Gregory Rasner CV

---

Gregory is the author of the books “Cybersecurity & Third-Party Risk: Third-Party Threat Hunting” (Wiley, 2021) and “Zero Trust and Third-Party Risk” (Wiley, 2023); and the content creator of training and certification program “Third-Party Cyber Risk Assessor” (Third Party Risk Association, 2023).  He is a frequent keynote and panelist on cybersecurity and risk management topics, along with frequent blogs, podcasts, and online articles.  Greg is the SVP and Leader for Cyber Third-Party Risk at Truist Financial Corp. and received his B.A. from Claremont McKenna College.  He also currently serves in leadership roles or actively engaged with cybersecurity and third-party risk task force, boards, and industry groups.  His wife is a cybersecurity leader and enjoys traveling internationally with his family as frequently as possible.  And his dream job is in the UK or Europe working in the same field.  

Wiley, July 2023 (available for pre-order)

Based upon the mathematical inevitability for a third-party breach, wrote a book on how to implement zero trust for third-party risk and dramatically reduce risk.

Wiley, July 2021

Highly rated and reviewed guidebook on how to create a cyber-focused third-party risk management program.

TPRA, January 2023

Wrote and designed, in collaboration with Third Party Risk Association, a two-day course and an accompanying certification (TPCRA) that is proctored by PearsonVue. 

February 2023 to Present

Selected to perform co-chair role for critical task force stood up by ISC2 to help practitioners deal with this challenging topic. 

Dec 2018 to Jan 2019

Developed and advised on what course and order of selection for Johnston Community College students to get a cyber-concentration in the IT program. 

March 2018 to Present 

Provide leadership and input to Johnston Community College IT team for best practices. 

Senior Vice President, Cybersecurity Third Party Risk 

Truist (formerly BB&T), March 2018 - February 2024
Group Leader, Truist Cybersecurity Third Party Risk. In this role I am leader for a 20+ team of highly qualified cyber professionals to run cyber third-party risk at Truist. Responsible for the Enterprise Risk posed by vendors’ risk. Third Party assessments via physical validation, remote questionnaire, cybersecurity terms and conditions in MSAs, review and approval of vendor connectivity, and leading senior engagements at the Board and Executive Leadership. 

Part-Time Professor (Computer Science) 

Johnston Community College
Sep 2017 - Jul 2022
Teaching 1-2 classes per semester on hardware, software, security, and networking 

Director, Security Architecture 

IQVIA, Jun 2017 - Mar 2018
Responsible for Security Architecture at Quintiles (later IQVIA). Created standards and policy for security architecture at IQVIA and developed an architecture review board to ensure compliance with standards prior to production. Authored several patterns for lines of business to deploy solutions quickly and easily. 

Secure Development Manager, Data Center Products 

Cisco, Oct 2014 - Jun 2017
Built strategic goals for security features and stability on data center products. Led the decisions on when to release and priority as well as drove the development and testing of all these products. 

Network Security Program Manager (Cisco IT) 

Cisco, Nov 2011 - Oct 2014
As leader for this team, built project plans for deployment of key security features for Cisco's own IT network. First deployment of Cisco's 802.1x NAC product - Identity Services Engine (ISE) - globally and developed a how-to guide for customers to be successful in their own deployments. 

Infrastructure/Security Manager 

Federal Home Loan Bank of San Francisco Aug 2009 - Oct 2011 

Applications Security Architect 

Charles Schwab, Nov 2007 - Apr 2009 

CRM Manager 

Polycom, Feb 2006 - Nov 2007 

Applications Development Manager 

Charles Schwab, Apr 2005 - Feb 2006 

Senior Database Manager 

Wells Fargo Services, Jan 2004 - Apr 2005 

Director of Information Systems 

Avigen, Inc, Jan 2002 - Jan 2004 

Director, IT and Professional Services 

Silicon Energy Corp, Feb 1999 - Jan 2002 

Manager, I.T. 

