Anthony G. Dupree
Atlanta
Summary
Transformational leader in cybersecurity and information technology, driving strategic initiatives that enhance security posture and compliance while delivering up to $45 million in cost savings. Demonstrated success in deploying innovative technologies and frameworks that elevate risk management practices and optimize organizational resilience across global operations.
Overview
14
14
years of professional experience
1
1
Certification
Work History
Global Chief Information Security Officer/Chief Information Officer
ASI Group
Toccoa
01.2022 - Current
- Reporting to CFO, develop and implement business strategic vision aided by 4 direct and 15 indirect associates.
- Oversaw technological infrastructure across North America, Europe, and Australia, managing IT operations, VOIP systems, IoT, robotics software development, information security & compliance, and artificial intelligence.
- Designed and deployed IoT device architectures integrating sensors, microcontrollers, and cloud connectivity to enable real-time data collection.
- Optimized device provisioning and lifecycle management to improve scalability and reduce maintenance overhead.
- Automated predictive maintenance workflows using machine-learning-driven IoT telemetry.
- Developed and implemented information security strategy, policies, and programs, ensuring confidentiality, integrity, and availability of information assets.
- Deployed Google LM to be used for contract negotiation.
- Ensure compliance with industry standards and regulations, such as ISO 27001, PCI, and SOC2 and other relevant frameworks.
- Establish and maintain a security awareness training program for employees, contractors, and partners to ensure that they understand their roles and responsibilities in protecting our information assets & those of our clients.
- Collaborate with departmental leadership to ensure that information security requirements are integrated into business processes and systems development lifecycles.
- Deploy current application security technologies (e.g., OWASP, container security tools, DAST, SAST, SCA, web application pen tests, WAF security, API security).
- Selected and implemented suitable technology to streamline all internal operations and help optimize their strategic benefits.
- Design and customize technological systems and platforms to improve customer experience.
- Developed and implemented a three-year global strategy to support Artificial Intelligence, process automation and digital transformation of the production ecosystem.
- Oversee the design, implementation, and maintenance of a scalable and reliable IT infrastructure, including networks, servers, databases, and software applications including DEVOPS.
- Develop, implement, and oversee risk management framework (ERM) and Business Continuity program (NRIsk; NContinuity).
- Led third party/vendor security risk assessment program and governance, risk, and compliance (GRC) initiatives.
- Define and develop standards, processes, and policy for the evaluation of risk across the enterprise to ensure the organization operates within stated policies.
- As a member of the senior management team, participates in company-wide strategic planning, policy formulation, and budgeting.
- Conducted independent and objective risk assessments for executive management and the Board of Directors.
- Implemented and refined the following security team process functions and tooling in the following areas: Agentic AI, Post quantum cryptography, CIS Baseline Workstation/Server Hardening; Access Control Monitoring; Internal Data Segregation; Log Management / Monitoring; File Integrity Management; Internal Monthly Vulnerability Assessment, Yearly External / Internal Pen Testing: Incident Response Review and Testing, Patch Management, Business Continuity, & Data Classification; Security Metrics Reporting; Quarterly Firewall Configuration Review; Monthly Risk Register Review; Annual Security Strategic Review; Product Security Review & User Access Review.
Vice President, Strategic and Transformation
Xerox
Atlanta
01.2021 - 01.2022
- Launched initial global strategy and transformation office concentrated on enterprise-wide investment; risk and cost-saving programs; mergers, acquisitions, and integrations.
- Develop and implement business strategic vision aided by four direct and 10 indirect staff.
- Assess market, sector, geographic and technology trends plus short-term and long-term options to find competitive advantage for projected $700M revenue stream.
- Collaborate with corporate development and operating teams to institute major programs.
- Managed joint strategy and concept business venture, conducted strategic review, integrated investments, and facilitated new business initiatives in cybersecurity and information technology.
- Devised integration methods completing all technology and cybersecurity acquisition transactions before closing and delivering transition services activities after close.
