CONTACT

(001) 585 755 2139

Bob@BobHayden.org

Rochester, NY, USA

in/Robert-R-Hayden

WORK EXPERIENCE

Cybersecurity
20 years
Risk & Strategy
5 years
IT Policy Mgmt
5 years
IT Management
7 years
Awareness/Training
3 years
Incident Response
2 years

EDUCATION

BA, Computer Science

SUNY @ Potsdam

2009 - 2012

CREDENTIALS

CISSP #52179

SANS GIAC GCWN #20

Click for more

Robert Hayden

IT and CyberSecurity Professional

About me

Experienced, skilled, certified and self-motivated cyber security professional with over twenty years of experience protecting assets and information in the manufacturing and pharmaceutical sectors. My cyber skillsets are validated with currently active CISSP and GIAC certifications. I have experience in functional leadership, risk management, policy management, incident response, training and security awareness, strategic roadmaps and development of assessment programs.

Work experience

  • CyberSecurity Risk Advisor Oct 2024 - Oct 2025
    Xerox Corporation

    Optimization of cybersecurity compliance and risk processes

    • Designed and executed the processes for enterprise cybersecurity risk register management and reporting
    • Streamlined third party risk management (TPRM) processes, enabling annual review of over 600 vendors
    • Implemented and configured OneTrust modules supporting the risk register and TPRM processes and dashboards
    • Managed the security exception process and team, reducing the open exception backlog by 10x
    • Integrated security exception and cyber risk register into CISO metric reporting

    Skills: Policy exception mgmt, risk register, TPRM, OneTrust

  • IT Security Manager and acting Incident Response Manager Oct 2019 - Oct 2023
    Bausch Health Companies | Bausch+Lomb

    Development and management of a comprehensive human factor risk reduction and reporting program

    • Streamlined IT and Security policy lifecycle, training, and document management processes, reducing overhead and reducing time to approval, publish, and train by 75%.
    • Partnered with external SOC to refresh IR runbooks, reducing unnecessary incident escalations by 70%.
    • Coordinated response, quantified root cause of priority security events, implemented mitigation actions.
    • Executed enhancements to global IT Security communications, security intranet, LMS, document repositories and monthly newsletters increasing workforce contact hours for security content 25% YOY.
    • Formalized the testing of workforce susceptibility and response to attack scenarios, achieving 15% YOY reduction in employee phishing failures. Incorporated lessons learned from incidents into future attack scenarios.
    • Expanded the frequency of phishing assessments by 200%, introduced attack simulations in 12 languages

    Skills: SharePoint, Documentum, Attack Simulations, Event facilitation, Policy Mgmt

  • Previous roles/experience Through Oct 2019

    I have held a variety of leadership roles in the IT and Cybersecurity domains

    • IT Sector Chief at FBI InfraGard

    • Cloud Security Architect at Xerox Corporation

    • Manager, Global Information Security Strategy, Architecture and Policy (Xerox)

    • Manager, Architecture, Policy and Strategic Investment Portfolio (Xerox)

    • Director, Campus Information Services at SUNY College of Technology at Canton

    Skills: IT mgmt, Policy Development, Strategy and Planning, Roadmaps, Cloud Migration