Summary
Overview
Work History
Education
Skills
Phonenumbers
Professionalassociations
Certification
Languages
Timeline
Generic

Craig Edward Roche

Redwood City

Summary

Experienced in technical, security, and leadership roles with a proven track record of identifying and mitigating cybersecurity risks. Implemented innovative technologies to develop measurable strategies for reducing risk and enhancing security on a global scale. Expertise in integrating risk and control disciplines within regulated enterprises to achieve strategic alignment and organizational goals. Built cohesive and high-performance teams through collaborative technology leadership, fostering relationships across departments and partners. Utilized data-driven research methodologies and analytical thinking to identify and mitigate risks, measure control effectiveness, and drive positive change for enhanced safety. Capable of defining and developing people, processes, and technologies that address risks, manage costs, and support critical business needs by leveraging emerging technologies.

Overview

19
19
years of professional experience
1
1
Certification

Work History

Senior Technical Program Manager – Security

Google LLC
04.2022 - Current
  • Greenfield reboot of global technical insider risk program previously staffed with 50+ engineers focusing on preventing existential risks to entirety of Google’s infrastructure, products and services
  • Documented, defined and implemented control measurement for work previously performed
  • Created, approved and implemented new program strategy based on evolving cybersecurity risks
  • With senior engineering leadership drove updated scope management and control design for both probability and impact reducing controls

Technical Program Manager - Security

Verily Life Sciences LLC
03.2021 - 04.2022
  • First leader hired supporting CISO to create and drive transformational programs supporting objective of building capabilities independent of those supported by Google
  • Defined, developed and implemented complex Vendor Security Assessment tailored to Life Sciences portfolio
  • Worked with Google Compliance Engineering to map common controls to bespoke Security Policies & Standards
  • Led effort to re-design Incident Management and Secure Software Development Standards across portfolio

Director, Information Security Governance

Heartflow Inc
09.2019 - 11.2019
  • Led newly created team of security and compliance professionals reporting to CISO
  • Structured and drove SOC-1, SOC-2 and HiTrust certification program
  • Owned policies, controls, security awareness, engagement, communication, risk and security portfolio
  • Led internal resources responsible for control design, policy development and third-party trust
  • Engaged executive stakeholders on GRC posture and regulatory readiness
  • Defined standards and processes for security awareness, communication and engagement
  • Position Eliminated as part of downsizing

Senior Director, Information Security Governance

LendingClub Corporation
06.2013 - 06.2019
  • Built & led teams of managers and individual contributors establishing and maturing foundational technology capabilities
  • Defined technology governance practice, drove control creation, third party trust, and maintained relationships with key partners, key investors and regulators
  • Created and evolved audit-level technology change management, incident and asset management capabilities aligned to internal, external, regulatory and control obligations in areas of cybersecurity, risk and compliance
  • Owned Technology Policies and Standards, delivered and implemented Unified Control Framework and in conjunction with redesigned taxonomy of policies and standards
  • Executed strategic planning and forecasting for data centers and service migration to AWS including security, service availability, capacity modeling and vendor management

Service Solutions Director

GoodData Corporation
01.2012 - 01.2013

Senior Program Manager, Business Intelligence and Data

McAfee, An Intel Company
01.2011 - 01.2012

Manager Business Intelligence Program (BI) (Consultant)

Pacific Gas & Electric Company
01.2010 - 01.2011

Director Business Intelligence & Data Warehousing

Blue Shield of California
01.2008 - 01.2009

Director Integrated Planning

Blue Shield of California
01.2006 - 01.2007

Education

B.A. - Business Economics

University of California, Santa Barbara
Santa Barbara, CA

Skills

  • Full strategic re-baselining and implementation of global technical insider risk program driving security posture improvements for $13T global technology company
  • Designed, developed and deployed Third Party Security Risk program for leading health technology company
  • Co-authored cryptocurrency AML position paper with AnChainAI which was accepted by the United States Office of the Comptroller of the Currency
  • Defined and deployed comprehensive, integrated bank-ready cybersecurity and technology control program supporting largest consumer lender in the United States
  • Founded and developed Business Intelligence Program for one of the largest utilities in the US requiring regular executive presentations on program milestones and effectiveness
  • Defined and implemented strategic roadmap to re-structure data management capabilities and program of the largest health insurance payer organization in California

Phonenumbers

(650) 204-9820, (415) 215-5397

Professionalassociations

Advisory Board Member – Anchain.ai, 01/01/20, 12/31/21

Certification

  • Project Management Professional (PMP) - Project Management Institute.
  • ISACA Certified Governance Enterprise Information Technology (CGEIT)- ISACA.

Languages

French
Limited Working
Spanish
Limited Working

Timeline

Senior Technical Program Manager – Security

Google LLC
04.2022 - Current

Technical Program Manager - Security

Verily Life Sciences LLC
03.2021 - 04.2022

Director, Information Security Governance

Heartflow Inc
09.2019 - 11.2019

Senior Director, Information Security Governance

LendingClub Corporation
06.2013 - 06.2019

Service Solutions Director

GoodData Corporation
01.2012 - 01.2013

Senior Program Manager, Business Intelligence and Data

McAfee, An Intel Company
01.2011 - 01.2012

Manager Business Intelligence Program (BI) (Consultant)

Pacific Gas & Electric Company
01.2010 - 01.2011

Director Business Intelligence & Data Warehousing

Blue Shield of California
01.2008 - 01.2009

Director Integrated Planning

Blue Shield of California
01.2006 - 01.2007

B.A. - Business Economics

University of California, Santa Barbara
Craig Edward Roche