Paul R. Jorgensen

Resume

Paul R. Jorgensen, CISSP

415 S Palisades Dr, Signal Mountain, TN 37377
+1.423.544.1867
paul@prjorgensen.com
prjorgensen.com
in/PaulRJorgensen

About

With over 25 years of extensive experience in cybersecurity, Paul R. Jorgensen is a seasoned CISSP certified information security leader renowned for his expertise in organizational security transformation & orchestration. Known for his adeptness in hiring, developing, challenging, and retaining talented team members, Paul’s industry experience spans across financial services, healthcare, industrial, and retail sectors. His background in manufacturing, automotive, and retail equips him with valuable insider insights. Notably, Paul has led or been part of leadership teams in engagements with U.S. state government, healthcare, and critical infrastructure sectors during his career, showcasing his adaptability, communications skills, and broad security knowledge.

Work Experience

Senior Managing Consultant

IBM, United States | Armonk, New York (remote) Jan 2015 – Oct 2023

As a Senior Managing Consultant, I focused primarily on engagements in the United States, Europe, and the Middle East, collaborating with companies and governmental entities to enhance their security operations capabilities. I specialized in delivering Security Operations Center (SOC) and Threat Management solutions across various sectors worldwide, including financial, manufacturing, retail, and telecommunications industries. My expertise spans infrastructure migration, SIEM reporting compliance, SOP development for SOCs, and security architecture, demonstrating strong leadership and project management skills evidenced by successful RFP responses and the delivery of global SOC projects involving multi-country teams.

  • Consulting History
    • Global Media Company, United States | Sept 2023 – Oct 2023

      I managed the migration of the customer to IBM infrastructure, facilitating communications, gathering requirements, technical details, and contributing to the project’s overall success.

    • Major Health Care Provider, United States | Aug 2023 – Oct 2023

      As a delivery lead, I assessed SIEM reporting for HIPAA compliance, collaborated with IBM MSS to extract reports from the customer’s SPLUNK SIEM, and managed successful project delivery.

    • Major Electronics Manufacturer, United States | Mar 2023 – Jun 2023

      I led the team in creating playbooks and standard operating procedures (SOPs) for the client’s SOC. I also provided consulting on staffing, staff rotation, and other essential elements of the SOC.

    • Major Retailer, United States | Feb 2023 – May 2023

      As delivery lead, I oversaw Threat Operations Process and Procedures Development, SIEM QRadar Health Assessment, and Rule Efficacy Engagement. The executive summary delivered a phased roadmap for organization design, service catalog improvement, and RACI enhancement, while also proposing improvements to the SIEM QRadar platform, prioritizing critical findings and suggesting the design of a highly available disaster recovery site.

    • Mid-sized Health Care Provider, United States | Jan 2023 – Sep 2023

      As the delivery lead, I consulted on reestablishing a metrics program for Board of Directors dashboards and messaging, and developed process documentation for User and Entity Behavior Analytics (UEBA).

    • Large Retailer, United States | Jan 2023 – Aug 2023

      As delivery lead, I reviewed UEBA use cases, data sources, and contextual enrichment to reestablish UEBA in the customer’s environment.

    • Provincial Energy Company, Canada | Oct 2022 – Jan 2023

      As delivery lead, our team collaborated with the client to develop a NIST CSF-aligned Target Operating Model (TOM) for the security organization, incorporating a Fusion Center approach integrating physical security and OT/IoT with cybersecurity. Additionally, our IBM team provided a Zero-Trust Point of View (PoV) emphasizing ZTA/ZTNA within the TOM. The deliverable facilitated discussions with stakeholders, featuring visual representations and a comprehensive cybersecurity glossary. This initiative spurred further engagements, including Cyber Threat Intelligence (CTI).

    • Major Distribution Company, United States | Jan 2022 – Jul 2022

      As lead of the delivery team, I assisted in Use Case analysis and MITRE tagging implementation for the client’s SIEM, aligning Use Cases with the MITRE ATT&CK framework, and defining processes for prioritizing and assessing security events while also building SOC process documentation.

    • Large Korean Retailer, Korea | May 2021 – Jul 2021

      I improved custom SOC service delivery by collaborating with the IBM MSS team on transitioning the client from QRadar and Resilient SOAR platforms to SPLUNK and Phantom SOAR platforms. I also managed Use Case and provided recommendations, identified 7 quick-win areas to enhance customer value, developed a Docker digital forensics plan, addressed open tickets with product support, and optimized Use Cases for delivery.

    • Large Korean Manufacturer, Korea | Mar 2021 – Dec 2021

      As delivery lead, I provided pre-RFP threat management consulting focusing on SOC transformation, led a successful RFP response, and co-led the resulting contract. Additionally, I served as co-lead on project delivery for IBM X-Force Threat Management and global SOC work streams. During the pandemic, I spent six months on-site in Korea delivering on this engagement.

    • Large US Financial Services Corporation, United States | Aug 2020 – Feb 2021

      I contributed to COBIT, NIST 800.53, and FFIEC-CAT compliance efforts across security, information technology, and business processes for one of the largest US financial services corporations through writing, reviewing, assessing, and consulting.

    • Mid-sized Health Care Provider, United States | May 2020 – Jul 2020

      Led a SOC consulting engagement to migrate the client from an existing legacy managed SIEM implementation to IBM X-Force Threat Management.

    • Large Japanese Global Insurer, United States | Jan 2020 – Dec 2020

      Led and contributed to global client working sessions, collecting, analyzing, and communicating findings to leadership. Provided expertise in building global SOC capabilities as part of a security transformation project, emphasizing the integration of incident response and penetration testing within a global fusion center approach to meet security goals.

    • Non-U.S. Governmental Entity, Middle East | Dec 2019 – May 2020

      Led multiple delivery workstreams and facilitated workshops on people, process, and technology architecture. Contributed to planning and building a national security operations center, focusing on technical architecture, governance, organization, and maturity enhancement planning.

    • Large European Financial Transaction Processor, Belgium | Aug 2015 – Jan 2016

      As a delivery lead, I expanded and matured existing SOC capabilities, including architecting the SOC build and coaching the team in key deliverables.

    • International Telecommunications & Electronics Company, Finland | Jul 2015 – Aug 2015

      Led the security operations work stream and assisted on others. Led the security operations client presentation for Request for Proposal (RFP) and Request for Information (RFI) response.

    • Latin American Retail & Credit Processing Company, Mexico | Mar 2015 – Aug 2015

      Led the SOC design work stream and led multiple client workshop sessions to coordinate business objectives with design. Assisted on other work streams as well.

    • Major Global Financial Services Company, Netherlands | Mar 2015 – Jul 2015

      Lead SOC consultant for security transformation

    • Large International Bank, France | Mar 2015 – May 2015

      Expanded and matured SOC capabilities, including managed security service provider (MSSP) integration. Worked with the team to architect new SOC implementation capabilities and led team activities.

    • Large International Bank, United Kingdom | Jan 2015 – Feb 2015

      Participated in the RFI and RFP response for global SOC consulting services. Provided technical input, facilitated team communications, and co-wrote the proposal.

Senior Managing Consultant, Japan Geo Focal

IBM Japan, Japan | Tokyo, Japan
Nov 2016 – Nov 2019

In 2016, I relocated from Detroit to Tokyo to serve as the IBM Security Japan Geo focal/Evangelist. During my tenure, I worked across various sectors including financial, insurance, manufacturing, electronics, and retail, engaging in multiple security disciplines. My primary focus was on building Security Operations Centers (SOC). I contributed to sales pursuits, served as a conduit with global IBM Security leadership and teams, provided enablement training, and delivered on client engagements alongside the IBM Security Japan team.

  • Consulting History
    • International Japanese Transportation Company | Nov 2018 – Jun 2019

      I was the project lead for the global SOC, including client advisory.

    • Large Japanese Insurer | Apr 2018 – Dec 2018

      Led enterprise and Go-To-Market (GTM) security transformation, proposing and developing a comprehensive security overhaul as part of a broader digital business transformation. Developed GTM cyber insurance components, including vulnerability assessment and penetration testing, in collaboration with the customer.

    • International Japanese steel company | Jan 2018 – Jun 2018

      I served as the lead consultant for the global SOC plan, build, and operations in Japan and North America.

    • International Japanese Bank | Jan 2018 – Mar 2018

      I served as the proposal lead for ATM penetration testing and assisted IBM X-Force Red pen testers in their delivery.

    • International Japanese Automobile Manufacturer | Nov 2017 – Dec 2019

      I served as the lead consultant for the Global Security Operations Center build for operations in Asia, Europe, Australia & New Zealand, and the Americas.

    • International Japanese pharmaceutical company | Jun 2016 – Dec 2017

      As the technical lead, I managed SIEM assessment, design, and build for global expansion, and oversaw SOC assessment, design, and build for global expansion.

