Skip to main content
Stephen WinfieldSW
Open to opportunities

Stephen Winfield

@stephenwinfield

GRC and cybersecurity risk leader driving compliant cloud programs, control assessments, and identity governance outcomes.

United States
Message

What I'm looking for

I’m looking to lead cybersecurity GRC and cloud/IAM programs where I can drive audit-ready controls, strengthen identity governance, manage cross-functional delivery, and communicate clearly to stakeholders—while improving operational efficiency and risk reduction.

I’m a GRC-focused cybersecurity and program leader, credentialed with CISM, PMP, CSM, and CSPO. I plan, develop, and implement governance, risk, compliance, and control assessment processes that help organizations operate securely and pass audits with confidence.

In recent roles, I’ve led cloud onboarding and architecture/cybersecurity review support across AWS and Azure, ensuring applications meet governance, security, monitoring, operational readiness, and support requirements before release. I also build and maintain governance documentation—risk logs, decision records, and audit-traceable control artifacts—while managing dependencies, access-control considerations, and stakeholder communications.

I’ve managed IAM and enterprise security workstreams, improving identity lifecycle, access governance, and secure configuration baselines using ServiceNow-driven workflows (RFCs, CMDB updates, risk logs, and remediation tracking). Earlier, I directed statewide cybersecurity governance for an Epic EHR implementation with HIPAA safeguards, PHI protection, vendor oversight, and cross-agency IAM coordination—plus I’ve led teams (including a team of 12 engineers) and delivered results such as a 200% increase in operational productivity from an efficiency program.

Experience

Work history, roles, and key accomplishments

Paragon Technology Group logoPG
Current

Technical Project Manager

Apr 2025 - Present (1 year 3 months)

- Coordinated cloud onboarding activities across AWS and Azure environments, ensuring applications met governance, security, monitoring, operational readiness, and support requirements before production release.
- Supported architecture and cybersecurity review processes by preparing review materials, tracking action items, documenting decisions, and ensuring delivery aligned with governance stand

InComm Payments logoIP

Senior Project Manager

Aug 2022 - Apr 2025 (2 years 8 months)

·      Led IAM and cybersecurity project workstreams focused on identity lifecycle improvements, access governance, secure configuration baselines, and enterprise risk reduction.
·      Managed ServiceNow-driven workflows for RFCs, CMDB updates, risk logs, audit artifacts, and remediation tracking to improve traceability and compliance visibility.
·      Produced governance documentation, technica

neteffects logoNE

Senior Project Manager

Dec 2021 - Aug 2022 (8 months)

·       Managed AWS security implementation projects involving IAM redesign, cloud resource hardening, standardized cybersecurity controls, and audit artifact tracking.
·       Used ServiceNow and Agile delivery practices to track risks, issues, IAM provisioning workflows, SDLC evidence, and cybersecurity project deliverables.
·       Coordinated security, engineering, and cloud teams to identify

Celeste Consulting logoCC

Senior Project Manager

Jun 2021 - Dec 2021 (6 months)

·       Supported AWS cloud migration workstreams by coordinating IAM role management, secure configuration requirements, risk tracking, and compliance alignment.
·       Performed risk assessments on cloud migration tasks, documenting technical risks, security dependencies, mitigation strategies, and governance requirements.
·       Contributed to policy documentation, security standards, and clo

State of Louisiana logoSL

IT Program Manager

Mar 2019 - Jun 2021 (2 years 3 months)

·        Directed cybersecurity governance activities for a statewide Epic EHR implementation, incorporating HIPAA safeguards, PHI protection, identity access controls, and vendor oversight.
·        Managed risks, issues, dependencies, encryption considerations, vendor integrations, and audit-readiness activities across healthcare technology workstreams.
·        Coordinated access-control, authe

Blue Cross and Blue Shield of Louisiana logoBL

Project Manager/Product Owner

Mar 2018 - Mar 2019 (1 year)

·       Managed ERP/D365 implementation requirements related to role-based access, audit controls, user provisioning, secure system access, and compliance readiness.
·       Partnered with cybersecurity SMEs, architects, compliance teams, and Security Operations to strengthen IAM controls, data protection, and secure-design practices.
·       Facilitated Agile ceremonies while ensuring backlog ite

