Richard Balducci

Position Objective

To secure an executive leadership position that will be responsible for protecting IT resources and information assets by: (i) Ensuring strategic alignment of information security in support of business objectives; (ii) Ensuring availability , confidentiality, integrity, audit ability of information systems; (iii) Ensuring continued availability of information systems; (iv) Ensuring reduction of adverse impacts on business operations to an acceptable level; (v) ensuring conformity of applicable laws, regulations and standards; (vi) preventing non repudiation of computer based activities.

Experience

AIG, Fort Worth, TX 2006 - presentAVP IT Security

Relocated to Fort Worth to be the senior IT security leadership in what is now the premier and flagship data center for AIG.

Managed nearly all aspects of IT security along with security teams in Houston and Fort Worth and team members throughout the globe.

Global IT Security Senior Leader. Established recurring collaborative meetings with various IT infrastructure senior leaders and IT security

leaders in various regions across the globe (Americas, EMEA, APAC, Japan). These meetings allow IT Security and our AIG colleagues to be aligned and well informed and to allow the

region and business to be aware of current IT Security risks, goals, objectives, etc. This has produced a true partnership with the business resulting in the enablement of business with a risk

reduction.

Global Threat and Vulnerability Management (TVM). Led a complete redesigned the entire TVM process and within 6 months was successful in driving

remediation of hundreds of critical vulnerabilities. Created a process to review all newly announced vulnerabilities and calculated a customized severity rating

based on the industry standard CVSS scoring calculator. For the first time, AIG is now informed of vulnerabilities within 24 hours of being announced allowing remediation of the most critical vulnerabilities to begin immediately.

Built out a process to stand up a Vulnerability War Room to handle the most critical vulnerabilities with zero-day exploits. This Vulnerability War Room allowed for the systematic global remediation in the fastest most efficient way to reduce the risk. This process was instrumental in the successful global remediation of ShellShock and HTTP.sys vulnerabilities within 72 hours on externally facing infrastructures. This was the first time AIG was able to achieve remediation with this speed (previously it took weeks).

Infrastructure Penetration Testing. Built out the capability to perform annual penetration testing against the entire externally facing AIG

infrastructure and internally selected critical infrastructure. Lead the global remediation of findings resulting from the penetration testing. Built out internal capabilities to perform small targeted penetration tests throughout the year in addition to

the large scale global pen test.

Global deployment of Network DLP Prevent. Global program to deploy Network DLP Prevent and begin blocking sensitive data moving outside the AIG

infrastructure.

This was the first time AIG was able to block email and web traffic that is leaving the network Allows for the ability to view encrypted sessions (HTTPS and TLS). Collaborated with the Chief Privacy Officer, various regional Privacy Officers, and regional Compliance

Officers to deploy this technology and secure the regional regulatory approvals such as the EU Works Council.

Cyber War Games. A function normally performed within the military and government was spearheaded and brought to the

private sector. Built out the internal capability within AIG. Led the team to successfully design and conducted 3-4 major cyber war games annually. Designed and built a custom Fraud based scenario for the CAO (second in command under the CEO) with

a business unit in China.

Wireless Intrusion Prevention. Presented and sold the business case to secure funding for protecting the Firm from the wireless security

risks. Led a global implementation team with team members in US, EMEA, APAC, and Japan. Successfully deployed over 3,000 devices in over 1,400 physical locations across the globe. Program completion was successfully performed on time and under budget.

Server Host Firewall Designed and built out a secure network segmentation using the TrendMicro host based firewall. Deployed on over 23,000 servers. Increased the security of our assets despite being a flat network.

Head of IT Security on Divestitures. Headed up IT Security on the largest most complicated divestitures for AIG.

o ALICO divestiture to MetLife, o Star and Edison divestiture to Prudential, and o AI Credit to various buyers.

These divestitures accounted for over $30 Billion in revenue from these sales. Reviewed the business, data, processes, and infrastructure for the divesting business unit. Identified and managed the separation of processes, data, and infrastructure. Designed the method of separation of the infrastructure during Day 0 (initial announcement of the buyer),

Day 1 (closing of the deal, separation, and transitional support), and Day 2 (final separation). The third and final deal was originally scheduled to take 18 months, but with government pressure, this was

accelerated to be accomplished within 6 months. With my experience and leadership, we were able to accomplish this in record time and were successful in separating on time. This also was accomplished in Japan which required a lot of long hours and travel.