- Counselled start-up companies and integrated new technology and insight tools into a $40M cybersecurity and information technology portfolio.
- Revamped business continuity office activities, increasing compliance from 67% to 95% of 185 global business resumption plans within 45 days and enhancing disaster recovery compliance from 55% to 98%.
- Created and introduced data governance and privacy program.
- Developed recommendation plan resulting in $15M in cash and $19M in P&L savings within the first 6 months.
Global Chief Security Information Officer/Chief Information Officer/ Data Protection Officer
CareerBuilder
Atlanta
01.2017 - 01.2021
- Guided $70M + global portfolio and IT roadmap with 300 staff in cyber security, risk management, architecture design and support.
- Devised global information technology, privacy and cybersecurity plan/operational functions while determining executing on business value realization through key metrics and governance management.
- Leading and managing the enterprise project portfolio featuring systems updates and new development and human capital management and business management services.
- Supervised 10 direct and 30 indirect personnel.
- Leveraged AI-driven tools to streamline workflows and improve decision-making.
- Created a “Security First” strategy with a primary leadership and team focus on: People / Device Centric Security (Remote Operations); Compliance-Baseline-Risk; Security Infrastructure Protection (Cloud); Business Continuity; Security Foundations enforcement and Privacy Operation; Improve the current security state; Develop a proactive risk management model; Enhancing the crisis and security incident management process; Increase the compliance and privacy state.
- Established information technology and security governance frameworks (NIST Cybersecurity Framework, defense-in-depth cybersecurity initiative, ITIL programs and Zero Trust framework, ), including automation to enhance organizational processes by 150%, lowering downtime by 95%, and raising project delivery velocity by 200%.
- Developed cybersecurity functional programs (data classification, risk management, threat management) resolving 30K+ vulnerabilities in 12 months, reducing cybersecurity risks by 82%.
- Achieved overall budgetary savings of $45M (including $14M in capital and $31M in operating expenditures) in 36 months while enhancing technology capability by 200%.
- Implemented and refined the following security team process functions and tooling in the following areas: CIS Baseline Workstation/Server Hardening; Access Control Monitoring; Internal Data Segregation; Log Management / Monitoring; File Integrity Management; Quarterly Compliance / Configuration Assessment, Internal Monthly Vulnerability Assessment, Yearly External / Internal Pen Testing; External Quarterly Vulnerability Assessment, Incident Response Review and Testing, Patch Management, Business Continuity, & Data Classification; Security Metrics Reporting; Quarterly Firewall Configuration Review; Monthly Risk Register Review; Quarterly SIG Review; Annual Security Strategic Review; Product Security Review & User Access Review.
- Led, plan, develop and directs multiple information and/or traditional security team functions at the delegation of management including but not limited to, compliance programming, crisis management, security architecture, computer security incident response, computer security monitoring, travel security, insider threat, investigative processes and project management.
- Deployed, and refined the following security technology team functions and tooling in the following areas: Data Encryption, Anti-Virus, Data Leakage Monitoring, Email Advanced Persistent Threat, Web Application Protection, Multi-factor Authentication, Virtual Private Network, Network Firewalls, Intrusion Detection System, Security Information and Event Management (SIEM), Firewall/Router Management, Camera Monitoring, Physical Card Access, Anti-Tailgating, Intrusion Detection & Endpoint Runtime Malware Protection; Active Directory Security and Voice over IP security.
- Spearheaded global cloud and security transformation, consolidating 5,000+ servers and infrastructure devices across data centers and migrating key applications to cloud.
- Earned HIPAA/HI-Trust, SSAE-18 SOC 1 & 2, and PCI-DSS Third Party Certifications within 18 months and CCPA / GDPR compliance within 6 months.
- Received Certified Chief Information Security Officer Award in 2018.
- Appointed as the Global Privacy Officer and created global privacy steering committee, developed all global information security policies and standards and the creation of the global privacy and risk management programs.
