Steve Weltman, CISSP's Linkedin Analytics

I lead the Security and Compliance Strategy within the CISO team of enterprise-size companies. We collaborate with all of the technical teams and enterprise leadership to strategically improve the nexus between business management and security practices management that drives uniformity, measurability, and impactful improvements across multiple platforms and solutions globally. I previously led the enterprise-wide Certification Compliance Center of Excellence (C3OE) for the GRC Team in Yahoo's #Paranoids (the InfoSec team). I primarily supported one business unit known as #Edgecast. I was their manager of IS compliance and led a team of 2 employees, 7 contractors, and 4 vendors. I also had a 'stakeholder' and influencer role in company business and technical decisions. My focus is on people first, processes second, and then technology augmentation. I previously worked as an information security architect consultant for Toyota Financial Services in Torrance, CA. My role required high technical acumen and a broad understanding of all applicable regulatory compliance requirements that affected nearly every aspect of their corporate environment on many of the projects and work streams that I guided. I steadfastly believe that I am a business enabler and provided guidance on options for creative technical solutions, not boundaries limiting progress as a stakeholder in risk-control ownership. Prior: Information Security Consultant to several mid-range companies Information Security Solution Integration Consultant Enterprise Information Security Architect consultant at Mattel Experis National Lead for Network Consulting Prior to being a direct employee of Experis, I contracted for corporate Disney in Glendale and Pasadena, CA. My role there was very high-visibility consultative network design. My role as a network solutions architect at Disney improved the business capabilities of 2 major business units (Toon Studios and Disney Stores). Specialties: Security Compliance Program Management, Security Compliance Program Implementation Vendor Risk Management Legal security contract review Enterprise Information Security Architecture IT Project Management Network Best Practices Consulting ISO 27001, CSA STAR, SOC 2 Type II, PCI-DSS, Auditing, Consulting Policy Writing, Technical Writing