I am an information security leader focused on data risk management, governance, and third-party risk. Over the last decade I have built and run enterprise programs to protect people data, drive risk reduction across vendor ecosystems, and align security with business objectives. I thrive in cross-functional environments where I translate complex security concepts into practical policies, processes, and automation. I am passionate about reducing risk through governance, data mapping, and scalable IT controls, while mentoring teams and partnering with stakeholders to achieve measurable improvements.

Michael Brady

I am an information security leader focused on data risk management, governance, and third-party risk. Over the last decade I have built and run enterprise programs to protect people data, drive risk reduction across vendor ecosystems, and align security with business objectives. I thrive in cross-functional environments where I translate complex security concepts into practical policies, processes, and automation. I am passionate about reducing risk through governance, data mapping, and scalable IT controls, while mentoring teams and partnering with stakeholders to achieve measurable improvements.

Available to hire

I am an information security leader focused on data risk management, governance, and third-party risk. Over the last decade I have built and run enterprise programs to protect people data, drive risk reduction across vendor ecosystems, and align security with business objectives.

I thrive in cross-functional environments where I translate complex security concepts into practical policies, processes, and automation. I am passionate about reducing risk through governance, data mapping, and scalable IT controls, while mentoring teams and partnering with stakeholders to achieve measurable improvements.

See more

Skills

Experience Level

Python
Expert
JavaScript
Expert
SQL
Expert
PowerShell
Expert
Snowflake
Expert
MySQL
Expert
Oracle
Expert
Amazon Web Services
Intermediate
Azure
Intermediate
Docker
Intermediate
Django
Intermediate
Kubernetes
Intermediate
GitHub Copilot
Intermediate
HTML5
Intermediate
Jira
Intermediate
React Native
Intermediate
See more

Language

English
Fluent

Work Experience

Video Editing at Yesterday Calling
January 1, 2014 - Present
set up cameras, recorded audio, created videos
Consultant, Third-Party Risk at Cigna Healthcare
February 1, 2023 - Present
Conduct third-party risk assessments, review ISO27001 reports, policy documentation, network diagrams, penetration tests, and application vulnerabilities; report findings to senior leadership. Manage a vendor portfolio for continuous monitoring, tracking risks and exceptions. Led implementation of ServiceNow and OneTrust TPRM tooling; performed risk-based assessments; coordinated remediation with application support and security operations.
Senior Manager, Data Risk – People Data at Cox Enterprises, Inc.
May 1, 2012 - August 31, 2022
Developed governance strategies around Data Breach Response, Third-Party Due Diligence, and People Data risk reduction. Gatekeeper on the Architecture Review Board to review IT projects for vulnerabilities and mitigation requirements before approval. Standardized Third-Party Risk Management intake across four Cox divisions; led a company-wide TPRM governance program; negotiated IT security obligations in contracts; oversaw implementation of ServiceNow and OneTrust. Led data mapping, risk-based vendor assessments, and data security improvements.
Business Process Consultant at The Intersect Group / Cox Enterprises, Inc.
November 1, 2011 - May 31, 2012
Business process improvement work including mapping current-state processes, defining future-state options, and facilitating SME sessions to assemble KPIs and SLA data. Expanded contract to develop a service catalog and provide incident-driven service information for customers.
Senior IT Auditor at Turner Broadcasting System, Inc.
July 1, 2005 - November 30, 2011
Led domestic and international IT audits and risk remediation projects; influenced RFP process and Paisley GRC risk management software deployment; developed training materials and led company rollout. Coordinated cross-functional teams to redesign IT controls and achieve SOX 404/302 compliance.
Senior PeopleSoft Developer at Turner Broadcasting System, Inc.
January 1, 2000 - July 31, 2005
Developed SQR, PeopleCode, and Linux shell scripts; led training for new products; maintained PeopleSoft HRMS/Payroll environments; performed performance tuning and upgrade activities; orchestrated HRMS/Payroll architecture and interface modules.

Education

Bachelor of Science in Environmental Engineering at Michigan State University
January 11, 2030 - May 1, 1993

Qualifications

Certified Information Systems Security Professional (CISSP)
January 11, 2030 - January 26, 2026
Certified Information Systems Auditor (CISA)
January 11, 2030 - January 26, 2026
Holistic Information Security Practitioner (HISP)
January 11, 2030 - January 26, 2026
Cloud Security Alliance – CSA 1.1
January 11, 2030 - January 26, 2026

Industry Experience

Healthcare, Media & Entertainment, Professional Services
    paper Yesterday Calling - More than a Feeling

    In 2023 we had 3 performances at various clubs around Atlanta. For each performance I set up 5 cameras and recorded audio off the mixing board, all mixed live. I then assembled all 3 performances of Boston’s More Than a Feeling in to one video using one of the best audio tracks which I enhanced in Logic Pro. I had to sync all the angles in Final Cut Pro and then threw in some special effects.