FREDERICK W. SCHOLL
9467 Smithson Lane ¢ Brentwood, TN 37027
Phone: (615) 739-1039
CHIEF INFORMATION SECURITY OFFICER / CHIEF INFORMATION RISK OFFICER
Instrumental in generating $98 million in revenue and $1 million in savings during career.
Received 13 US Patents regarding network technology and fiber optics ¢ Wrote 100+ publications ¢ Delivered presentations on information security, privacy, data forensics, applications performance, and data communications.
IS Compliance Expert¦ Thought Leader¦ Expert Witness¦ Network Industry Leader¦ Public Speaker.
Highly accomplished GLOBAL SENIOR INFORMATION SECURITY RISK MANAGER providing extensive results in the automotive manufacturing, IT manufacturing, and information technology services industries. Conducted business in France, Germany, Italy, England, Japan, Taiwan, Argentina, Mexico, Panama and Korea. Currently engaged in a multi-cultural business environment and collaborate with colleagues in Japan, France, and Mexico.
Expertise includes information security program leadership, information security program management, information security compliance programs, IS security and control strategies, security product and service evaluations, IS security best practices, security and control frameworks, IS Risk Management and security business case analysis. Delivered impressive results in program start-ups and turnarounds, multi-million dollar program launch and management, IS talent recruitment and management, crisis management, and creative problem solving.
Executive career achievements include co-founding two extremely successful high tech start-up companies, executing an IPO initiative, serving as Board of Directors Member of public company for 11 years, and managing a security program for a Fortune 50 global firm. Cultivate rich business relationships with C-level executives, including CIO, CFO, VP of Corporate Communications, General Counsel, and business leaders. Formed Incident Response Teams, and worked with external forensic service companies. Selected Career Highlights:
¢ Established an IS security team and JSOX compliance program; grew it to 20 staff members; managed a $7M budget.
¢ Recruited and directed a cross-disciplined Security Team to remediate audit findings and save company $1 million in audit fees in less than 1 year.
¢ Leveraged expertise and reputation to serve as a Technical Expert Witness during IS litigation; helped clients recover more than $80 million (Intel, Cablevision, Barnes & Noble, EDS, and other companies).
¢ Co-founded a pioneering fiber optic start-up company, and was instrumental in leading the way to global adoption of fiber optic enterprise network systems.
IS Department Management ¢ IS Best Practices ¢ IS Policies, Standards and Guidelines ¢ IS Team Building and Management ¢ IS Program Development and Management ¢ Operational Procedures and Metrics ¢ Technology Risk Assessment ¢ IT Technology Trends and Developments ¢ Data, Network, Business Systems, Applications, and Infrastructure Asset Management
Compliance and Audit Compliance Management ¢ SOX ¢ JSOX ¢Regulatory and Data Protection Requirements ¢ Information Security Training ¢ IS Program Requirements Gathering ¢ Security and Privacy Requirements Analysis ¢ Hacking Team Relationships & Management ¢ CIRT Team Management ¢ Project Management ¢ Security Risk Assessments ¢ Intrusion Detection ¢ Remote Data Access Policies ¢ Security Product and Services Evaluations/Adoption ¢ Corporate Security Initiatives Identification ¢ Security and Control Frameworks (ISO 27001/2, CobIT, COSO, ITIL) ¢ Threat and Vulnerability Management ¢ Anomalous Events and Remedial Actions ¢ Technical and Non-Technical Stakeholder Communications ¢ C-Level Relationships and Collaboration ¢ Customer Collaboration
INFORMATION SECURITY CAREER PATH
NISSAN AMERICAS “ Nashville, TN 2006 to 2008
SENIOR MANAGER, IS SECURITY AND CONTROL
Hired to establish the facility's first Enterprise Security Program, eliminate IS problems stemming from an audit, and create best practices to resolve critical security issues. Direct a 6-person IS Security and Compliance Team in charge of safeguarding IS assets including 19,000+ PCs for an organization that designs, manufactures, sells, and finances over 1.5 million automobiles each year across the US, Mexico, and Canada.
