Stephen D. Dake
Executive Director, Information Security, Risk, and Governance Cybersecurity Operations – Engineering - Architecture - GRC Certified: CISSP, CISM | Linkedin: linkedin.com/in/stephendake/

Summary:

  • Executive Director with comprehensive experience in Cybersecurity, Operations, Engineering, and Risk.

  • Innovative, experimentally minded, and results-driven leader.

  • Trusted and authentic, excelling in team building, hiring, motivation, and mentorship.

  • Business-focused security executive contributing to marketing, growth, and program development.

  • Skilled in realignments, project oversight, and aligning security with business needs.

  • Proficient in diverse capabilities, including Linux, web and network design, program and project management, vulnerability and risk management, and security tools and controls.

  • Strong track record managing teams, budgets, and high-impact projects for Fortune 20 Companies.

  • Over 22 years of expertise in Information Security, with a focus on people and processes.

Work Experience:

Executive Director of Cyber Security, IT Risk, Compliance & Governance FROSCH International Travel (JP Morgan Chase Company) April 2022 – Present

  • Security, Compliance, and Privacy Officer for Frosch International Travel, a J.P. Morgan Chase company.

  • Building and growing cybersecurity programs and compliance post-acquisition.

  • Achieving GDPR and PCI compliance, guiding SOC2 Type2 certification.

  • Developing vendor risk management, compliance portal, red team testing, and controls assessment programs.

  • Managing integration programs for cybersecurity, compliance, and governance.

Director of Information Security and Risk Madison Gas and Electric (MGE) September 2018 - 2022

  • Directed security and risk programs for a public electric and gas utility.

  • Managed compliance and governance for IT and Operational Technology.

  • Led security and risk assessments, penetration testing, gap assessments, and awareness campaigns.

  • Directed governance, risk, and identity access management teams.

  • Ensured compliance with NERC-CIP, PCI, HIPAA, Sarbanes-Oxley, FISMA.

Owner Security Consultant Stephen Dake Consulting, LLC (d.b.a. SDCyber) 2014 - 2018

  • Provided security advisory services for startups and SMBs.

  • Conducted security control assessments, gap analysis, architecture, and vulnerability management.

  • Part-time CISO contractor for Information Systems of Maryland.

  • Guided acquisition preparation for an insurance claims technology startup.

  • Advised a private defense startup in nuclear fission tech IP protection strategies.

Senior Manager Cyber Security Engineering and Architecture American Family Insurance HQ June 2015 – August 2017

  • Directed a staff of 27, managing a budget of $15M and overseeing 50+ strategic security projects.

  • Reduced major security outages through technology upgrades and replacements.

  • Revitalized security teams through cultural initiatives, coaching, and department realignment.

  • Managed penetration assessments, risk and gap assessments, vulnerability management.

  • Oversight of security program, change management, and stakeholder engagement.

Assistant Vice President Information Security, North America QBE North America April 2014 – June 2015

  • Empowered remote and local teams in security operations, engineering, and risk.

  • Represented North America in the global security leadership team.

  • Accountable for North American security program and projects.

  • Managed PCI, HIPAA, GLBA, NIST Cyber Security Framework compliance.

Consultant Security Advisor (Contract) Dean Health Plan SSM Healthcare June 2013 – April 2014

  • Partnered with health plan for ACA State Health Exchange qualification.

  • Led security team, advised CISO and CIO on security controls.

  • Policy, procedure, contract review, governance.

  • Compliance with HIPAA, MARS-E, ACA, PCI, NIST, and COBIT frameworks.

Director Information Security Wisconsin Education Association Trust (WEA) Health Plan April 2007 – February 2013

  • Served as HIPAA Security Officer and CISO.

  • Developed and directed IT security processes, planning, and strategic oversight.

  • Optimized risk and vulnerability management through automation.

  • Hands-on experience in event and log management, penetration testing, and security engineering.

Education:

  • Certified Information Systems Security Professional (CISSP).

  • Certified Information Security Manager (CISM).

  • University of Wisconsin, Employer Business Leadership programs and workshops.

  • Over 22 years of continuous industry certifications and coursework.

  • 25 years hands-on experience in Linux, security tools, web design, SMB marketing, and management.

Military:

  • E4 Specialist 11B Infantry, United States Army National Guard (January 2004 – February 2012).

  • Served as 11B Infantryman, Squad Leader for early response to Hurricane Katrina.

  • Completed Top Secret Clearance process at separation (2012) (currently inactive).

Community Leadership and Volunteer:

  • Board Member for Three Pillars Senior Living Facility, Dousman, WI (2023 - Present).

  • Elected Trustee/Board-member for the City of Cambridge, Wisconsin (2012-2014).

  • Website design, marketing, and IT management for several non-profits in Wisconsin (present).

  • Appointed member of economic improvement committee, Cambridge, Wisconsin (2015).

  • Volunteer mentor to new professionals, future leaders, and security enthusiasts (Present).

  • Memberships: ISACA, ISC2, HIPPA Collaboration of Wisconsin – Security Networking Group (Contributor), InfraGard Cyber Security Wisconsin.

  • F&AM of Wisconsin: PM, MWM, PEC, PTIM, PHP, SRICF, KYCH, 33, Grand Council, Grand Commandery.