- Consolidated information security engineering, cyber-operations, risk & compliance high performing teams into a newly formed global information security group.
- Served as key cross-departmental business partner bridging communication between technical and non-technical understanding for internal and external sales partners.
- Developed multiple functional programs to facilitate project security assessment, SDLC, compliance, file integrity, PII, data classification, application security (OWASP), risk management, incident response and DLP.
- Deployed and refined the following security tools & services: Alert logic, FireEye, ServiceNow, Jira, Okta, Sophos, BitLocker, Tenable, CIS Top 20 Controls, MS Office 365 Security, Cisco, Fortinet Firewalls & IBM incident response services.
Chief Information Security Officer/Chief Information Officer
Novitex Enterprise Solutions, Inc.
Pelham
01.2015 - 01.2017
- Administered $20M+ IT budget focused on cyber security, compliance and risk/business management.
- Developed and implemented enterprise-wide security program protecting internal and client confidential information, assessing risk, and reporting incidents.
- Provided cybersecurity guidance and direction for 1,500 Fortune 100, 500 and 1000 clients.
- Orchestrated and monitored defense-in-depth cybersecurity initiatives targeting risks to internal infrastructure, cloud data partners, and insider threats.
- Developed and executed cybersecurity strategy to address data breach incidents via 72-hour crisis communication structure, incident response functions, and stakeholder tabletop exercises.
- Developed and directed multiple information security team functions, including compliance programming, crisis management, and security architecture.
- Managed a team of six direct reports and ten indirect personnel in achieving departmental goals.
- Defined protocols and collaborated with external auditors and regulators to achieve audit targets, aligning IT infrastructure and security protocols during downsizing from 50 facilities to 2 key production sites.
- Strengthened internal controls and compliance programs to meet SEC, SOX, and exchange-listing requirements.
- Earned ISO 27002 certification in 2017, MARS-E Certification in 2015 and SSAE-18 SOC 1 & 2, Certification from 2015 through 2017.
- Recognized as CSO/Security Executive of the Year Silver Winner in 2016 for outstanding leadership in cybersecurity.
- Led cross-functional workstreams for IPO readiness, partnering with Finance, Legal, HR, and external advisors to align operational processes with public company standards.
Senior Director, Technical Security Standards/Risk Assessment
McGraw-Hill Education
Pelham
01.2013 - 01.2014
- Achieved SSAE-18 SOC-2, and PCI-DSS Level III compliance attained within one year.
- Designed and directed global information security program mitigating quality and risk for 20,000 employees assisted by 3 direct and 20 indirect employees.
- Instructed staff on identifying, creating, executing, and maintaining procedures that minimized information and IT risks.
- Developed and refined security-focused people functions, including annual security awareness training, monthly security awareness newsletter articles, security functional training, internal CPE training for security staff, and phishing testing for employees.
Director, Global Network and Security Systems
Elizabeth Arden
Pelham
01.2012 - 01.2013
- Achieved PCI-DSS Level IV compliance and SSAE-18 SOC 1 & 2 certification in 2013 by implementing security protocols.
- Designed and managed global enterprise IT security and network, reducing data compromise and enhancing business processes.
- Created security initiatives for project security assessment, SDLC, compliance, file integrity, PII, data classification, application security (OWASP), and risk and log management DLP.
- Led three direct and 10 indirect staff reviewing short- and long-term business and technology needs to maximize network and systems capacity.
- Implemented controls to standardize organizational data processing by 95%.
