Kyle Welsh, CRISC

Senior Level Technology, Information Security and Risk Executive

206.650.3993 | [email protected] | PDF Version

VALUE PROPOSITION

Strategic Technology Executive, who can architect and execute the strategic technology plan to meet business needs by building relationships, trust and a shared accountability for success.  I have a track record of aligning technology with strategic vision, goals and initiatives that enhance both the internal user and customer experience as well as being able to understand and articulate the business value of technology and security.  My passion is developing a highly engaged, responsive team that is focused on meeting the needs of the business through a measured, risk-based approach while constantly improving performance.

LEADERSHIP PRINCIPALS AND CORE VALUES

  • Put Customer First
  • Lead with the Vision of the Organization
  • Build Relationships and Establish Trust
  • Deliver Results
  • Hire and Develop the Best Talent
  • Insist on the Highest Standards
  • Streamline Processes and Create Efficiencies
  • Lead by Example
  • Promote Transparency through Strong Communication

ACCOMPLISHMENTS

  • Drove the adoption of National Institute of Standards and Technology (NIST) Cybersecurity Framework at BECU
  • Implemented the Federal Financial Institutions Examination Council (FFIEC) Cybersecurity Assessment Tool (CAT) as a method to measure Inherent Risk, Operational Maturity and Roadmap for Continuous Improvement
  • Established an Enterprise Architecture Board (EAB) to create an architecture framework, provide project design guidance and conduct project reviews. The EAB helps streamline project design, which creates significant resource savings.
  • Successfully implemented the production data center move from Seattle to Spokane to improve business continuity posture in response to concerns relating to the Howard Hanson Dam and Green River.This was accomplished with minimal member impact and now allows BECU to utilize two geographically divergent data centers to support production operations as well as support disaster recovery protocols.
  • Coordinated with the project team and technical resources to deliver a project that improves the member experience as well as saving the enterprise ~19,000 staff hours per year.

TECHNOLOGY AND LEADERSHIP EXPERTISE

Risk Management

Strong technology background coupled with business acumen and experience enables a unique ability to identify and assess risk as well as provide mitigation and monitoring options that provide options for the business while maintaining or improving overall risk posture.

Information Security and Business Continuity

Grew the Information Security and Business Continuity teams from a combined total of eight staff to over thirty while adding internal services that included: A Security Operations Center augmented with a Managed Security Services Provider, DevOps project support including real-time Static Code Analysis (SCA) and on-demand Dynamic Application Security Testing (DAST).

Technology Generalist

Experience and familiarity with a wide range of technology including:

  • Windows Server and desktop operating systems
  • Database management systems (Oracle and SQL Server)
  • Data communications and telecommunications equipment and protocols
  • Information Security management frameworks
  • Network Security
  • Local and Wide Area Networks (LAN and WAN)
  • SaaS, IaaS and PaaS providers such as Microsoft Azure and Amazon Web Services (AWS)

EDUCATION & PROFESSIONAL AFFILATIONS

  • Leadership Executive MBA, Seattle University, 2012
  • ISACA CRISC Certification Number 1620611 (September 2016 – present)
  • Executive Leadership Board, NCU-ISAO (2016 – present)
  • St. Philomena School Commission (2014 – present)
  • Disabled American Veterans, Lifetime Member
  • Fiserv DNA Technology Advisory Council, Member
  • Fiserv Technology Advisory Board, Member

PROFESSIONAL EXPERIENCE

Security Solution Architect, Datec, Inc., Seattle, WA                                                                           (4/2019 – present)

  • Represent various security and technology solutions and assist clients and prospective clients in various vertical markets and industries from strategic roadmap and planning development, Virtual CISO services, Policy and Standards development as well as solution selection, implementation, and operation.
  • Most projects were centered around Security Information and Event Management (SIEM), email security,
    endpoint protection, Managed Detection and Response (MDR), Vulnerability Management, Network Visibility
    solutions, Threat Intelligence platforms and Software Development Lifecycle solutions: Static Analysis
    Security Testing (SAST), Dynamic Application Security Testing (DAST).
  • Services engagements consisted of Virtual CISO services, Vulnerability Assessments, Pen testing and
    SOC2/HIPAA/GDPR support.

