Christophe Foulon, seasoned cybersecurity executive and coach focused on helping to safely use tech

Head of Cyber Security - Business Information Security Officer

Helping to safely enable businesses through technology.

EXPERTISE

Translating between the business, leadership and engineering/development groups to drive proactive and effective results.

Digital Transformation
Operations Management
Risk Assessment & Mitigation
Regulatory Compliance & Industry Best Practices
Business Enablement (via Technology)
Incident Response
Disaster Recovery Programs
Talent Pipeline Development
Strategic Relationships
Cross-Functional Team Leadership
Consultative & Advisory Approach
Procedure & Policy Development/Implementation
Solutions Design/Delivery
AWS Cloud
Program Management (Projects, Finance, Resources)
Written/Verbal Communication
Budget Management

EXPERIENCE

Whole Cyber Human Initiative

Jan 2021 - Present

CISO & Executive Board Member

Workforce Research & Development

Spearheads security workforce development and research development methods for large and small organizations and candidates at various stages of their careers. Develops partnerships with hiring companies, government bodies, and other non-profits with a similar aim of closing the talent gap.

wholecyberhumaninitiative.org

Capital One

October 2020 - October 2023

Senior Manager, Cybersecurity & Technology Risk Oversight

Provides tactical cybersecurity consultation and advisory services, overseeing line of business (LOB) cybersecurity and technology risk. Enhances LOB manager's understanding of cybersecurity risk and delivers recommendations/solutions. Supports technology risk programs, identifying and assessing risks and challenging technology processes/controls/capabilities for AWS Cloud and Application Resiliency, SRE, and change/asset management. Enhances evaluations of cybersecurity and technology capabilities, accelerating their maturity. Drives optimization and maturation of organizational security and risk management program metrics.

Capital One

GRIMM

December 2019 – October 2020

Senior Security Consultant (SMF)

Collaborated with federal and commercial clients at this boutique security consulting firm to provide cybersecurity and risk advisory solutions for their complex challenges. Enabled executives and security managers to comprehend and evaluate the cybersecurity risk's impact on their businesses through workshops and tabletop exercises. Made recommendations on tracking impactful issues to mitigate operational risks. Adopted adversarial approaches to provide insights on effective detection and response mechanisms to mature organizational defenses and develop a cyber range training platform. Developed a customized GRC management program using NIST CSF, CMMC, and ISO2700.

ConQuest Federal

February 2019 – December 2019

Lead Cyber Risk Management Consultant

Managed a 15-person team of analysts to senior project managers in a federal consulting startup, delivering risk, security, and cloud security consulting with a $5M project budget. Assisted a federal agency with digital transformation/migration to the cloud, improving cybersecurity maturity and promoting cloud adoption. Provided best practices for Microsoft Office365 & Azure Gov migration, implementing security and identity management technologies from Microsoft EMS. Drove cybersecurity maturity in a federal agency by developing governance, policies, and procedures to enhance FISMA levels and adopt risk-based vulnerability management—prepared agency for managed security services and third-party vendor risk profiles.

Avanade

August 2017 – February 2019

Manager Information Security Consulting

Led Microsoft Azure Fed Cloud Team, directed Managed Services to onboard/train new Gov Cloud Ops support members. Coordinated with legacy vendor support for project growth solutions and optimized Ops SRE team for 24/7 incident/problem management across multiple locations. Drove program/project management for ten-million-dollar programs, managed finances/resources/strategic planning. Assessed Ops/Security/Compliance processes in FEDRAMP, identified vulnerabilities, and provided mitigating/remediation measures.

Cancer Treatment Centers of America (now part of City of Hope)

September 2014 – August 2017

IS Site Supervisor

As the information security specialist, I shaped training and education for corporate users on cybersecurity, PHI, and PII. Integrated security awareness into daily activities to promote a culture of security. Consulted on information security, assurance, and risk management during new project creativity and development with business units. Enforced security hardening policies and procedures for computers and mobile devices. Participated in an ad-hoc Information Security Team to manage and respond to security threats and incidents, including virus and malware remediation.

CPF Consulting

January 2007 – Present

Entrepreneurial Endeavor

Engage with clients to provide cybersecurity and risk advisory solutions to their complex cybersecurity challenges. Founded and cohosted the “Breaking into Cybersecurity” Podcast; Principal Coach at CPF-Coaching.com.

Authored “Developing Your Cybersecurity Career Path”, "Hack the Cybersecurity Interview" and contributed to “Understanding and Measuring Cyber Risk” by Ryan Leirvik

View Projects

Results

cybersecurity and threat management consultant

Eliminate d the exposure for an attack for a Fortune 10 Fintech company experiencing an active exploit vulnerability by implementing a multi-faceted approach that involves identifying the threat, containing the attack, and mitigating any potential exposure.

Keeping up with the latest threats and risk mitigation strategies

Effective portfolio management facilitated $10M in project growth over five years, increasing the Azure Cloud Operations Site Reliability Engineering team by 50% while providing 24/7 incident and issue management.

Building and enabling businesses through safely using technology

Spearheaded a digital transformation and cloud migration for a federal agency while improving cybersecurity and operational maturity through the transition to AWS Cloud required a comprehensive approach that involved planning, execution, and ongoing management. , which

Head of Cyber Security - Business Information Security Officer

Quick Insights

EXPERTISE