Gabriella Nelms
CISSP|CISM| MBA
BIO
I have 7 years plus experience in Information Security where I creatively defend and help brands grow. I am a CISSP, CISM, CRISC, CDSPE and CCSP certificate holder among other certifications like ITIL, AWS, and Azure. In addition to certifications, I have an MBA in MIS, FIN, MGT. I am an energetic, thorough, passionate seasoned leader with solid board experience and excellent communication skills. I am also an amateur chef, gardener, dancer, team sports enthusiast and occasional struggling musician not including my rocking air guitar.
My Relevant Strengths include: Board leadership & Collaboration • Risk Management • Change Management • Project Management • Corporate Governance • Strategic Planning • Process Improvement • Cyber Security • Application Security • Data Protection & Privacy • Digital Marketing & PR • Financial Research AnalysisDownload Resume
I have worked with Gabby for almost a year now and she is an amazing individual who has taken on new responsibilities and role as an Information Security Officer. She is always eager to learn and had picked up complex processes and techniques faster than anyone in recent memory.
With her help and support we have managed to take action and resolve many past due Information Security (IS) initiatives and metric items, allowing us to trend green on senior management reports. Gabby is an asset to our team and the overall IS program.- Daniel Reyes, BISO
One of the most talented individuals I have ever worked with. Her passion and dedication to her work has made her one the best. She was a key factor in implementing huge project's like Okta and Microsoft 365. Her project management skills are second to none.
- Chris Pearson, Head of Information & Data Security
Experience
Vice President - Cloud Security Advisory Manager - Enterprise Cloud Security Technology, Governance & Product Management
November 2020 - Now
Focused leader and business enabler as a Cloud Security Advisory Manager of the Enterprise Cloud Security Technology, Governance & Product Management team, where I applied information security, risk management, and project management skills to advance and digitally transform Truist for its clients in the Southeast, generating $10.4 billion in revenue. Championed and managed several cloud-enabled technologies providing Cloud Security Advisory Services team with cloud controls & IAM compliance and automation tooling. Responsible for advancing and developing Cloud Security standards and policies as an integral part of the enterprise’s governance & risk management strategy including RCSAs. Built a tactical cloud governance strategy to accurately assess risk and the effectiveness of security controls for large-scale Cloud-related vendor solutions and SaaS APIs. Delivered expert-level guidance and education related to cloud security practices and standards, developing a security integration strategy for cloud vendors and products through assessment, procurement, and implementation lifecycles, while maintaining high-level of visibility and partnership with D-CISOs, LOBs, Cloud Architecture, Operations, Engineering, etc.
Vice President - Cloud Security Advisory Vendor & Product Manager
December 2019 - November 2020
Focused business enabler as a Cloud Security Advisory Vendor & Product Manager, applying information security, risk management, and project management skills to advance and digitally transform Truist for its clients in the Southeast, generating $10.4 billion in revenue. Responsible for advancing and building a tactical cloud governance strategy for cultivating a data-centric approach to accurately assess risk and the effectiveness of security controls for large-scale Cloud-related vendor solutions, enterprise CASB (Cloud Access Security Broker) and APIs in partnership with API team. Key enablement provider for delivering expert-level guidance and education related to cloud security practices and standards, developing a security integration strategy for cloud vendors and products through assessment, procurement, and implementation lifecycles, embracing security tooling and automation in tandem with the growth of cloud-enabled technologies, and maintaining high-level of visibility and partnership with D-CISOs, Cloud Architecture, other Cloud Security teams, etc.
Vice President - Cloud Security Advisor
March 2019 - December 2019
Key influencer as a Cloud Security Advisor at SunTrust, globally applying deep information security and risk management skills to design, build and protect enterprise systems, applications, data, assets and people for SunTrust and its clients in the Southeast generating $10.4 billion in revenue. Responsible for cloud security strategy, architecture, implementation and operations, by delivering solutions that protect enterprise systems, applications and data, by establishing policies, procedures, practices and tools that prevent unauthorized access, use, disclosure, modification or disruption. Conducted complex network penetration tests, security product integration, information security overviews, and other projects. Lead the selection, implementation, and maintenance of firewalls, application of security patches, and updates and modifications to security design. Researched, tracked and assessed evolving threats and new technologies, solutions, and services.
