Greg Bassett
Verified Expert in Engineering
Cybersecurity Executive and Compliance Program Developer
Basking Ridge, NJ, United States
Toptal member since February 28, 2023
Greg is a seasoned and highly qualified cybersecurity and compliance executive. He has built and led cybersecurity and compliance teams in different healthcare, financial services, and pharmaceutical organizations throughout his career. Greg's proven expertise in technical, administrative, and procedural controls for information protection allows him to help businesses keep their critical information secure, confidential, and intact.
Portfolio
Experience
Availability
Preferred Environment
Risk Assessment
The most amazing...
...thing I've done is creating and staffing successful cybersecurity and compliance programs in both startups and large, established companies.
Work Experience
Director of Information Security and Technology
Vault Health
- Created Vault's internal IT program, supporting all aspects of this healthcare startup during critical growth and onboarding over 3,000 new medical professionals and 200 new staff members.
- Built an initial team of IT professionals to support the organization's acquisition growth with the completion of over 10 million COVID-19 tests and 600,000 vaccinations. We implemented the support COVID-19 antigen testing program nationwide.
- Developed the information security program, hiring the initial staff and implementing policies and procedures for all aspects of information security—identify, protect, detect, respond, and recover.
- Completed the SOC 2 Type 2 assessment and the annual SOC 2 program.
- Managed the integration with an acquired company and rationalized application portfolios, security architecture, security operations, and GRC programs.
- Spearheaded all client security inquiries, including questionnaires, RFP responses, and sales proposals.
- Migrated the enterprise from Google Workspace to Microsoft 365, improving security posture and reducing costs.
- Launched the IAM synchronization program to improve onboarding and offboarding speed and compliance.
- Developed NIST-based information security policies covering all business areas, including newly acquired companies, resulting in improved compliance, alignment with industry standards, and client expectations in highly regulated industries.
Director, IT Policy and Compliance
KPMG
- Created and implemented the firm's first NIST 800-171, HITRUST, and PCAOB compliance programs.
- Expanded the firm's SOC 2 compliance program by 3x, covering $1.5 billion in annual revenue.
- Led the complete overhaul of the firm's IT policies, simplifying the language and reducing conflicting and contradicting sets of requirements, procedures, and standards.
- Drove out stalled remediation plans, closing 95% of all the internal audit PCAOB inspection findings and improving the firm's general IT control posture.
- Absorbed the firm's stalled Archer GRC development and support program, accelerating key program expansions with security incident management, vendor management, and application risk assessment functions, and executive dashboarding.
- Developed staffing plans for recruitment and doubled the size of the team.
- Created and led firm-wide NIST 800-171 awareness and education efforts.
- Coordinated with security architecture programs to align key programs with long-running remediation plans and security and compliance gaps.
Experience
Global Pharmacovigilance Surveillance System
The system supported global regulatory compliance for a multi-billion dollar portfolio of drugs and products marketed in over 240 countries. The platform was used by drug safety staff in the USA, Belgium, England, and Australia.
RFP/RFI/Client Security Inquiry Experience
Client Security Inquiry | KPMG
Education
Master's Degree in Technology Management
Stevens Institute of Technology - Hoboken, NJ, USA
Bachelor's Degree in Business Administration
Centenary University - Hackettstown, NJ, USA
Certifications
CISSP – Certified Information Systems Security Professional
(ISC)²
Project Management Professional (PMP)
Project Management Institute (PMI)
Skills
Paradigms
HIPAA Compliance, Management, DevSecOps
Platforms
Amazon Web Services (AWS)
Industry Expertise
Cybersecurity, Network Security
Storage
Database Security
Languages
PHP, SQL, HTML
Other
SOC Compliance, SOC 2, Risk Analysis, Risk Assessment, IT Management, Data Privacy, NIST, IT Project Management, Security Policies & Procedures, Policy Development, Technology, IT Security, CISSP, Security, IT Security, IT Project Management, Project Management, Risk Management, SaaS, Cloud Security, Web Security, Business Continuity, Business Continuity & Disaster Recovery (BCDR), Disaster Recovery Plans (DRP), Compliance, ISO Compliance, CISO, Vulnerability Assessment, Root Cause Analysis, IT Service Management (ITSM), Platform as a Service (PaaS), IaaS, Coaching, Strategic Planning, Incident Management, Information Security, Information Security Management Systems (ISMS), Policy, Cybersecurity Maturity Model Certification (CMMC), System-on-a-Chip (SoC), Encryption, Networking, Data Protection, Software Development Lifecycle (SDLC), RFPs, RFQs, ITTs, Responses, Proposals & Quotes, RFI Response, Contract Management, Audits, SOC 1, FedRAMP, Internal Audit Function
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring