strong organizational-sensing and relationship-building skills.
Leadership * Strategy * Controls Assurance * Global Depth... 
Posted @ 04:16PM, October 25, 2009
by JT Jacoby | Permalink
Answer this question | See all answers for this question
|
Work history
Country Head Information Security
tags:
intrusion detection
• iso 27001
• investigations
• exceutive presentations
• it security
How would you describe your time at Fidelity Investments, LLC -...?
Designed, built, and implemented start-up information security program for Fidelity India (team of 18). Worked at two major locations supporting 5,000 employees, and 1,200 contractors in various Offshore Development Centers (ODCs). Dual reporting to Fidelity SVP/CISO in Boston, MA and Fidelity International Ltd. Head IT Security in London, UK. (stationed in Bangalore (for the US) /Delhi (for the UK), India)
??? Through innovation, drove information risk program scores from bottom quartile to top quartile: education, compliance, desktops, mobile devices, intrusion detection, application development, servers, identity management, etc.
??? Designed, implemented and led business unit???s first Information Security Board. Optimized IT governance resulting in no reportable IT audit conditions during two-year assignment.
??? Innovations and methods resulted in Fidelity-wide significant achievement award for information security program effectiveness across Fidelity India.
??? Led and managed oversight of information security and IT audit programs at all ODCs to ensure customer and regulatory compliance (1,200 personnel, Hyderabad, Mumbai & Bangalore)
??? Initiated preparation for ISO 27001 certification for FMR India which certified in November 2008; FMR India remains the sole Fidelity business unit to be ISO 27001 certified.
??? Implemented new processes for 401(k) clients to reduce provisioning time for the 1,200 person BPO Unit by 17%.
??? Attained the lowest attrition rate of all FMR India functions: 7% attrition in highly competitive talent market. Hired highly talented team of 18....
Head IT Risk
tags:
it risk
• information security
• iso 27001
How would you describe your time at Fidelity Investments, LLC D...?
Implemented and led global IT risk program for DI, the largest private equity division for Fidelity, with $8B total revenue supporting 30k people across EU, AsiaPac and the US. (matrixed team of 7). Division included 22 operating companies such as HR outsourcing, oil and natural gas, telecommunications, home building supply, transportation, hospitality, talent management, biotech, alternative fuels, etc. Dual reporting to SVP/Head of Risk and MD/CIO. (Boston, MA)
??? Transformed 540 initiative information security programs (key risk indicators) across 6 portfolio companies from low compliance to leadership position, with KRI 38% improvement.
??? Increased IT control transparency by restructuring disparate information security programs to consolidated industry framework (Fidelity/ISO 27001); coordinated with internal and external audit. Streamlined all counterparty IT risk-related issues to enhanced risk/risk-density transparency.
??? Led and strengthened Devonshire Information Security Governance Forum, demonstrating and making available corporate capabilities to measure and manage IT risks. Lead advisory services to Managing Director team.
??? Oversaw development of electronic records and Massachusetts privacy initiative CMR 17.00....
Director Corporate Information Security
tags:
policy
• cism
• internal control
• it security
• cisa
How would you describe your time at Fidelity Investments?
Managed corporate information security function (policy, governance, BU education) Reported to SVP/CISO (Boston, MA) (team of 4 direct reports)
??? Restructured program from business unit consulting services to firm-wide oversight and educational services, increasing firm-wide risk transparency. Core services to all business lines: funds management,
??? Collaborated on development of firm???s first Predictive Cyber Threat Model to drive +/ $50M Information Security spend. 90% threat accuracy since inception in 2003.
??? Implemented a 20% cost reduction by streamling new policy management processes.
??? Collaborated on start of Identity Theft Working Group responsible for delivering first (and ongoing) firm-wide ID Theft prevention strategies.
??? Led development of first vendor risk management framework ??? Fidelity xRM....
Senior Principal IT Auditor - Audit Director
tags:
tcp/ip
• internet
• it audit
• unix
• pki
• vpn
• avaya
• cisco
• sybase
• as/400
• encryption
• oracle
• vulnerability assessment
How would you describe your time at Fidelity Investments?
Developed strategy and implemented Fidelity???s first e-Business IT audit function and led individual hands-on technical practice of systems, applications and voice and network IT auditing. (across all business units ??? asset management, distribution, brokerage, capital, trading, etc.) Reported to Head, IT Audit. (team of 4 direct reports). (Boston, MA)
??? Developed and lead implementation of annual e-business audit plan firm-wide Scope audit engagements for IT or integrated audits and manage to scope, timelines and budget. Issued audit reports and lead discussions with senior management regarding internal control.
??? Led and developed a team of five direct reports in providing IT Audit and risk advisory services to executive management on critical IT control issues (operations, strategy, etc.).
??? Managed audit activities according to continuous risk assessment, control modifications and technology and business changes.
??? Designed and developed the firm???s hands on e-Business audit capability and competency center (UNIX, Windows, DR, Cisco IOS, TCP/IP, PBX, application, SDLC).
??? Using a risk based approach, conducted hands-on and supervisory technology audits to eliminate significant technology exposures including a critical vulnerability of a non-US financial network....
Auditek
January 1991 to September 1998
Vice President
tags:
firewally
• windows 2003
• pbx
• penetration testing
• hp
• solaris
• windows xp
• snmp
• client server
How would you describe your time at Auditek?
Marketed, developed, implemented, and managed global IT audit/information security consulting practice for Auditek, inc. and software development for TASC. Reported to company president for team of 12.
??? Managed practice for: IT audit, security, risk advisory, and business process re-engineering. Designed and managed development of software tools used for audit engagement management and PBX security testing. (C++). Delivered IT audit software to market.
??? Client P&L and engagement responsibility included Fortune 500 firms such as: Fidelity Investments, Charles Schwab, Merrill Lynch, General Accident, Rohm and Haas, American Express, Sony, John Deere, Ford Motor, Blue Cross/Blue Shield, Bayer, Citibank, Capital One, Nationwide Insurance, etc.
??? Designed and performed technical audit and security reviews of financial trading and electronic commerce systems, client server, firewalls, operating systems, operations, etc....
Similar People
President and CEO
Decurity
|
programmer
shortterm contract
|
Technical Manager
BlueCross BlueShi...
|
Network Technician
lexicom
|
System Test Engineer
Nortel Networks
|
Network Security ...
Myer's Internet
|
Senior System Con...
Confidential
|
|
|
|
|