Social GRN (Grin*) Strategist
January 2012 - Present
Provided strategic digital marketing consulting in SEO, social media, and branding & marketing strategy to create interactive digital content for brands, personalities, companies, products and ideals.
Assistant Vice President - Business Information Security Officer
January 2017 - November 2018
Played a key role as Business Information Security Officer at Citi, while globally promoting Risk Management to grow Cyber Security Awareness, value and credibility with a range of stakeholders, including employees, Center GISOs, Senior Business Leaders, and applicable stakeholders in 19 countries generating $17.3 billion in revenue. Investigated incidents and infrastructure units by identifying IS risks and the appropriate controls for development, day-to-day operation, and remediation of non-compliance. Communicated Security Events like Security Breaches and Security Policies by initiating and coordinating emergency actions to protect the business unit from an imminent loss of information, brand reputation, and customer trust. Partnered and assisted in the development of strategies and plans for improving both Security Architecture and Application Security.
Information Security Communications & Financial Strategist
September 2015 - September 2016
Information Security Communications Strategist
June 2014 - September 2015
Passionate as Information Security Communications & Financial Strategist at Jabil, while developing and implementing a Digital Marketing brand and framework seen in its Global CyberSecurity Information Assurance (GCIA) team’s logo, social media, website, applications, and global projects like the Employee Access EcoSystem, increasing the adoption of Security as a Service for its customers, vendors, partners, and its 90 facilities generating $18.3 billion in revenue. Lead global projects in Compliance, Audit, Licensing, Identity Access Management, Mobile Device Management, Application Security, Web Security and proprietary tools. Managed GCIA’s $10+ million annual budget by keeping alignment with GCIA roadmap, which involved evaluating cost centers and performing detailed financial analysis. Drafted and maintained policies and procedures, communication plans, reports, technical and user training documentation. Delivered technical support.
Sales and Marketing Support Coordinator
April 2012 - February 2014
Forward thinking as Sales & Marketing Coordinator at Arthur Rutenberg Homes, while developing and managing a Digital Marketing brand and strategy seen in its mobile app, social media, and website, revitalizing a 60-year-old brand with 32 franchises generating $82 million in revenue. Lead in-person and virtual training boot camps, remote desktop sessions, and webinars. Crafted and managed a customer’s experience. Drafted and maintained policies and procedures for sales, marketing, Sharepoint, and proprietary database tools. Delivered technical support for proprietary database tools and customer support.
Special Projects Manager
December 2010 - December 2011
Instrumental as Special Projects Manager at Telovations, while coordinating & supporting projects in accounting, operations, and sales & marketing for a dynamic telecommunications startup with $5 million in revenue. Assembled quotations, RFP proposals, slideshows, product capability booklets and managed customer accounts in Salesforce.com. Researched SEO and customer trending. Created blog & newsletter content and organized social & charitable activities. Drafted and maintained sales and data specifications. Delivered provisioning technical support.
Research Manager
August 2007 - December 2010
Played a key role as Research Manager at Lovett Miller, while serving as a liaison managing relationships with partners, brokers, investors and clients of $175 million venture capital fund. Ensured accuracy of data surrounding account reconciliations, AR/AP transactions, and expense management through maintenance of several bank, investment, security ledgers, and internal audits. Performed assessments of client business models, capital structures, and financial statements. Coordinated and published IT and financial specifications to document data requirements. Drafted and maintained policies and procedures for office management and technical support. Delivered desktop and server technical support.
Executive Assistant to Managing Director
June 2000 - August 2007
Dedicated as Executive Assistant at Lovett Miller, while engaged in staff recruitment and training to support a growing $175 million venture capital fund. Ensured monies owed were both paid and received by analyzing AR/AP for several entities, performed account reconciliations, and managed financial ledgers. Lead website and public relations efforts. Wrote & edited policies and procedures for office management and technical support. Provided desktop and server technical support.
Technical Skills
Social Media
Web Design & Management
CRM & Databases
Adobe Photoshop, InDesign & FrameWork
MS Office Professional and Office 365
Google Office & Sites
AWS & Azure
HTML & CSS
WordPress & Joomla
MS Visio and Access
Google Analytics
Salesforce
Education & Development
February 2023
Earners of the Security, Compliance, and Identity Fundamentals demonstrate a functional understanding of security, compliance, and identity (SCI) across cloud-based and related Microsoft services.
