Arm

Senior security leader responsible for driving the creation of the Enterprise Security Governance, Risk, and Compliance function at Arm. Scope of role includes: Policies and Standards, Vulnerability Management, Penetration Testing, Risk Management, Capability Assessment, Dotted line Management of Satellite Security Functions, Training and Awareness, Program Portfolio Management, Compliance (SOC 2, ISO 27K, NIST, CMMC, CFIUS, MSSR, OSP), Incident Remediation, Security Liaison for Major Program Implementations, and M&A security activities. Sample of key measurable results have included reducing phish prone percentage by 50%; reducing vulnerability management scores to Low; security risk becoming part of other business areas' risk registers; implementing ISO and NIST based policies and standards; reducing security risk through identification and remediation of systemic issues and building collaborative tiger teams to address problems.