Vice President, Executive Advisory, Office of the CISO
Greig Arnold brings more than 20 years of technical and leadership experience in financial industry, professional services and telecommunications to his current role. As vice president, executive advisory for the Office of the CISO, Arnold brings this experience to Optiv clients in financials and the Northeast region to help ensure quality and consistent client experiences. He also works closely with other Optiv sales executives to develop and ensure successful execution of regional and national sales strategies.
With over six years experience as a CISO in the financial and professional services industry, Arnold has a strong background in information security, security architecture, strategy, incident response, risk and governance. During his time with professional services, Arnold was the primary client contact for the information security program to provide knowledge and assurance of the firm’s information protection, privacy and compliance practices.
Arnold jointly led successful integration of information security and risk management processes, including risk assessment, security testing, GRC process and tool implementation, and incident management at companies such as J.P. Morgan Chase, KPMG, ING Bank and Infonet. He led security organizations’ efforts to ensure compliance with multiple regulatory and industry requirements, including the National Institute of Standards and Technology (NIST), Statement on Standards for A#estation Engagments (SSAE) 16 (SOC 1 and 2), PCI and Safe Harbor. This included liaising with information for an internal audit and regulating bodies, including the Office of the Comptroller of the Currency (OCC), the Monetary Authority of Singapore (MAS) and the London Inter-Bank Offered Rate (LIBOR).
Arnold has represented information security on many security round tables, business steering and working groups. He is an active member of InfraGard. Over his career he has held many certifications from leading technology, risk and security organizations, including the International Information Systems Security Certification Consortium (ISC2) and the Information Systems Audit and Control Association (ISACA).