David Gorgas

Provided world-class information security, CISO, IT Compliance and GRC services to organizations. Services included best practice services and leadership to meet industry best practices and state/federal/international compliance and privacy requirements. Implemented information security and privacy program and policy development, control design and implementation services, security control, vulner

Directed global compliance program initiatives and led information risk executive committee, governing privacy, information security, and records management policies. Spearheaded GDPR & CCPA compliance initiatives, developing and executing a comprehensive privacy function. Managed corporate compliance program elements, including information security and privacy training.

Led security, control, and technology implementations, including single sign-on, Oracle EBS, OpenText (Arcsight) SIEM, IBM Tivoli identity manager, Sourcefire & IBM/ISS Proventia IDS/IPS, RSA SecurID, Symantec CCS, Rapid7, and Nessus. Oversaw global IT compliance program, ensuring alignment with regulatory requirements. Led and conducted IT audits and control assessments across global technology e

Managed information security risk and compliance, and served as Assistant IT Audit Manager. This role involved overseeing various aspects of IT security and ensuring adherence to compliance standards. Contributed to the overall risk management strategy and conducted internal audits.

Served as a Senior IT Auditor, responsible for conducting comprehensive IT audits to ensure compliance with internal policies and external regulations. Identified control weaknesses and recommended improvements to enhance the security posture. Collaborated with various departments to implement audit findings.

Worked as an IT Audit Specialist, focusing on specialized IT audit engagements. Performed detailed assessments of IT systems and processes to identify potential risks and ensure data integrity. Contributed to the development of audit programs and methodologies.

Functioned as a Systems Audit Project Analyst, involved in various audit projects related to banking systems. Analyzed system controls and processes to ensure efficiency and compliance. Supported the audit team in data collection and report generation.

Held the position of Internal Auditor, responsible for conducting internal audits across various departments. Assessed operational efficiency and compliance with company policies and procedures. Provided recommendations for process improvements and risk mitigation.

Studied law enforcement administration. Awarded a full-tuition scholarship to the Graduate School at the University of Notre Dame.

Completed the Managing Ethics in Organizations Program. This program focused on ethical practices within business contexts.