September 2021
The Certified Cloud Security Professional (CCSP) is a global credential that represents the highest standard for cloud security expertise. It was co-created by (ISC)² and Cloud Security Alliance (CSA), leading stewards for information security and cloud computing security. The CCSP shows you have the advanced technical skills and knowledge to design, manage and secure data, applications and infrastructure in the cloud using best practices, policies and procedures
July 2021
Certified Data Security Privacy Engineer (CDSPE) is a certification offered by ISACA, a nonprofit, independent association that advocates for professionals involved in information security, assurance, risk management and governance. Modern privacy laws and regulations require organizations to implement privacy by design and by default into IT systems, networks, and applications. To do so, privacy professionals must partner with software developers, system and network engineers, application and database administrators, and project managers to build data privacy and protection measures into new and existing technology environments.
November 2020
UCLA 's intensive, experiential program delivers a highly applicable toolkit of leadership skills, governance acumen and networking savvy that will prepare senior women executives, professionals and entrepreneurs to overcome the obstacles and seize the opportunities that they face in seeking corporate board service.
March 2020
Earners of the Azure Fundamentals certification have demonstrated foundational level knowledge of cloud services and how those services are provided with Microsoft Azure.
December 2019
Certified In Risk and Information Systems Control (CRISC) is a certification offered by ISACA, a nonprofit, independent association that advocates for professionals involved in information security, assurance, risk management and governance. ISACA’s Certified in Risk and Information Systems Control certification indicates expertise in identifying and managing enterprise IT risk and implementing and maintaining information systems controls.
March 2018
Certified Information Security Manager (CISM) is a certification offered by ISACA, a nonprofit, independent association that advocates for professionals involved in information security, assurance, risk management and governance. ISACA’s Certified Information Security Manager certification indicates expertise in information security governance, program development and management, incident management and risk management.
September 2017
The Certified Information Systems Security Professional (CISSP) is an objective measure of excellence. It’s the most globally recognized standard of achievement in the industry. And, this cybersecurity certification was the first information security credential to meet the strict conditions of ISO/IEC Standard 17024. The CISSP designation is a globally recognized, vendor-neutral standard at testing to an IT security professional's technical skills and hands-on experience implementing and managing a security program.
December 2016
Content Marketing Institute is the leading global content marketing education and training organization, teaching enterprise brands how to attract and retain customers through compelling, multi-channel storytelling.
December 2016
MarketingProfs is the one source that individual marketers, marketing teams, and some of the world's largest organizations turn to for modern marketing tools, training, strategies, articles, online seminars, discussion forums, and much more.
March 2016
May 2016
The University of Maryland is the state's flagship university and one of the nation's preeminent public research universities. A global leader in research, entrepreneurship and innovation, the university is home to more than 37,000 students, 9,000 faculty and staff, and 250 academic programs. Its faculty includes three Nobel laureates, three Pulitzer Prize winners, 47 members of the national academies and scores of Fulbright scholars. The institution has a $1.8 billion operating budget, secures $500 million annually in external research funding and recently completed a $1 billion fundraising campaign.
December 2015
ITIL® is the only consistent and comprehensive documentation of best practice for IT Service Management. Used by many hundreds of organizations around the world, a whole ITIL philosophy has grown up around the guidance contained within the ITIL books and the supporting professional qualification scheme.
ITIL consists of a series of books giving guidance on the provision of quality IT services, and on the accommodation and environmental facilities needed to support IT. ITIL has been developed in recognition of organizations' growing dependency on IT and embodies best practices for IT Service Management.
February 2012
The Tampa SEO Training Academy is a Licensed Training Associate of the Search Engine Academy and offers participants in Florida access to the premier SEO Training Certification Courses in the industry. Now available are a 2-Day SEO Basics, 3-Day SEO Advanced and a combined 5-Day SEO Mastery Workshop.
Master Business Administration ( Finance, MIS, Management)
August 2003 - December 2007
USF ranks 50th in the nation for federal expenditures in research and total expenditures in research among all U.S. universities, public or private, according to the National Science Foundation. Serving more than 47,000 students, the USF System has an annual budget of $1.5 billion and an annual economic impact of $3.7 billion. USF is a member of the American Athletic Conference.