    • International Japanese Bank | Jan 2016 – Jul 2017

      I served as the lead consultant for a global bank’s Cyber Threat Intelligence (CTI) plan, build, and operations, encompassing operations in Japan, Asia, and North America.

Senior Enterprise Security Architect

Hewlett-Packard, United States | Palo Alto, California (remote)
Jun 2013 – Dec 2015

Senior enterprise security architect specializing in public sector, energy and utility (E&U), and healthcare domains.

  • Independently assessed and architected all aspects of IT service delivery related to operations, maintenance, and security based on the ITIL® framework for a state government healthcare exchange eligibility program for a US state government.
  • Participated in several RFP responses, including a response to a major US insurance company’s Business Intelligence (BI) sourcing effort.
  • Practiced lead for the Security Consulting Delivery Methodology (SCDM) development and training.
  • Led a Security Operations Center (SOC) sourcing feasibility study for a major US oil and gas company with a substantial retail and critical infrastructure presence.
  • Served as a security solutions architect, audit remediation liaison, and GRC team contributor to a state government Affordable Care Act (ACA) Minimum Acceptable Risk Standard for Exchanges (MARS-E) Authorization to Connect (ATC) project, with a specific focus on collaborating with various state and federal government agencies and key vendors.
  • Developed security collateral for critical infrastructure targeted toward the transportation, oil & gas, and energy sectors.
  • Architected highly secure data enclaves for a major technology firm, including process documentation, data workflows, and other operational collateral.
  • Contributed to malware detection, containment, and remediation efforts for a large multinational corporation. Developed professional collateral, wrote training materials, and instructed team members on a variety of security topics.
  • Facilitated a security workshop for a large insurance organization.
  • Assessed network connectivity, security, and regulatory compliance in a critical infrastructure enterprise.

Global Manager, Cybersecurity and Network Engineering

Magna International, United States | Aurora, Ontario, Canada & Troy, Michigan & Holland, Michigan Apr 2001 – Jan 2013

  • Led a global team of skilled network engineers and security professionals across seven countries on three continents.
  • Orchestrated the connection of Magna’s 300+ worldwide locations to customers, vendors, and suppliers, establishing a robust global backbone.
  • Managed multiple global co-location facilities and co-managed several others, overseeing the addition of 2 regional network aggregation sites in 2010-11 to meet business demand in previously underserved regions.
  • Led the design and implementation of a new global backbone, anchored by co-locations and network aggregation sites, resulting in cost reduction, latency improvement, and enhanced redundancy, capacity, and flexibility.
  • Planned and developed a prototype virtual Security Operations Center (SOC), including the design and deployment of a new global log management system and an intrusion detection system based on Snort and other F/OSS tools.
  • Directed the management of several hundred firewalls, local loops, and site-to-site VPNs, assisting various business units in risk evaluation.
  • Authored the corporate information security incident handling policy, designed the internal IT security communication web site, and implemented the enterprise IP tracking and management system.
  • Oversaw the corporate IT security policy as the highest-ranking IT security professional in the company.
  • Led a global matrix team in selecting and implementing a global SOC, streamlining system security monitoring worldwide and reducing costs.
  • Led the Global Remote Access project, in-sourcing client VPN access, expanding VPN access into new regions, and enabling additional platforms at reduced costs.
  • Regularly communicated with executives in the C-Suite and other leadership levels, adapting communication styles to ensure understanding and actionable insights. Maintained regular engagement with business partners and vendors.

Firewall & VPN Systems Security Engineer

Electronic Data Systems, United States | Auburn Hills, Michigan
Apr 1997 – Apr 2001

Senior Firewall and Lead VPN Security engineer for the Network Security Management and Managed Firewall projects. Technical functions included access management, network infrastructure troubleshooting, systems management, designing and deploying new secure network perimeter ingress and egress environments, and Tier 3 technical support.

Education

B.A. in Integrated Studies

University of Tennessee at Chattanooga
Aug 2023 – Present (currently enrolled)

AAS in Mass Communications

Chattanooga State Community College
Jan 2020 – Aug 2023

Digital Credentials

IBM Garage Essentials | 2023
IBM Consultant Profession Certification | Experienced | 2020
Enterprise Design Thinking Practitioner | 2020
Certified Information Systems Security Professional (CISSP) | 2007

Created: 2024-02-20 Tue 10:43

Validate