Andrew Hiller
Information Security Manager at HireVue- Claim this Profile
Click to upgrade to our gold package
for the full feature experience.
Topline Score
Bio
Joshua Dustin
Andrew Hiller reported to me for +4 years serving in a variety of capacities. Every CISO needs a Swiss army knife like Andrew Hiller, and I was so lucky to have him as mine. Originally he managed our ISO and SOC functions, and when a need arose for someone to handle audits from our largest customers (JPMC, Bank of America, etc) Andrew was there raising his hand and took on the task. When I lost my entire technical infosec team, Andrew was there and willing to completely pivot, step in, rebuild, and lead that team. We later lost our Director of IT, but Andrew was there again, ready to serve as the interim Director on top of his many other duties. The same happened when my team needed a dedicated liaison with our Customer Success team. Over and over and over, Andrew was there raising his hand, right when we needed it. As a leader, Andrew is real. Approachable. Compassionate. Connected. The kind of leader who would drive +4 hours each way to take a team member golfing, because he knows he’s going through a deep personal trial and needs a friendly face. Without hesitation, I would highly recommend Andrew for any kind of role where good leadership is needed. He’s the kind of manager I would personally love to report to.
Joshua Dustin
Andrew Hiller reported to me for +4 years serving in a variety of capacities. Every CISO needs a Swiss army knife like Andrew Hiller, and I was so lucky to have him as mine. Originally he managed our ISO and SOC functions, and when a need arose for someone to handle audits from our largest customers (JPMC, Bank of America, etc) Andrew was there raising his hand and took on the task. When I lost my entire technical infosec team, Andrew was there and willing to completely pivot, step in, rebuild, and lead that team. We later lost our Director of IT, but Andrew was there again, ready to serve as the interim Director on top of his many other duties. The same happened when my team needed a dedicated liaison with our Customer Success team. Over and over and over, Andrew was there raising his hand, right when we needed it. As a leader, Andrew is real. Approachable. Compassionate. Connected. The kind of leader who would drive +4 hours each way to take a team member golfing, because he knows he’s going through a deep personal trial and needs a friendly face. Without hesitation, I would highly recommend Andrew for any kind of role where good leadership is needed. He’s the kind of manager I would personally love to report to.
Joshua Dustin
Andrew Hiller reported to me for +4 years serving in a variety of capacities. Every CISO needs a Swiss army knife like Andrew Hiller, and I was so lucky to have him as mine. Originally he managed our ISO and SOC functions, and when a need arose for someone to handle audits from our largest customers (JPMC, Bank of America, etc) Andrew was there raising his hand and took on the task. When I lost my entire technical infosec team, Andrew was there and willing to completely pivot, step in, rebuild, and lead that team. We later lost our Director of IT, but Andrew was there again, ready to serve as the interim Director on top of his many other duties. The same happened when my team needed a dedicated liaison with our Customer Success team. Over and over and over, Andrew was there raising his hand, right when we needed it. As a leader, Andrew is real. Approachable. Compassionate. Connected. The kind of leader who would drive +4 hours each way to take a team member golfing, because he knows he’s going through a deep personal trial and needs a friendly face. Without hesitation, I would highly recommend Andrew for any kind of role where good leadership is needed. He’s the kind of manager I would personally love to report to.
Joshua Dustin
Andrew Hiller reported to me for +4 years serving in a variety of capacities. Every CISO needs a Swiss army knife like Andrew Hiller, and I was so lucky to have him as mine. Originally he managed our ISO and SOC functions, and when a need arose for someone to handle audits from our largest customers (JPMC, Bank of America, etc) Andrew was there raising his hand and took on the task. When I lost my entire technical infosec team, Andrew was there and willing to completely pivot, step in, rebuild, and lead that team. We later lost our Director of IT, but Andrew was there again, ready to serve as the interim Director on top of his many other duties. The same happened when my team needed a dedicated liaison with our Customer Success team. Over and over and over, Andrew was there raising his hand, right when we needed it. As a leader, Andrew is real. Approachable. Compassionate. Connected. The kind of leader who would drive +4 hours each way to take a team member golfing, because he knows he’s going through a deep personal trial and needs a friendly face. Without hesitation, I would highly recommend Andrew for any kind of role where good leadership is needed. He’s the kind of manager I would personally love to report to.
Credentials
-
Certified Information Systems Auditor® (CISA)
ISACAJan, 2022- Nov, 2024 -
Networking Fundamentals
MicrosoftApr, 2016- Nov, 2024 -
Project +
CompTIAMar, 2016- Nov, 2024 -
Database Fundamentals
MicrosoftOct, 2015- Nov, 2024 -
A+
CompTIAJan, 2016- Nov, 2024
Experience
-
HireVue
-
United States
-
Software Development
-
200 - 300 Employee
-
Information Security Manager
-
Apr 2021 - Present
-
-
Information Security and Compliance Specialist
-
Jul 2019 - Apr 2021
•Ensure Compliance with HireVue's contractual obligations and other requirements. •Manage entities Type 2 SOC 2, ISO/IEC27001:2013 security control framework.•Liaison with external auditors and other internal teams (IT, Engineering, Legal, and Finance) to support certification audits.•Evaluate and track 3rd party vendor risk.
-
-
-
PEGUS Research
-
United States
-
Research Services
-
1 - 100 Employee
-
Director of Information Technology and Security/Information Security Officer
-
Jul 2017 - Jul 2019
Serves as the Information Security Officer for the organization. Monitor, evaluate, and maintain security systems and procedures to protect the company’s information assets. Manage and direct the review and auditing of access and permissions of systems and applications to ensure devices are configured securely and in accordance with information security policies and standards.
-
-
Information Security Manager
-
Dec 2015 - Jul 2017
-
-
Information Security Administrator
-
Jan 2015 - Dec 2015
Serve as an internal information security consultant to the organization, under the direction of the General Manager. Monitor, evaluate, and maintain security systems and procedures to protect the company’s information assets. Assist in the review and auditing of access and permissions of systems and applications to ensure devices are configured securely and in accordance with information security policies and standards. Serve as the primary point of contact for access management for core systems and applications, and conducts periodic reviews and validation of user’s network accounts, access and permissions. Monitor server logs, firewall logs, intrusion detection logs, and network traffic for unusual or suspicious activity. Interprets activity and makes recommendations for resolution. Assist in implementing processes to track, monitor, and report compliance with information security policies, procedures, guidelines and regulatory requirements. Provide support in the development of monthly metrics and indicators and in the remediation Information Security action plans. Helps evaluate suspected security violations and works with the information security officer to recommend corrective actions under the guidance of the General Manger. Help in the review and auditing roles access and permissions of systems and applications to ensure the devices are configured securely and in accordance with information security policies and standards. Provide support to ensure company processes remain in compliance with SOC control frameworks, and applicable data privacy regulations. Communicate with other departments in order to establish IT strategies that are effective and relevant to the needs of the end-user. Assist in implementing and maintaining appropriate IT solutions for the company and establishes, tests, and maintains security for the company’s IT and telephony infrastructure. Provide technical support to end-users when necessary. Show less
-
-
-
American Express
-
United States
-
Financial Services
-
700 & Above Employee
-
Security Administrator - Global Banking Group
-
Dec 2011 - Jan 2015
Security Admininstrator supporting US Banking (AECB and FSB) at American Express. Provide IT/IS Support for Fed Examiners with relation to transaction testing during examination periods.
-
-
Security Administrator
-
2006 - 2014
Reduced risk through controls to mainframe system access. Ensured AMEX information assets are adequately protected against unauthorized alteration, loss, disclosure, destruction, or denial. This includes: Interfacing with Internal Control, Information Security, and Group Security Administrators within supported business. Supported AMEX Information Protection policies and standards, and working within the matrices of transactions-by-job created by the business to ensure appropriate access to information assets. Show less
-
-
Business Unit Security Admins - Security Administrator I
-
Aug 2008 - Jan 2012
Control and Manage User access permissions throughout all United States Service Centers. Worked with Project/Software development which directly impacted end user functionality and card holder experiances with AmEx. Provided QA Testing for new or changing security platforms.
-
-
New Accounts - Fraud Analyst
-
Jul 2007 - Aug 2008
Call Center position, which analyzed new acquisition applications for Fraud or other Key Risk Indicators.
-
-
Intern - Business Unit Security Administrators
-
Aug 2006 - Jul 2007
-
-
Education
-
2013 - 2017
Western Governors University
Bachelor of Science, Information Technology Management
Community