Information Technology Security Manager
Toys R Us
Bordentown
Director of Operations/Battalion Commander
U.S. Army Reserves
Washington
Commander/Executive Officer
U.S. Army
Qatar
Education
CISSP Prep Training -
ISC2
Atlanta, GA05-2026
Master of Science - Technology Management
Steven Institute of Technology
Hoboken, NJBachelor of Arts - Communications
New York Institute of Technology
New York, NYSkills
- Risk Management
- Threat Management
- NIST Cybersecurity
- CMMC
- ISO 27001
- PCI-DSS
- HIPAA
- SSAE-18
- COBIT
- Zero Trust
- MITRE Attack Frameworks
- DevSecOps
Certification
- Certification in CyberSecurity, ISC2, 2022
- Certified Information Security Manager, 2013
- Certified Chief Information Security Officer, 2012
Publications
Complete list available upon request
Technology Skills
- CMMC
- ISO 27001
- PCI-DSS
- HIPAA
- SSAE-18
- HITRUST
- COBIT
- NIST Cybersecurity
- Zero Trust
- MITRE Attack Frameworks
- Cloud Adoption
- AGILE/SAFe
- DevSecOps
- GDPR
- CCPA
- Risk
- Threat & Vendor Management
Career Experience
- Global Chief Information Security Officer/Chief Information Officer, ASI Group, Toccoa, GA, 01/01/22, present, Reporting to CFO, develop and implement business strategic vision aided by 4 direct and 15 indirect associates., Oversee the technological infrastructure in various locations in North America, Europe, and Australia., Designed and deployed IoT device architectures integrating sensors, microcontrollers, and cloud connectivity., Develop and implement the company's information AI security strategy, policies, and programs., Ensure compliance with industry standards and regulations, such as ISO 27001, PCI, and SOC2.
- Vice President, Strategic and Transformation, Xerox, Atlanta, GA, 01/01/21, 12/31/22, Develop and implement business strategic vision aided by four direct and 10 indirect staff., Launched initial global strategy and transformation office concentrated on enterprise-wide investment., Revamped all business continuity office activities raising compliance from 67% to 95%.
- Global Chief Security Information Officer/Chief Information Officer/ Data Protection Officer, CareerBuilder, Atlanta, GA, 01/01/17, 12/31/21, Guided $70M + global portfolio and IT roadmap with 300 staff in cyber security, risk management., Established information technology and security governance frameworks., Realized overall budgetary cost saving 45M within 36 months.
- Chief Information Security Officer/Chief Information Officer, Novitex Enterprise Solutions, Inc., Pelham, NY, 01/01/15, 12/31/17, Administered $20M+ IT budget focused on cyber security, compliance and risk/business management., Created and implemented cybersecurity strategy to resolve data breach incidents., Earned ISO 27002 certification in 2017.
- Senior Director, Technical Security Standards/Risk Assessment, McGraw-Hill Education, Pelham, NY, 01/01/13, 12/31/14, Designed and directed global information security program mitigating quality and risk for 20,000 employees., Achieved SSAE-18 SOC- 2, and PCI-DSS Level III compliance attained within one year.
- Director, Global Network and Security Systems, Elizabeth Arden, Pelham, NY, 01/01/12, 12/31/13, Designed and managed complete global enterprise IT security and network., Reached PCI-DSS Level IV compliance and SSAE-18 SOC 1 & 2 certification in 2013.
Timeline
Global Chief Information Security Officer/Chief Information Officer
ASI Group
01.2022 - Current
Vice President, Strategic and Transformation
Xerox
01.2021 - 01.2022
Global Chief Security Information Officer/Chief Information Officer/ Data Protection Officer
CareerBuilder
01.2017 - 01.2021
Chief Information Security Officer/Chief Information Officer
Novitex Enterprise Solutions, Inc.
01.2015 - 01.2017
Senior Director, Technical Security Standards/Risk Assessment
McGraw-Hill Education
01.2013 - 01.2014
Director, Global Network and Security Systems
Elizabeth Arden
01.2012 - 01.2013
Information Technology Security Manager
Toys R Us
Director of Operations/Battalion Commander
U.S. Army Reserves
Commander/Executive Officer
U.S. Army
CISSP Prep Training -
ISC2
Master of Science - Technology Management
Steven Institute of Technology
Bachelor of Arts - Communications
New York Institute of Technology