Hello, World.

I'm David A. Scovetta

Cyber Security Information Security & IT Compliance

More About Me
About

Let me introduce myself.

Profile Picture

I'm an enthusiastic San Francisco-based information security guru. I dabble in all things security-related and have recently expanded my expertise into data privacy and digital forensics.

Profile

A little more information about me...

  • Fullname: David A. Scovetta
  • Job: Cyber Security, Information Security, Audit & Compliance
  • Website: www.hiredavid.com
  • Email: [email protected]

Skills

This is a rough assessment of where I am in my career development, taking into account the skill sets I am still seeking to further develop.

  • 90%
    Security Defense
  • 85%
    Training & Awareness
  • 70%
    Security Compliance
  • 65%
    Technical Prowess
  • 75%
    Data Privacy
  • 40%
    Forensics
Resume

More of my credentials.

Work Experience

Startup

2017 - Present

Corporate IT Security Manager (current)

Responsible for development and execution of IT security strategy initiatives. Leveraging CIS Top 20 Critical Security controls to isolate high-profile security risks and design/execute security strategies to mitigate. Developing/executing corporate security training. Driving Security risk assessments across IT & Infrastructure and developing program strategies to address key risk areas and vulnerable environments.

IT Compliance Manager

Built and Managed a team of four in the development and execution of compliance strategy initiatives. Drove initial assessments of compliance/audit impact from Public Offering state. Developed and Maintained the IT components of annual SOX assessments (policy/process ownership and collection, organization, and distribution of audit material). Reduced budgetary costs by 20% by developing reliance strategies and streamlining internal/external audit processes.

Banking

2011 - 2015

Senior Information Security Analyst

Responsible for driving Security/Data Privacy and Regulatory compliance across IT programs. Developed and supported ongoing security risk reduction strategies through organizational procedural changes.

Banking

2007 - 2011

Information Security Analyst

Responsible for driving operational security for Citi North America, with a focus on managing operating system vulnerabilities across 200,000+ systems. Reduced IT risk by nearly 90% by streamlining patch management efforts and coordinating processes among system owners.


Certifications

CISSP

2011

Certified Information Systems Security Professional

GCCC

2017

Critical Security Controls Certification

GLEG

2013

Law of Data Security & Investigations

CIPP

2013

Certified Information Privacy Professional (Foundational)

GSLC

2014

Cyber Security Leadership


Security Classes & Training

SANS Institute

2017

SEC501: Enterprise Security Defender

SANS Institute

2017

SEC433: Building Cyber Security Awareness Programs

SANS Institute

2017

MGT514: IT Security Strategic Planning, Policy, and Leadership

SANS Institute

2016

SEC566: Implementing & Auditing Critical Security Controls

SANS Institute

2015

AUD507: Auditing & Monitoring Networks & Systems

SANS Institute

2014

FOR408: Windows Forensic Analysis

SANS Institute

2013

MGT512: Security Leadership Essentials For Managers

IAPP

2013

CIPP: Privacy Professional Training & Certification Class

SANS Institute

2012

LEG523: Law of Data Security & Investigations


Education

Bachelor's Degree

Graduated 2005

Syracuse University


Where to find me

San Francisco, CA
New York, NY

Email Me At

[email protected]

Call Me At

Phone: [redacted due to spam]