Vectren logoVE

IT Project Manager

Jul 2017 - Mar 2018 (8 months)

·       Managed project planning, risk assessment, and stakeholder coordination for software implementations involving access controls, user roles, and system security dependencies.
·       Coordinated secure access planning, authentication dependency tracking, and user-role validation during system consolidation and application modernization efforts.
·       Maintained Jira boards, sprint plans,

EU

CMOM Manager

Evansville Water & Sewer Utility

Jun 2015 - Jul 2017 (2 years 1 month)

Managed enterprise data and MDM initiatives requiring controlled access to customer data and regulated information. Coordinated vendors/contractors and tracked risks, dependencies, and implementation milestones supporting IAM-related data access and governance, including delivery of the Enterprise FATCA Engine.

Evansville Water & Sewer Utility logoEU

Project Manager - Capacity Management, Operations and Maintenance (CMOM) Manager

Jun 2015 - Jul 2017 (2 years 1 month)

·         Managed enterprise data and MDM initiatives requiring controlled access to customer data, regulated information, business rules, and secure system connectivity.
·         Coordinated vendors, contractors, technical teams, and business stakeholders to ensure data-access governance and security requirements supported regulatory delivery.
·         Tracked risks, dependencies, access issues

MIS Technology Group logoMG

Help Desk Supervisor

Nov 2014 - Jun 2015 (7 months)

- Managed QA testing activities, defect logging, test execution reporting, and issue triage to support system reliability, control validation, and operational accountability.
- Coordinated with business users, project managers, and technical leads to define test strategies, document requirements, and support controlled technology delivery.
- Used ConnectWise to manage project work, track custom

AT&T logoAT

Wire Technician

Apr 2014 - Nov 2014 (7 months)

- Maintained one of the highest daily job completion rates among Wire Technicians without a repeat service call in the Lafayette, LA area
- Installed service modems in homes and businesses, setting up home networks, IP and telephony troubleshooting
- Installed wiring for Internet, Telephony, VOIP and HISIA with CAT5 wiring and coax Prepared Ethernet (CAT5) tips as well as Barrels for coax tips

Fugro Geoservices, INC logoFI

AUV Data Processor

Jun 2013 - Jun 2014 (1 year)

- Offshore field activities included acquisition and processing data from geophysical systems such as multi-beam swath bathymetry, digital side scan sonar and digital profilers
- Processed navigation data, side scan sonar, profiler, multi beam and single beam bathymetry data real time while in the field as necessary
- Performed quality control of acquired geophysical data, made liaison with lan

Global Data Systems logoGS

Remote Support Engineer

Dec 2012 - Jun 2013 (6 months)

- Diagnosed and resolved network connectivity issues between levels 1 - 4 of the OSI model
- Implemented Cisco best practices when troubleshooting and configuring network devices
- Created network topology diagrams for current customers to assist in the troubleshooting
process.
- Worked with Telco's to resolve networking issues.

Casino Aztar logoCA

Systems Analyst

May 2008 - May 2009 (1 year)

In this position I reviewed computer system capabilities, workflow, and scheduling limitations to determine if requested program or program change is possible within existing system. I planned, prepared, and implemented technical reports, memoranda, and instructional documentation as necessary. I also monitored functioning of equipment to ensure system operates in conformance with specificatio

Old National Bank logoOB

Computer Operator

Jan 2006 - May 2008 (2 years 4 months)

In this position I managed AS400 mainframe servers which included running jobs and ensuring that all banking data was backed up every night. I also assisted customers with account access issues, monitored and repaired ATM's

United States Marine Corps logoUC

Data Network Specialist

May 2000 - May 2004 (4 years)

In this position I was responsible for the installation, configuration, and management of data network systems in both a stand-alone and client-server environment, including MS Exchange, Defense Message Systems, and other authorized data network systems. I installed, configured, and maintained network services, both hardware and software. I also planned and executed the integration of multiple inf

Education

Degrees, certifications, and relevant coursework

UI

University of Southern Indiana

Bachelor of Science (B.S.), Philosophy/Sociology Minor

2005 - 2010

MS

Marine Corps Communications and Electronics School

Certificate of Completion, Information Technology

2000 - 2000

Get matched with your dream remote job

Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan