Authentic and results-driven Security Director with over 20 years of expertise in Cyber security including Risk Management and Compliance. Stephen Dake has navigated the field from hands-on technical roles to senior executive leadership. His expertise spans multiple industries, including healthcare, finance, hospitality, utilities, and consulting. Proven track record of driving cybersecurity initiatives that foster business growth, ensure compliance, and mitigate risks. Strong leadership skills in building high-performing teams and aligning security strategies with corporate objectives. Adept at navigating complex regulatory environments and implementing effective security architectures.

TECHNOLOGIES

Autopilot, Avanan, Azure, Bit Defender, BitLocker, Burp Suite, ChatGPT, Checkmarx, Cisco, Citrix, Crowdstrike, DUO, Delina Privilege Manager, Delinia Secret Server, EDR, InTune, Kali, Lastpass, Linux, Nessus, OSINT, OneTrust, Optiv, Proofpoint, Qualys, Rapid7, Sentinel, Shodan, Tenable.io, Tugboat, VirtualBox, Windows.

SKills:

Cyber Operations · Cyber Risk Management · Security Operations Management · Cybersecurity Tools · Intellectual Property · Legal Requirements · Defining Requirements · Architectural Design · Business Risk · Change Impact Analysis · Technology Governance · Financial Oversight · Regulatory Requirements · Stakeholder Relations · Information Security Analysis · SOC 2 · Communication · IT Integration · Business Metrics · Data Retention · Statutory · Customer Engagement · Compliance Assessments · External Relationships · Team Building · Professional Skills · Architecture · Global Teams · Written Communication · Project Management · Mergers & Acquisitions (M&A) · Cyber Threat Intelligence (CTI) · Industry standards · Mitigation Strategies · Corrective Actions · Technology Risk · Annual Planning · IT Projects · Project Delivery · Customer Data · IT Leadership · Coordination Of Projects · Diplomacy · IT Purchasing · IT Strategy · Vendor Negotiation · Executive Leadership · External Communications · Executive Visibility · Multiple Disciplines · Business Process · Peer Reviews · Product Compliance · Technical Leadership · Legal Hold · Strategic Consulting · Due Diligence

April 2022 – Present

Executive Director of Cyber Security IT Risk Compliance Governance

FROSCH International Travel, Houston, TX (Remote)

• Spearheaded the development of robust cyber security programs post-acquisition by J.P Morgan Chase, achieving SOC2 Type 2 certification

• Led GDPR and PCI compliance initiatives, enhancing overall security posture

• Directed security operations, architecture, vendor risk management, red team testing, incident response, vulnerability management, and security engineering teams to drive compliance and risk reduction

• Orchestrated integration efforts that streamlined cybersecurity processes across multiple departments.

• Drove control uplift activities for acquisition to reach parity of Chase controls.

September 2018 – April 2022

Director Information Security and Risk

Madison Gas and Electric (MGE), Remote, WI

• Directed enterprise-wide security and risk programs ensuring compliance with NERC-CIP, PCI

• Enhanced vulnerability management and incident response through targeted security assessments and control implementations.

September 2018 – April 2022

Director Information Security and Risk

Madison Gas and Electric (MGE), Remote, WI

• Directed enterprise-wide security and risk programs ensuring compliance with NERC-CIP, PCI

• Enhanced vulnerability management and incident response through targeted security assessments and control implementations.

January 2014 – September 2018

Owner | Security Consultant

Stephen Dake Consulting LLC, Remote, WI

• Delivered tailored security advisory services to SMBs and startups, specializing in compliance and risk management for insurance, defense, and energy sectors

• Advised on compliance gap analysis, strategic planning, and IT security architecture.

June 2015 – August 2017

Director Cyber Security Engineering and Architecture

American Family Insurance Corporate, Sun Prairie, WI

• Led a 27-member team in executing strategic security initiatives, reducing downtime through technology upgrades and process improvements

• Drove enhanced department engagement and reduced outages through leadership and technical advancements

• Managed Security program for infrastructure, products, and services.

October 2013 – June 2015

VP Information Security

QBE, Sun Prairie, WI

• Led the security program over engineering, operations, architecture, IT risk, and M&A for North America QBE.

• Implemented corrective security action plans to solve organizational and departmental risks.

• Established departmental responsibilities and coordinate functions.

May 2013 – October 2013

Senior Information Security Consultant (Contract)

Dean Health Plan, Madison, Wisconsin

• Partnered with Dean Health Plan, Inc. in preparation for ACA State Health Exchange, ensuring compliance with MARS-E, HITECH, HIPAA, NIST guidelines.

• Authored a new policy deck for security and privacy compliance, guiding remediation strategies for MARS-E guidelines.

• Managed a security team of 6 people, advising the CISO and CIO on security controls.

April 2007 – May 2013

Director of Information Security | Chief Information Security Officer (CISO)
WEA Trust Insurance Corporation, Madison, Wisconsin

• Directed resources to deliver risk-remediation projects, reducing operational complexities and maximizing investments.

• Served as a trusted advisor to CIO and corporate counsel for security and privacy perspectives.

• Developed and directed new security program for HIPAA environment.

November 2005 – April 2007

Senior Information Security Consultant (Contract)

Blue Cross Blue Shield, Fargo, North Dakota

• Advised and conducted vulnerability assessments, testing, and directed remediation initiatives for DISA requirements.

• Led projects on database security, file integrity solutions, and encryption module compliance.

• Certified cryptography conformity with FIPS 140-2 and guided NIST solutions

Board Member

Three Pillars Senior Living Communities (2023 – Present)

• Championed good corporate governance practices to foster transparency and accountability.

• Attended and participated in meetings of municipal councils and council committees.

CERTIFICATIONS

CISSP (Certified Information Systems Security Professional)

• CISM (Certified Information Security Manager)