Primary activities include IS audit compliance (JSOX), regional information security policies, information security program management, security vendor outsourcing, automated security control acquisition and implementation, security management dashboard development, and end-user security training programs. Direct a Security Working Group, and participate in a global Renault-Nissan Security Alliance Program.
¢ Piloted an enterprise-wide security event monitoring technology initiative which will ensure tight security controls and allow Nissan to use affordable outsourced vendors while meeting security needs.
¢ Created and led a new security awareness program which has already been completed by 4,000 staff members. Cutting-edge e-learning solution was developed by NNA, is being adopted by Nissan Europe, and is currently being evaluated by Nissan Mexico and Japan organizations.
¢ Teamed with counterparts in Japan to develop a Global Information Security Policy. Spearheaded the architecture of a regional security policy which decreased local policies from 4 to 1.
¢ Designed an application security development practice that was integrated into Nissan SDLC. Effort will accelerate security improvements for new business applications and decrease rework costs for security controls.
¢ Influenced external outsourced vendor to more than double security staff members with no additional costs to the company.
MONARCH INFORMATION NETWORKS, INC. “ New York, NY 1991 to present
Founded and led all aspects of a successful technology firm that provided diversified services to leading companies such as Merrill Lynch, Dow Jones, JP Morgan Chase, McGraw-Hill, United Technologies, Salomon Smith Barney and others.
Chief activities involved security policy development, business case analysis, Internet performance evaluations, secure application architecture due diligence and development, website performance evaluations, distributed application performance and reliability investigations, LAN/WAN design and expert witness services.
¢ Worked with a major cable ISP company to evaluate their Internet backbone performance and document all performance failures. Efforts were catalyst in helping client successfully end a $100 million contract with the Internet provider.
¢ Documented $80 million in unauthorized use of a major outsource vendor network by the client's employees. Collaborated with vendor to secure a new contract and payment for documented usage.
¢ Designed an application and global network for a leading New York City law firm. Technology project enabled law firm to lower network costs and meet the technology needs of busy attorneys.
¢ Hired by a leading business publication organization, and tested and evaluated website performance issues. Leveraged expertise to eradicate all customer complaints when their internal IT staff had failed to achieve goals.
¢ Established network forensics services to support companies engaged in major civil litigation issues.
CODENOLL TECHNOLOGY CORPORATION “ Yonkers, NY 1980 to 1991
SENIOR VICE PRESIDENT, CHIEF TECHNOLOGY OFFICER, BOARD MEMBER, CO-FOUNDER
¢ Invented and patented fiber optic data communications products that triggered $12+ million in global sales.
¢ Founded Engineering and Manufacturing Departments and grew to 75 professionals.
¢ Developed the first high speed plastic fiber optic network that is now integrated into automotive, industrial, consumer, and medical applications.
¢ Led an International Fiber Optic Data Communications Standards Committee, incorporated company products to manage global intra-building communication systems.
¢ Authored Fiber Optic LAN Handbook that was highly regarded as an industry standard.
¢ Company was ranked as an Inc. 100 company and was featured in New York Times and Business Week.
¢ Instrumental in raising $5 million to support an IPO event (company was listed on NASDAQ).
EDUCATION & CERTIFICATION
Ph.D., Electrical Engineering
Bachelor of Science, Electrical Engineering
Cornell University, Ithaca, NY
Internet Law Program, Harvard University, Cambridge, MA
CISSP, CISM, CHP (Certified HIPAA Professional), ITIL V3 Foundations
CURRENT MEMBERSHIP / LEADERSHIP
Member, The Advisory Council (www.tacadvisory.com) (2004 to Present)
Adjunct Professor, Computer Science, Polytechnic University (2004 to 2006)
Community Outreach Director, Middle Tennessee ISSA Chapter (2009)
Founder and Chairman Nashville Chapter Society for Information Management (2010-present)
Extensive list of patents, publications, and presentations available upon request.