PMI Mortgage Insurance Co. 1997 - 1999 

Senior Analyst 

LECG 1996 

Assistant Plant Manager, Victorville

Burrtec Industries 1995

Infantry Squad Leader 

US Marine Corps 1986 - 1992

1992 - 1995

Valedictorian and Summa Cum Laude 

Nominated and selected as a finalist in the international Information Systems Association (ISSA) competition for Security Professional of the Year for 2023. Award winner to be announced on August 5, 2023.

My presentation, “Cybersecurity & Third-Party Risk” at ISC2 Congress of 2022 was selected as one of the top 10 and added to a compilation of the “Best Of” for the event.

July 2014

Presented at the CSO40 Security Confab + Awards conference, the 2nd annual CSO40 Awards recognized security projects and initiatives that demonstrate outstanding business value and thought leadership.

Proven cybersecurity, risk management, and technology leadership for over twenty years, implementing technology and process solutions in the enterprise and secure development practices on both software, hardware, and cloud products. Experience includes:
• Leadership
• Risk Management
• Security and System Architecture
• Secure Design Lifecycle (SDLC)
• Data Privacy
• Writing and Speaking Expert
• Process Improvement
• Broad Industry Experience: Finance, Biotech, Telecom, Software
Greg is a proven leader who leads not only his team but industry discussions about risk management and cybersecurity. As a published author and speaker on these subjects, he can discuss and execute on these topics. 

·  “3 Steps to supply chain resilience”; CSO Online; March 3, 2022

·  “The 5 W’s of third-party incident management”; Security Magazine; Oct. 22, 2021

·  “Third Party risk: Reactive to Predictive”; CISO Mag, Nov, 24, 2020

·  “Third Party Risk and Threat Hunting”; ISSA Journal, Sept 3, 2020

·  “End-to-End Security Policy Control”; Cisco Blog; Dec 17, 2013

·  Third Party Threat Hunters Podcast: Host a podcast that brings in some of the thought-leaders for risk and cyber to learn and share.

·  Third Party Threat Hunters Blog: Author of a blog that produces valuable content on cyber and third-party risk.

·  Co-Chair, Truist Veteran’s Business Resource Group

o  Serve as co-chair for local Truist (formerly BB&T) chapter of veterans’ group that supports internal and external service members and families.

·  Mentor, American Legion Auxiliary

o  Reach out to soon-to-be or recently separated veterans to provide mentoring on transitioning out.

Wiley, July 2023 (available for pre-order)

Based upon the mathematical inevitability for a third-party breach, wrote a book on how to implement zero trust for third-party risk and dramatically reduce risk.

Wiley, July 2021

Highly rated and reviewed guidebook on how to create a cyber-focused third-party risk management program.

TPRA, January 2023

Wrote and designed, in collaboration with Third Party Risk Association, a two-day course and an accompanying certification (TPCRA) that is proctored by PearsonVue. 

February 2023 to Present

Selected to perform co-chair role for critical task force stood up by ISC2 to help practitioners deal with this challenging topic. 

Dec 2018 to Jan 2019

Developed and advised on what course and order of selection for Johnston Community College students to get a cyber-concentration in the IT program. 

March 2018 to Present 

Provide leadership and input to Johnston Community College IT team for best practices. 

Senior Vice President, Cybersecurity Third Party Risk 

Truist (formerly BB&T), March 2018 - Present
Group Leader, Truist Cybersecurity Third Party Risk. In this role I am leader for a 20+ team of highly qualified cyber professionals to run cyber third-party risk at Truist. Responsible for the Enterprise Risk posed by vendors’ risk. Third Party assessments via physical validation, remote questionnaire, cybersecurity terms and conditions in MSAs, review and approval of vendor connectivity, and leading senior engagements at the Board and Executive Leadership. 

Part-Time Professor (Computer Science) 

Johnston Community College
Sep 2017 - Jul 2022
Teaching 1-2 classes per semester on hardware, software, security, and networking 

Director, Security Architecture 

IQVIA, Jun 2017 - Mar 2018
Responsible for Security Architecture at Quintiles (later IQVIA). Created standards and policy for security architecture at IQVIA and developed an architecture review board to ensure compliance with standards prior to production. Authored several patterns for lines of business to deploy solutions quickly and easily. 

Secure Development Manager, Data Center Products 

Cisco, Oct 2014 - Jun 2017
Built strategic goals for security features and stability on data center products. Led the decisions on when to release and priority as well as drove the development and testing of all these products. 

Network Security Program Manager (Cisco IT) 

Cisco, Nov 2011 - Oct 2014
As leader for this team, built project plans for deployment of key security features for Cisco's own IT network. First deployment of Cisco's 802.1x NAC product - Identity Services Engine (ISE) - globally and developed a how-to guide for customers to be successful in their own deployments. 

Infrastructure/Security Manager 

Federal Home Loan Bank of San Francisco Aug 2009 - Oct 2011 

Applications Security Architect 

Charles Schwab, Nov 2007 - Apr 2009 

CRM Manager 

Polycom, Feb 2006 - Nov 2007 

Applications Development Manager 

Charles Schwab, Apr 2005 - Feb 2006 

Senior Database Manager 

Wells Fargo Services, Jan 2004 - Apr 2005 

Director of Information Systems 

Avigen, Inc, Jan 2002 - Jan 2004 

Director, IT and Professional Services 

Silicon Energy Corp, Feb 1999 - Jan 2002 

Manager, I.T. 

PMI Mortgage Insurance Co. 1997 - 1999 

Senior Analyst 

LECG 1996 

Assistant Plant Manager, Victorville

Burrtec Industries 1995

Infantry Squad Leader 

US Marine Corps 1986 - 1992

1992 - 1995

Valedictorian and Summa Cum Laude 

Nominated and selected as a finalist in the international Information Systems Association (ISSA) competition for Security Professional of the Year for 2023. Award winner to be announced on August 5, 2023.

My presentation, “Cybersecurity & Third-Party Risk” at ISC2 Congress of 2022 was selected as one of the top 10 and added to a compilation of the “Best Of” for the event.

July 2014

Presented at the CSO40 Security Confab + Awards conference, the 2nd annual CSO40 Awards recognized security projects and initiatives that demonstrate outstanding business value and thought leadership.

Proven cybersecurity, risk management, and technology leadership for over twenty years, implementing technology and process solutions in the enterprise and secure development practices on both software, hardware, and cloud products. Experience includes:
• Leadership
• Risk Management
• Security and System Architecture
• Secure Design Lifecycle (SDLC)
• Data Privacy
• Writing and Speaking Expert
• Process Improvement
• Broad Industry Experience: Finance, Biotech, Telecom, Software
Greg is a proven leader who leads not only his team but industry discussions about risk management and cybersecurity. As a published author and speaker on these subjects, he can discuss and execute on these topics. 

·  “3 Steps to supply chain resilience”; CSO Online; March 3, 2022

·  “The 5 W’s of third-party incident management”; Security Magazine; Oct. 22, 2021

·  “Third Party risk: Reactive to Predictive”; CISO Mag, Nov, 24, 2020

·  “Third Party Risk and Threat Hunting”; ISSA Journal, Sept 3, 2020

·  “End-to-End Security Policy Control”; Cisco Blog; Dec 17, 2013

·  Third Party Threat Hunters Podcast: Host a podcast that brings in some of the thought-leaders for risk and cyber to learn and share.

·  Third Party Threat Hunters Blog: Author of a blog that produces valuable content on cyber and third-party risk.

·  Co-Chair, Truist Veteran’s Business Resource Group

o  Serve as co-chair for local Truist (formerly BB&T) chapter of veterans’ group that supports internal and external service members and families.

·  Mentor, American Legion Auxiliary

o  Reach out to soon-to-be or recently separated veterans to provide mentoring on transitioning out.