Nick is the Chief Information Security Officer (CISO) and Data Protection Officer at SAI360, the leading ESG cloud platform connecting GRC, EHS&S, and Learning. Nick is responsible for global information and cyber security, data privacy, product security and business continuity management. Previously, he served as the CISO at Monster Worldwide (Monster.com, Monster Government Solutions, Military.com) where he led global information and cyber security, fraud prevention and business continuity management across commercial and U.S. Federal and State services.

Prior to joining Monster, Nick was the Director of Security & Privacy for Philips HealthSuite digital platform (HSDP), an innovative cloud services business enabling all stages of the health continuum, where he was responsible for establishing, executing, and continuously improving a global security management and data privacy by design program aligned with business objectives and customer requirements.

Earlier in his career, Nick held various InfoSec senior leadership positions at Endurance International Group, Continuum Managed Services, Pegasystems, and Merck Millipore Corp, in roles where he was primarily focused on establishing a global information, cyber security and data privacy program that fit the overall organization’s business model and customer requirements.

Nick is a business focused, process-oriented and technical information security senior leader with over 18 years of experience building and leading global information security teams and programs as a critical business enabler across various industries and hosted cloud services. His strengths including focusing on risk and security strategies, assessing and managing risks, regulatory and international data privacy compliance, security architecture and operations, and continuous improvement programs for protecting assets.

Nick holds a Master of Science in Network Security from Capitol College, and a Bachelor of Science in Business Administration – Operations Management \ Management Information Systems from Salem State College. He also holds C|CISO, CISSP-ISSAP, & CISM credentials.

With more than 30 years of experience in Cybersecurity spanning a variety of heavily regulated sectors, most notably in critical infrastructure and high tech Brandon brings a wide and diverse background.  

Across his career, Brandon has been a CISO, Information Security entrepreneur, Product Manager and consultant. Brandon also has cultivated and helped build communities around emerging security topics for a number of professional and industry associations, as well as developing and delivering curriculum on key security and compliance topics for security leaders across the globe.

Previously, he led the Global Security Compliance teams responsible for Amazon’s compliance to PCI-DSS, HIPAA and a myriad of global, country and state specific regulations and frameworks. Prior to Amazon, he was the Global CISO at Black & Veatch an international Engineering, Construction and Engineering firm specializing in critical infrastructure.

He continues to give back to the information security community by hosting and moderating (ISC)2 web events for the Americas and EMEA regions. Brandon has also addressed international gatherings and regional events of the Institute of Internal Auditors, ISACA, IANS, ASIS International as well as being quoted and profiled in major industry publications, including CSO Online, Information Security Magazine, Dark Reading, Compliance Week, TechTarget’s SearchSecurity  and (ISC)2’s InfoSec Professional.

Computer securty expert, with a wide range of experience and a proven track record across multiple disciplines. Recent focus includes IP Protection, Certifications, and Policy work.

Specialties: • Applied computer system security, forensics, advanced data protection methodologies
• Economically feasible holistic security systems
• Threat modeling / implementation analysis / risk reduction methodology
• Common Criteria Certifications
• Designing, implementing, managing, and supporting secure product management and development processes.
• Software Supply Chain Analysis
• Access authentication technology (Biometrics, Smartcards, Token Technologies)

Senior information security and risk management professional. Career incorporates successful track record across corporate and consulting roles, securing IT assets for numerous Fortune 1000 companies.

Areas of expertise include analyzing and providing cyber security, information risk and regulatory compliance requirements to protect corporate data assets, business opportunities and maximize revenue in alignment with corporate goals and initiatives.

Core Competencies
• Information security and privacy
• Operational Security
• Secure Cloud Services / AWS Security
• Security Risk Frameworks
• Encryption & Key Management
• New Technology Evaluation
• Application Security Assessments
• PCI Compliance
• Business Technology Solutions

• Author - Computer Security - 20 Things Every Employee Should Know (McGraw-Hill). Contributing author - Network Security: The Complete Reference (Osborne) and The Handbook of Information Security Management (Auerbach)
• Writer of book reviews on information security, privacy and related topics for Security Management magazine and Slashdot
• Member of the InformationShield ‘Information Security Policy Expert Panel’
• Founding Member of the Cloud Security Alliance
• Professional affiliations: ISACA, Technology Managers Forum, New York Metro & New Jersey InfraGard, NY/NJ ECTF.
• Speaker at industry conferences such as RSA, MISTI and ISACA.
• Current certifications: CISSP, CISM, CISA, CGEIT, CRISC

Attorney and Privacy Law Specialist (PLS); IAPP Fellow of Information Privacy, AIGP, CIPP/US, CIPP/E, CIPM; ISC2 CCSP, CISSP