Summary
Overview
Work History
Education
Timeline
Certification
Affiliations
Skills
Barista

Claudio Placanica

Grand Rapids,United States

Summary

Information Security leader with over 20 years of proven track record in Information Security, IT infrastructure, Architecture, Privacy, IT Compliance, Risk and Governance, IT Service Delivery, and Application development skills within various sectors. Adept at leading teams in complex environments to implement security strategies and innovative technology deployment. Skilled in guiding business partners in risk prioritization decisions and leading global programs to enhance security capabilities.

Overview

16
16
years of professional experience
3
3

Cybersecurity Certifications

5
5

Architecture and Technical Certifications

2
2

Degrees in Management and Leadership

4
4

Global Companies in Leading Transformational initiatives

3
3

Languages

Work History

Director of Cybersecurity & Architecture (Interim CISO)

SpartanNash
07.2024 - Current
  • Company Overview: Retail and Logistics, $9.5B revenue, Fortune 400, 20,000 employees
  • Expanded responsibility to include overall leadership for the Cybersecurity team and global IT Architecture
  • Defined cybersecurity programs to support company goals and improve security posture while maintaining cost leadership
  • Improved all the security KPIs with regular updated to the Board of Directors and corporate executive leadership
  • Executed several table-top exercises for IT, Executive Leadership, and Board Member and improved overall security response through an aligned incident response plan
  • Led security operation response through several events and keep implementing lesson learned to improve detection, containment, and recovery
  • Improved existing cybersecurity tools adoption with increased prevention and detection capabilities
  • Embraces the NIST Cyber Security Framework and improved several maturity areas
  • Cut operational costs and cyber risk by decommissioning, reduced 70% of legacy systems
  • Influence executive leadership and re-prioritize IT spend planning to improve cybersecurity posture
  • Finance and budget management, achieved top results in budgeting and spending
  • Improved and optimize IT general control testing, and reduced findings during SOX audit
  • Directed Policy updates, materiality framework, and AI cybersecurity assessment process
  • Improved organization cyber awareness and achieved the highest Promoter Score for 4 quarters, awarded by the CEO
  • Defined and executed the cybersecurity M&A strategy to support the organization through the various phases of the M&A process
  • Boosted the external security posture and reached top security score (BitSight)
  • Retail and Logistics, $9.5B revenue, Fortune 400, 20,000 employees

Director GRC and Architecture, Deputy CISO

SpartanNash
01.2021 - 12.2023
  • Directed enterprise-wide Information Security operations, emphasizing Governance, Risk, Compliance, and Architecture
  • Implemented Security Orchestration and Automation Response capabilities, enhancing security operations response
  • Adopted NIST CSF and enhanced maturity from 1.5 to 3 in several areas
  • Formalized IT risk framework, Common Control Framework, and revamped cybersecurity policies
  • Increased Cybersecurity posture with BitSight score and reached the best score among industry grades
  • Halved cybersecurity risk aging by streamlining the GRC ecosystem by deploying the ZenGRC tool
  • Attained a faster Incident response time by architecting new cybersecurity technologies and processes
  • Achieved SOX audit with zero material deficiencies and PCI certification with optimized effort
  • Realized $1M cost reduction through tool rationalization and vendor negotiation
  • Slashed IT integration cost by $2M in Merger & Acquisitions
  • Introduced cybersecurity cafés podcasts to enhance cybersecurity engagement within the organization
  • Removed 1000+ hours of meetings a year by implementing risk assessment automation and processes
  • Awarded with the highest Net Promoter Score
  • Established an IT architecture governance strategy and amplified SDLC adoption and maturity
  • Reduced IT deployment redoes by defining a new IT Architecture framework, with an estimated saving of $500k
  • Embedded security risk assessments earlier in processes to identify security issues earlier to reduce implementation costs while maintaining a strong security posture
  • Improved the security awareness culture of the organization with training, monthly phishing tests, and presentations from security experts
  • Realized a 3% average monthly click rate and 97% security training attendance
  • Enhanced team collaboration through regular communication, goal setting, and performance evaluations.
  • Developed high-performing teams by providing mentorship, guidance, and opportunities for professional growth.
  • Established a culture of continuous improvement by fostering open communication channels and empowering employees to voice their ideas.
  • Managed budgets effectively to ensure optimal use of resources while maintaining financial stability.
  • Strengthened internal controls by reviewing existing policies and procedures, ensuring compliance with regulatory requirements.
  • Optimized staff performance by designing comprehensive training programs tailored to individual needs.
  • Negotiated favorable contracts with vendors for reduced costs and improved service quality.
  • Led cross-functional teams to exceed benchmarks for SLA delivery, staying on top of challenging schedules with multiple competing timelines.

