Open to opportunities

Stephen RutlandJr

@stephenrutlandjr

Senior cybersecurity GRC and data privacy professional helping enterprises reduce risk and meet ISO/NIST/GDPR obligations.

United States

Message

What I'm looking for

I’m looking to lead enterprise cybersecurity programs where I can own GRC and data privacy initiatives, use NIST/ISO frameworks, and drive measurable improvements—reducing incidents, strengthening compliance readiness, and aligning security requirements to real business outcomes.

I’m a Senior Cybersecurity and GRC professional with 10+ years of experience in risk management, governance, compliance, and data privacy across financial services, healthcare, technology, government, and consulting. I specialize in ISO 27001, ISO/IEC 42001 AI governance, NIST frameworks, GDPR, and CCPA, with a proven focus on strategic risk mitigation. I bring a record of improving security outcomes while translating complex requirements into actionable business strategies.

At Ernst & Young, I orchestrated security operations using NIST CSF, reducing security incidents by 25% through enhanced policies and user training. I also led GDPR/CCPA and NIST compliance efforts for 5,000+ users, improving compliance readiness by 30% and reducing incident response time by 25% via process improvements and automation. As a lead network security engineer, I supported 10,000+ users with 99.9% uptime, delivered MDR and endpoint protection with Microsoft Defender for Endpoint, and reduced security-based project delays by 65% through faster, more responsive threat and infrastructure operations.

Experience

Work history, roles, and key accomplishments

Senior IT Security & Data Privacy

Ernst & Young

Jan 2022 - Apr 2025 (3 years 3 months)

Orchestrated security operations using NIST CSF, reducing security incidents by 25% through enhanced policies and user training. Developed and enforced DLP controls, cutting false positives by 50% while supporting incident response and forensic post-incident improvements.

NIST CSF Security Operations Incident Response Forensic Analysis Security Awareness Training Cross functional Leadership

Principal Cybersecurity Risk Consultant

Ernst & Young

Jan 2021 - Jan 2022 (1 year)

Ensured GDPR, CCPA, and NIST standards compliance for 5,000+ users via gap analyses and enterprise encryption improvements, increasing compliance readiness by 30%. Reduced incident response time by 25% through process improvements and automation, and improved privacy policy alignment by 40% by partnering with legal teams.

GDPR CCPA NIST Compliance Gap Analysis Security Monitoring

Lead Network Security Engineer

CFocus Software Inc

Apr 2019 - Dec 2020 (1 year 8 months)

Supported network infrastructure for 10,000+ users and maintained 99.9% uptime through proactive monitoring and issue resolution. Deployed Cisco network equipment, operated MDR, and implemented Microsoft Defender for Endpoint (MDE), reducing security-based project delays by 65%.

Cisco Wireless Controllers Microsoft Defender Solarwinds Network Monitoring

Senior IT Support Analyst

Global Commerce Services

Jan 2016 - Mar 2019 (3 years 2 months)

Delivered multi-channel IT support, resolving 95% of hardware and software issues across diverse operating system platforms while minimizing business disruption. Managed user administration and messaging/services using Windows Server, Active Directory, MS Exchange, and Azure Admin Portal, maintaining service levels.

Windows Server Active Directory Azure Admin Portal Hardware Support Software support SLA Management Executive Support

IT Support Analyst

US Department of Veterans Affairs

Jan 2014 - Jan 2016 (2 years)

Monitored application suites, internal processes, and automation jobs to support performance and security compliance. Maintained run books and deployment documentation, and conducted audits to validate accuracy against federal security requirements.

Application Monitoring Security Auditing Run Books Technical Documentation Performance Tuning