DOMINGO A. CASTILLO
Over 25 years of experience in information technology, information security risks, and project management.
ACADEMIC AND PROFESSIONAL BACKGROUND
Domingo A. Castillo holds a Masters in Business Administration (MBA) from H. Wayne Huizenga School of Business, Nova Southeastern University, David, Florida.
He also has Masters in Project Management (MPM) and Masters in Public Administration (MPA) from Keller Graduate School of Management, DeVry University, Miramar, Florida. Actually, he is a candidate for an Executive Doctorate of Business Administration Field Of Study Information Security at St. Thomas University Date expected graduation 2022.
Castillo holds several certifications such as Certified Information System Security Professional (CISSP), Project Manager Professional (PMP), Security+, and Lean Six Sigma-Yellow Belt.
CHIEF INFORMATION SECURITY OFFICER (CISO) AT MIAMI DADE COLLEGE (MDC)
March 2020 - Present
Responsible for the information security program of the College and the coordination of information security efforts across the college.
Coordinate the process to build a college‐wide information security strategy and vision and oversee the creation and maintenance of the over‐arching College information security policies, procedures, and standards, lead security risk assessment efforts, lead incident investigation and
resolution, and manage the college's awareness and training program.
Assist in the development of disaster recovery and business continuity plans and procedures.
Monitor information security trends and keeps the College’s senior management informed about security related issues and activities affecting the college
CHIEF INFORMATION SECURITY OFFICER (CISO) AT UNIVERSITY OF ARKANSAS (UARK)
October 2019 - March 2020
Responsible for maintaining and enhancing existing standards and practices to manage the confidentiality, integrity and availability of assets and data.
Oversee the governance and management of the information security program.
Provides risk assessments, risk reports, strategy and operating model, program updates, and advises on all matters pertaining to information security and their potential impact on UARK.
Accountable for the maintenance, enhancements, and monitoring of a strategic, risk management based, information security program to ensure the availability, integrity and confidentiality of information across UARK.
AVP REGIONAL INFORMATION SECURITY AND COMPLIANCE OFFICER AT CHUBB CORPORATION
March 2014 - October 2019
Implemented and managed regional information security program for Chubb that with 31,000 employees and 167 billion in assets, is the world’s largest publicly traded P&C insurance company and the largest commercial insurer in the U.S.
Responsible for the strategy, planning, development and maintenance of regional Information Security program, policies, standards, and procedures (based ISO, NIST, PCI, SOX, C2M2, COBIT).
Responsible to ensure that the region has established and implemented an appropriate information security and data protection program and controls, designed to safeguard the security and confidentiality of information for employees and clients, including company’s internal and external systems, mobile applications or Cloud ‐ IaaS, PaaS, SaaS.
SITE LEAD INFORMATION SECURITY ANALYST: AT BAPTIST HEALTHCARE SOUTH FLORIDA (BHSF)
June 2013 - March 2014
Coordinate, collaborate, and team up with different organizational units to determine information security controls; technology selection and integration, and information systems access and use.
Responsible for the strategic planning and tactical execution of information security controls for bio‐medical devices.
Contribute to governance and facilitate remediation of related risks, deficiencies, gaps or issues.
SR. SECURITY ANALYST CONSULTANT AT ACE INSURANCE
February 2013 - June 2013
Assist in the development, implementation, and maintenance of the global information security program, focusing on data protection and regulatory compliance for a worldwide Insurance company with more than 6,000 employees, and $53B in revenue.
List of the tasks including but not limited to Data Loss Prevention (DLP), Mobile encryption, PCI compliance, Email encryption and filtering, Malware management, Logs consolidation and management, Implemented content management, Patch management, Security assessment, IRM‐ARMA control assessments, Change management. Review SOC agreements, and assess SSA16 reports.
SR. INFORMATION SECURITY ANALYST: BECKMAN COULTER
July 1995 - December 2012
Implemented and managed cost‐effective solutions to protect the confidentiality, integrity, and availability for a multinational corporation with more than 120 offices worldwide, 12,000 employees, and $3.3 billion in revenue.
Project Manager: Managed all aspects of the development and implementation of IT infrastructure projects. Effectively managed various IT and Info‐Sec‐related projects in matrix environment using Network, Server, Applications, Desktop, and Service Desk departments. Projects included managing 5‐45 associates and budgets from $50,000 to over $2 million.