Rick Bill

Recently retired from the Cybersecurity profession. Looking to keep busy.

ConstellisChief Information Security Officer (CISO)June 2019May 2022Headcount:3 Direct, 12 Indirect As the first ever CISO at Constellis, hired to bring the global networks and Constellis subsidiaries into compliance with required security frameworks and obtain ATOs (which had been revoked) and build and mature the cyber security program.Accomplishments:

• Conducted a cybersecurity maturity assessment and developed a 12-month roadmap to raise the maturity level to an acceptable level
• Developed and implemented twelve polices required to achieve compliance and obtain ATO for nine different government agency networks operated by Constellis and its subsidiaries
• Hired three director level department heads (SecOps, GRC, Security Architecture)
• Developed and implemented a secure SDLC process for both internal and external customers
• Developed and implemented a cybersecurity awareness program which resulted in a reduction of users clicking on phishing e-mails from 28% to 6.6%
• Achieved FFIEC compliance for one of Constellis’ smaller subsidiaries (Olive Group) within the first eight months
• Achieved HiTrust (i1) certification for one of Constellis’ subsidiaries operating a medical clinic (Mustang Medical)

• Conducted a cybersecurity maturity assessment and developed an 18-month roadmap to raise the maturity level to an acceptable level
• Developed and implemented a secure SDLC process for external customers which reduced the number of security related vulnerabilities by 11% per quarterly release.
• Conducted tabletop BC/DR exercise with Venafi C-Suite resulting in a shift in CIA awareness and funding for IT and Cybersecurity.
• Developed and implemented a cybersecurity awareness training program based on roles (sys admins, developers, new hires)
• Developed detailed network security design resulting in satisfying requirements for security audits, compliance, application developers, and end users

• Reduced the time to detect from days to five minutes without an increase in staffing
• Reduced the time to contain from 18 hours 36 minutes (average) to 4 hours 2 minutes (average)
• Reduced CapEx spend by 50% implementing SaaS while reducing the overall OpEx spend by 15% over 16-months
• As an additional responsibility, achieved HiTrust (i1) certification for the Benefits business unit operated by Xerox Services in 8 months and $160,000 under budget

• Spearheaded the development of tools that automated manual detection and response tasks
• Build and lead a high-performing (remote) team of Security Engineers

Certified Information Systems Security Professional (CISSP) 

Certified Information Security Manager (CISM)

Certified Chief Information Security Officer (C|CISO) 

Certified Ethical Hacker (CEH) 

Numerous other industry standard It and Cybersecurity certifications

InfraGard, Northern Virginia

Board Member – Greater Manassas Softball

Board Member – Manassas After-School Youth Programs

Awards

• Apollo Group Impact Award – Highest reduction of cyber risk in a single year within the portfolio companies
• Employee of the quarter and year – Time Warner Cable
• Manger of the quarter and year – Time Warner Cable

United States ArmyBranch – Military Police Honorable DischargeNovember 1983June 1988Rank at Separation – E-5, Sergeant

Education

Western Governors UniversitySalt Lake City, UTBachelor of Science: Information Systems (Emphasis: Security)September 2009April 2014