Stephen D. Dake Executive Director, Information Security, Risk, and Governance Cybersecurity Operations – Engineering - Architecture - GRC Certified: CISSP, CISM | Linkedin: linkedin.com/in/stephendake/
Summary:
-
Executive Director with comprehensive experience in Cybersecurity, Operations, Engineering, and Risk.
-
Innovative, experimentally minded, and results-driven leader.
-
Trusted and authentic, excelling in team building, hiring, motivation, and mentorship.
-
Business-focused security executive contributing to marketing, growth, and program development.
-
Skilled in realignments, project oversight, and aligning security with business needs.
-
Proficient in diverse capabilities, including Linux, web and network design, program and project management, vulnerability and risk management, and security tools and controls.
-
Strong track record managing teams, budgets, and high-impact projects for Fortune 20 Companies.
-
Over 22 years of expertise in Information Security, with a focus on people and processes.
Work Experience:
Executive Director of Cyber Security, IT Risk, Compliance & Governance FROSCH International Travel (JP Morgan Chase Company) April 2022 – Present
-
Security, Compliance, and Privacy Officer for Frosch International Travel, a J.P. Morgan Chase company.
-
Building and growing cybersecurity programs and compliance post-acquisition.
-
Achieving GDPR and PCI compliance, guiding SOC2 Type2 certification.
-
Developing vendor risk management, compliance portal, red team testing, and controls assessment programs.
-
Managing integration programs for cybersecurity, compliance, and governance.
Director of Information Security and Risk Madison Gas and Electric (MGE) September 2018 - 2022
-
Directed security and risk programs for a public electric and gas utility.
-
Managed compliance and governance for IT and Operational Technology.
-
Led security and risk assessments, penetration testing, gap assessments, and awareness campaigns.
-
Directed governance, risk, and identity access management teams.
-
Ensured compliance with NERC-CIP, PCI, HIPAA, Sarbanes-Oxley, FISMA.
Owner Security Consultant Stephen Dake Consulting, LLC (d.b.a. SDCyber) 2014 - 2018
-
Provided security advisory services for startups and SMBs.
-
Conducted security control assessments, gap analysis, architecture, and vulnerability management.
-
Part-time CISO contractor for Information Systems of Maryland.
-
Guided acquisition preparation for an insurance claims technology startup.
-
Advised a private defense startup in nuclear fission tech IP protection strategies.
Senior Manager Cyber Security Engineering and Architecture American Family Insurance HQ June 2015 – August 2017
-
Directed a staff of 27, managing a budget of $15M and overseeing 50+ strategic security projects.
-
Reduced major security outages through technology upgrades and replacements.
-
Revitalized security teams through cultural initiatives, coaching, and department realignment.
-
Managed penetration assessments, risk and gap assessments, vulnerability management.
-
Oversight of security program, change management, and stakeholder engagement.
Assistant Vice President Information Security, North America QBE North America April 2014 – June 2015
-
Empowered remote and local teams in security operations, engineering, and risk.
-
Represented North America in the global security leadership team.
-
Accountable for North American security program and projects.
-
Managed PCI, HIPAA, GLBA, NIST Cyber Security Framework compliance.
Consultant Security Advisor (Contract) Dean Health Plan SSM Healthcare June 2013 – April 2014
-
Partnered with health plan for ACA State Health Exchange qualification.
-
Led security team, advised CISO and CIO on security controls.
-
Policy, procedure, contract review, governance.
-
Compliance with HIPAA, MARS-E, ACA, PCI, NIST, and COBIT frameworks.
Director Information Security Wisconsin Education Association Trust (WEA) Health Plan April 2007 – February 2013
-
Served as HIPAA Security Officer and CISO.
-
Developed and directed IT security processes, planning, and strategic oversight.
-
Optimized risk and vulnerability management through automation.
-
Hands-on experience in event and log management, penetration testing, and security engineering.
Education:
-
Certified Information Systems Security Professional (CISSP).
-
Certified Information Security Manager (CISM).
-
University of Wisconsin, Employer Business Leadership programs and workshops.
-
Over 22 years of continuous industry certifications and coursework.
-
25 years hands-on experience in Linux, security tools, web design, SMB marketing, and management.
Military:
-
E4 Specialist 11B Infantry, United States Army National Guard (January 2004 – February 2012).
-
Served as 11B Infantryman, Squad Leader for early response to Hurricane Katrina.
-
Completed Top Secret Clearance process at separation (2012) (currently inactive).
Community Leadership and Volunteer:
-
Board Member for Three Pillars Senior Living Facility, Dousman, WI (2023 - Present).
-
Elected Trustee/Board-member for the City of Cambridge, Wisconsin (2012-2014).
-
Website design, marketing, and IT management for several non-profits in Wisconsin (present).
-
Appointed member of economic improvement committee, Cambridge, Wisconsin (2015).
-
Volunteer mentor to new professionals, future leaders, and security enthusiasts (Present).
-
Memberships: ISACA, ISC2, HIPPA Collaboration of Wisconsin – Security Networking Group (Contributor), InfraGard Cyber Security Wisconsin.
-
F&AM of Wisconsin: PM, MWM, PEC, PTIM, PHP, SRICF, KYCH, 33, Grand Council, Grand Commandery.