Activities: · Graduate Business Association · Kosove Society · National Conference of Community and Justice · Phi Kappa Phi · Beta Gamma Sigma · Hui Na Aikanes o Hawaii · Ka Pa Hula o Kahekili
Bachelor of Science (Biology)
August 1996 - August 2000
USF ranks 50th in the nation for federal expenditures in research and total expenditures in research among all U.S. universities, public or private, according to the National Science Foundation. Serving more than 47,000 students, the USF System has an annual budget of $1.5 billion and an annual economic impact of $3.7 billion. USF is a member of the American Athletic Conference.
Activities: · Kosove Society · ASIA · Physics Club · Honors Program · Biology Honors Program · Hui Na Aikanes o Hawaii · Ku'u Home o Polynesia · HOSA
Awards
Finalist Oktane Lightning Award (August 2016)
The Oktane Awards celebrate the organizations and individuals who are taking big steps that enable their teams to worry less about technology, and focus more on innovative ways to drive value for the business. The Oktane Awards recognize inspiring and forward-thinking customers that are achieving ground-breaking results with Okta. The award nomination is a recognition of Walther Ardon and the entire Okta project team for their long hours, days and weekends committed to ensuring the Okta project’s success. The Okta project team members include Walther Ardon, Greg Fisher, Heantee Foo, Michael Theriault, Bryan Bowie, Chris Pearson & Gabriella Nelms.
Awards Winner and Nominee – T.E.N. ISE Southeast Executive of the Year (March 2016)
John Graham and the GCIA team won this award in recognition of the outstanding leadership and performance in risk management, data asset protection, regulatory compliance, privacy, and network security.Tech Exec Networks enables relationships and opens channels of communication between technology and security executives to interact with peers, industry visionaries and solutions providers. The company’s offerings include some of the country’s most well-acclaimed executive programs including virtual and traditional executive roundtables, road shows, private executive engagements and leadership recognition programs.
Finalist and Nominee T.E.N. ISE North America Leadership Summit (November 2015)
This award recognizes information security executives and their teams who demonstrate outstanding leadership in risk management, data asset protection, regulatory compliance, privacy, and network security. Tech Exec Networks enables relationships and opens channels of communication between technology and security executives to interact with peers, industry visionaries and solutions providers. The company’s offerings include some of the country’s most well-acclaimed executive programs including virtual and traditional executive roundtables, road shows, private executive engagements and leadership recognition programs.
Winner and Nominee T.E.N. ISE Southeast Project of the Year (March 2015)
This award recognized GCIA’s Employee Access Ecosystem team (John Graham, Walther Ardon, Greg Fisher, Michael Theriault, Troy Riley, Erik Collasius, and Gabriella Nelms) for their outstanding leadership in risk management, data asset protection, regulatory compliance, privacy, and network security. Jabil’s global customer base is highly competitive regarding intellectual property, cutting edge innovation, and the secrecy surrounding new product launches. Losing this data would result in millions of dollars in contract fines, as well as, major loss of existing and future business. To minimize customer and Jabil risk, Jabil created and adopted a portfolio of security-as-a-service solutions in order to better protect and secure the company’s critical information. The security-as-a-service initiative spanned three areas: application access, data loss prevention and external threats. This project enables Jabil to close security gaps, have an accelerated rapid time to value, leverage its security technology and practices as a market differentiator and create a competitive business advantage in the marketplace.
Nominee T.E.N. ISE North America Leadership Summit and Awards (November 2014)
This award recognizes information security executives and their teams who demonstrate outstanding leadership in risk management, data asset protection, regulatory compliance, privacy, and network security. Tech Exec Networks enables relationships and opens channels of communication between technology and security executives to interact with peers, industry visionaries and solutions providers. The company’s offerings include some of the country’s most well-acclaimed executive programs including virtual and traditional executive roundtables, road shows, private executive engagements and leadership recognition programs.
Nominee – CIO’s Digital Edge 25 Awards (November 2014)
The Digital Edge 25 Awards honor enterprises that have leveraged the digital technologies of social, mobile, analytics or cloud to transform or innovate in their business by:
-Focusing on the cross-functional business leadership that drives success.
-Attesting to the power of digital leadership.
-Recognizing a select group of digital achievers who have made great strides towards being a digital-centric business.Follow Me
Graphic Design & Digital Marketing Consulting Services
My Creative Outlet
Copyright 2014