If you are looking to hire a CISO, Download our Free Insiders Guide on "How to Hire a Great CISO."

Philip Ramey


Prudential Financial



Fortune 500 Rank


Biographical Info

Highly analytical, decisive, and innovative IT executive with 20+ years of progressive Information Security, Risk Management, IT Governance, and Compliance leadership experience communicating and advocating for security vision, business continuity, and privacy. As a globally focused leader, I have demonstrated forensic investigations, cyber threat / vulnerability management, security monitoring, infrastructure security, security threat intelligence, and training expertise. I thrive as a strategic and resourceful problem solver with an innate ability to diagnose broken processes / operations, build programs, and implement security technologies including encryption, network security, intrusion detection, and digital forensics leading large, cross functional, sourced, or matrixed teams. Career Highlights: * Established 1st Line of Defense (1LOD) operational risk capability within Freddie Mac's Information Technology organization. Built comprehensive risk management, risk advisory, risk assessment, and third party risk programs to increase awareness of risk within IT and inform risk based decisions. Uplifted and redesigned governance programs to provide requirements, oversight, and consistency for IT resiliency and technology architecture. * Expanded risk and compliance insight from 2-3 engagements to 250+ engagements for HCL. Reduced risk exposure 80% via contractual service delivery compliance. Slashed threat / risk of breach of contract based on security breaches / incidents. * Developed technology roadmap and framework to mitigate risks for Freddie Mac. Sourced and procured funding for 2 major technology implementations. Built 2 parallel security monitoring and vulnerability management programs. Closed 3 material weaknesses and reduced overhead costs 75%. * Executed risk assessment process on 100+ programs / applications for Elsevier. Conducted M&A security assessment process for 10+ acquisitions. Established comprehensive regulatory control program for key frameworks: ISO 27001, HIPAA, FERPA, PCI/DSS, GDPR



Washington DC

Date Joined Company


Date started as CISO