Chief Information Security Officer, Vice President of Information Security, BECU, Tukwila, WA         (4/2015 – 2/2019)

  • Responsible for the strategic vision and operational outcomes and improvements of the   Information Security, Business Continuity and Enterprise Architecture teams.
  • Member of the Operational Risk Management Committee and Crisis Management Team.
  • Lead programs and processes to monitor the emergence of new threats and vulnerabilities, assessing impacts and driving responses as appropriate.
  • Ensure that clear and timely business advice is provided to executive management on key information security and assurance issues.
  • Establish an information security and risk management functional capability and architecture across the organization.
  • Ensure that information security and risk is adequately represented on relevant business and governance forums and is known, well-integrated, and well-respected across the enterprise.

Vice President of Technology Services and Chief Security Officer (CSO), BECU, Tukwila, WA             (2/2006 – 4/2015)

  • Responsible for Data Center and Operations, Network and Security, Application Development, Business Intelligence/Data Warehouse and Enterprise Applications.
  • Manage, mentor and develop forty-eight staff in four departments.
  • Manage annual operating budget of $ 21M and capital budget of $2.5 – $4M
  • Responsible for the technical design, development, implementation and production operations of all enterprise projects including vendor evaluation, selection, contract negotiation and vendor management.

IT Integration Architect, BECU, Tukwila, WA                                                                      (5/2003 – 2/2006)

  • Responsible for the design and development as well as the transition to operations of all system, application and vendor integrations.
  • Engaged with credit card processor partner to improve operational reliability post-conversion.

IT Manager, BECU, Tukwila, WA                                                                                       (4/2001 – 5/2003)

  • Managed the Application Development and Business Analyst groups.
  • Mentored and developed professional staff in a highly, dynamic technical environment which included a multi-system conversion of critical business systems.

Various Individual Contributor Roles, BECU Tukwila, WA                                                      (8/1997 – 4/2001)

Customer Support Manager, Multicom Publishing, Inc.  Seattle, WA                                    (8/1994 – 8/1997)

  • Various roles held as Multicom transitioned from start-up mode and early round investments through its Initial Public Offering including: Customer support Analyst, Network Administrator, System Administrator, Quality Assurance Analyst, Web Developer and Customer Support Manager.

Reactor Plant Mechanic and Engineering Laboratory Technician, U.S. Navy                                     (9/1988 – 11/1994)

  • Completed seven strategic missile deployment patrols on the USS Ohio SSBN-726 from 1990 – 1994
  • Honorably Discharged on November 15, 1994

RECOMMENDATIONS

Kyle’s training on a nuclear sub clearly comes through with his calm, cool decision making, attention to detail, and clear leadership in the midst of supporting a rapidly growing credit union. His understanding of back, middle and front end technologies allows him to lead teams to deliver a top banking experience for the end user. Not an easy task given the disparate technologies used in banking.”

Brian Bodell CEO at Finivation Software

“Kyle and I have worked together on numerous industry groups and advisory boards over the last 10+ years. In this capacity, we work at both the tactical level and at the strategic level and as a result I have the opportunity to see the breadth of Kyle’s knowledge and his strengths.
As one of the key technology leaders at BECU, one of the largest and most progressive credit unions in the industry, Kyle supports successful growth and innovation. He shares his expertise and best-practices willingly, which clearly demonstrates his collaboration and communication skills. His technical and operational knowledge are deep and learned through doing and constantly learning.
Kyle’s is respected by his peers outside of BECU for his ‘can-do’ attitude, flexibility, and willingness to help. He has an appreciation for the macro-trends, which makes him a strategic thinker.
I highly recommend Kyle for a Leadership position where technology, growth, and performance are expected outcomes.”

Jeff Johnson – CIO at Baxter Credit Union