Vulnerability Assessments. Replaced the old Symantec Enterprise Security Manager with BMC BladeLogic. Redesigned the security settings process to now use the CIS for the baseline. Established new processes that formalize the template design that servers are being audited for. Expanded the assessments from Server OS to applications (IIS, Apache, WebSphere, Oracle, MS SQL,

etc.)

A true leader of people Designed and ran multiple, cross organization, team functions and team building exercises to promote the

team concept. These team building exercises were done as a personal initiative and received lots of benefits and positive

feedback in promoting a true team spirit. Taught leadership outside of the company. This has allowed me to become a coach and mentor of many

individuals inside and outside of my organization.

AIG, Houston, TX 2002 - 2006Manager IT Security

Responsible for managing a team of security engineers and senior analysts in securing the AIG infrastructure.

Initially responsible for integration of the acquired American General security into the new AIG security controls.

Led the development and formalization of several IT Security processes and standards that were not initially documented at AIG.

Responsible for security configuration management. Deployed and managed the Symantec ESM product on over 13,000 servers. Developed the configuration template to audit all the servers for security compliance. Worked closely with IT senior leadership to remediate servers to become compliant.

Host IPS Responsible for Host Intrusion Prevention on all the AIG IT managed servers. Deployed and managed Symtantec’s Intruder alert on only critical servers. Developed and managed the rules to be used to alert on security events. Responsible for the selection of the replacement of Symantec ITA with a new product. Evaluated several of the market leaders and selected IBM ISS. Responsible for replacing all of the existing ITA instances, plus moved to having this Host IPS installed on

over 13,000 servers.

Security Reviews Responsible for the security reviews and external connectivity and firewall requests. Reviewed AIG IT projects to ensure they were done in a secure fashion. Embedded within the project process to address security early on. Responsible for reviewing and approving all firewall rule requests prior to being implemented.

Network DLP Responsible for deploying and managing the network DLP (Vontu Monitor) in AIG. Reviewed several of the industry leaders in this space and was responsible in selecting the product to be

used in AIG. Deployed Vontu Monitor in the Houston, Woodland Hills, Livingston, and Fort Worth Data Centers. Designed the policies on what to protect and formalized a process to manage the infrastructure and incident

management. Worked with various business and corporate Compliance and Privacy officers to develop new policies and

what data to detect and alert on.

Incident Response Responsible for developing the Incident Response framework for AIG. Prior to this, there was no formal

program in place. Build the corporate standard and framework that included checklists, forms, evidence handling, reporting,

communication, and documenting. Designed and developed the Archer Incident Management application that is currently still being used

today.

IT Forensics Responsible for security investigations and forensics using Encase Enterprise. Single handedly investigated hundreds of incidents and security events including a case that was found to

be criminal. Worked with local law enforcement and provided evidence used to prosecute and punish (prison) the person responsible.

SPECIAL PROJECT: In the mid-2000’s, AIG was in the business to provide hosting services to the market. AIG secured the business of Stanley Tools and needed to build out their IT infrastructure and transition it from its current hosting provider. After 2 months of attempts to contract resources to build out this infrastructure, IT senior leadership requesting my experience and leadership to build it out within the 2 weeks that remain to have a working infrastructure. I accepted this challenge and flew up to Livingston, NJ that day to take on this project. Within 4 days I redesigned, installed, and configured the entire infrastructure and handed over to IT senior leaders a working infrastructure for their client. Interviewed and help hire the expertise to be able to administer and manage this environment. My efforts singlehandedly saved the contract and earned millions of dollars to AIG.

American General Financial Group, Houston, TX 1999 – 2001Senior Engineer, AGFG Internet DepartmentInternet Security Manager, American General Enterprise Security Team

Architect, implement and maintain Internet Infrastructure that consists of Firewalls, DMZ networks, private backend network for communications between the Internet application server and the backend databases, DNS Servers for external resolution, DNS Servers for internal resolution, Netscape Proxy Servers, Cache Flow servers, RSA’s ACE servers for two-factor authentication, Internet application servers for E-Business Applications.

Implemented and maintain a secured environment using a combination of firewalls, network security scanners, host based scanners, security policies and procedures, 3rd party security reviews semi-annually, penetration tests and log reviews.

Liaison between business units and developers to provide guidance in development issues and direction with E-Business applications. Implemented E-Business applications, including the web server, Java application server and backend database server.

QIV Systems, Inc. 1996 – 1999System Engineer

Designed, installed and maintained Firewalls and Inter/Intranet infrastructures.

Provide AIX support and systems integration on all RS/6000 and IBM SP Systems, including installation, re-installation and/or contingency recovery of AIX.

Responsible for all AIX upgrades and system tuning integration, including installation and tuning of support packages and 3rd party software.

Networking design, integration, installation, troubleshooting, and maintenance on all popular network operating system platforms to include Netware, Windows NT and Unix.

United States Air Force, 1986- 1996Communications Computer Technical Evaluator (1995-1996)

Responsible for technical analysis of computer automation requirements. Converted business oriented requirements into engineering solutions to procure computer equipment. Engineering configurations required knowledge of current computer processing and communication technology, specific vendor products for this technology and contracting techniques for equipment procurement.

Acquisitions Manager (1994-1995)

Process all necessary paperwork and documentation, review technical evaluation and compile a list of potential vendors for communication and computer acquisitions in excess of $28 million annually. Designed and maintained a database to track all acquisition orders.

Resource Manager (1992-1993)

Responsible for all Headquarters Air Force Intelligence Command’s communication computer systems, including databases tracking of existing computer systems, new asset arrivals and proper disposal of obsolete equipment. Managed a $12 million computer warehouse, which stored the new and obsolete communications systems.

IT Computer & Communications (1986-1991)

Responsible for running Top Secret SCI Communications facilities starting as an operator and moving into various levels of management including NCOIC (Non-Commissioned Officer In Charge) of the communications facility in the First Gulf War in Riyadh Saudi Arabia.

Software

Qualys & Nessus Security Scanners, Symantec Network Data Loss Prevention (DLP), Metasploit, NMAP, Air Defense Wireless Intrusion Prevention, Symantec Enterprise Security Manager, IBM ISS Intrusion Prevention, Symantec Intruder Alert, Retina Vulnerability Scanner, Tripwire, AIX, Solaris, Linux, IBM Websphere, Oracle, Internet Application Server, Tomcat, Apache, TCP/IP Networking, Checkpoint Firewall, IBM Firewall, Windows 3.1 – Windows 2012, Novell Netware, Visio, Photoshop

Education

SANS SEC560: Network Penetration Testing and Ethical HackingSANS SEC617: Wireless Ethical Hacking, Penetration Testing, and DefensesSANS SEC504: Hacker Tools, Techniques, Exploits & Incident HandlingSANS SEC401: Security Essentials BootcampDale Carnegie Win Friends and Influence PeopleDale Carnegie Leadership Training for ManagersITIL Foundation TrainingProject Manager TrainingCISSP training and certification received in 2003Associates equivalent Degree- EngineeringAIX/6000 Basic System Administration, Advanced System Administration, Problem Determination, Performance Tuning, and TCP/IP Switched NetworksIBM SP/2 Installation and Planning, Problem Determination, and Performance TuningCheckpoint FirewallIBM Firewall

Certifications

ITIL Foundation CertificationAIX Certified Specialist – Systems AdministrationAIX Support CertificationAIX Communications and TCP/IP CertificationIBM Firewall CertificationCheckpoint Firewall Certified Engineer

Miscellaneous: A leader in Boy Scouts. Has held several leadership roles in BSA including Chairman of several Cub Scout pack. Built one pack from scratch to over 80 members in 3 years. Took control of another failing pack and grew it from a reducing number of 25 to well over 100 members. Currently an Assistant Scout Master for a large growing troop. I have volunteered and staffed 6 separate week long resident leadership courses. I have taken this knowledge of leadership and applied that in my professional career. This has allowed me to be a great leader of my current organization, but I have coached and mentored many outside of my organization.