Senior Director, GRC and Architecture, Deputy CISO

Alorica
01.2019 - 12.2021
  • Company Overview: BPO, $3B revenue, 100,000 Employees
  • Directed the Global Information Security organization including Strategy, Governance, Risk Management, Compliance, and Security Architecture
  • Improved NIST Cybersecurity Framework KPIs across all capabilities to enhance the organization's overall security posture by 1.5 points in two years
  • Consistently obtained HITRUST, SOC1/SOC2, and PCI certifications and ensured compliance with HIPAA, NYDFS, SOX, and CCPA through the development of a standard compliance framework
  • Renegotiated security vendor contracts reducing cost while increasing capability offerings saving over $3M without any degradation of security capabilities
  • Developed a secure strategic framework to prioritize information security initiatives and prepare for business continuity situations allowing us to transition over 50,000 Customer Service Agents to a secure Work-At-Home model in less than 6 weeks
  • Attained security incident response capabilities to achieve a Mean Time to Detect (MTTD) of 15 minutes
  • Regularly tested the IT and Executive organization through table-top exercises to improve security response capabilities
  • Implemented global security awareness Campaign to employees and improved metrics to match or beat industry peers (e.g., Phishing campaigns < 9% click rate)
  • Enhanced external security posture from a BitSight score of 470 to 640, and heightened the NIST CSF maturity
  • Elevated customer retention and P&L by enhancing compliance with clients’ contract requirements
  • BPO, $3B revenue, 100,000 Employees

Head of Network Engineering and Architecture

SC Johnson
01.2014 - 12.2016
  • Company Overview: Chemical, Consumer goods, $11B revenue, 13,000 employees
  • Accountable for technology strategy related to Network and Cloud adoption and IT Architecture framework
  • Responsible for the execution of the strategy of the Network program
  • Strong communication skills used to effectively interact in a variety of transformation-oriented corporate cultures to establish strong working relationships with business units to deliver practical and pragmatic business security solutions
  • Chair the corporate Security Steering Committee; the committee is responsible for establishing guidance, priorities, and funding of all major security initiatives
  • Lowered IT cost while doubling the throughput by $5M a year
  • Reduced Network cost by 15% by streamlining projects, and renegotiating vendor contracts, while increasing network capacity and cybersecurity
  • Chemical, Consumer goods, $11B revenue, 13,000 employees

Head of Network and Architecture

Bombardier Transportation
01.2009 - 12.2014
  • Company Overview: Manufacturing, $7.4B revenue, 36,000 employees
  • Accountable for technology strategy related to Network, Data Centers, and Cloud adoption
  • Accountable for establishing an IT Architecture Framework
  • Stabilized a long stagnation in infrastructure investment, with 80% of Network, Servers, and Telecommunications equipment over 8 years old
  • The business footprint in 100+ sites globally suffered frequent IT service outages
  • Designed and implemented the new data centers with a new outsourcing strategy
  • Lowered network and data center costs by $8M
  • Manufacturing, $7.4B revenue, 36,000 employees

Education

Bachelor of Science - IT Management

Western Governors University
Salt Lake City, UT
2024

Certificate - Cybersecurity Risk

Harvard University
Cambridge, MA
2022

Post Graduate Certificate - International Management

University of Liverpool
Liverpool UK
2014

Timeline

Director of Cybersecurity & Architecture (Interim CISO)

SpartanNash
07.2024 - Current

Director GRC and Architecture, Deputy CISO

SpartanNash
01.2021 - 12.2023

Senior Director, GRC and Architecture, Deputy CISO

Alorica
01.2019 - 12.2021

Head of Network Engineering and Architecture

SC Johnson
01.2014 - 12.2016

Head of Network and Architecture

Bombardier Transportation
01.2009 - 12.2014

Bachelor of Science - IT Management

Western Governors University

Certificate - Cybersecurity Risk

Harvard University

Post Graduate Certificate - International Management

University of Liverpool

Certification

CCISO, Certified Chief Information Officer, 2025

CompTIA, Security+, 2024

ISC2, Certified in Cybersecurity, 2024

Microsoft Azure Architecture Expert Certification, 2022

Service Oriented Architecture, Cloud Architect, 2017

Project Management Prince 2 Practitioner, 2011

ITIL Foundation and Operation, 2010

Cisco CCNA, CCNP, 2002

Affiliations

  • Michigan Council of Women in Technology Foundation Allies
  • ISC2 - International Information System Security Certification Consortium, Inc.

Skills

  • PCI-DSS
  • SOC2
  • NIST-CSF
  • Finance, Cost leadership
  • Vendor Management
  • Hitrust, HIPAA
  • Architecture, Engineering, Operations
  • Cybersecurity program
  • Identity and Access Management
  • Governance, Risk, Compliance
  • Incident Response
  • Cyber Resilience, Business Continuity
  • Cloud and Infrastructure
  • Operations
  • SDLC, Agile

Similar Profiles

  • JOSHUA LIBKIE

    JOSHUA LIBKIEJOSHUA LIBKIE

    Warehouse Operations Manager at SpartanNashWarehouse Operations Manager at SpartanNash

    View Profile
  • Sarah Davis

    Sarah DavisSarah Davis

    Assembly Line Worker at SpartanNashAssembly Line Worker at SpartanNash

    View Profile
  • Richard Carroll

    Richard CarrollRichard Carroll

    Warehouse Forklift Operator at SpartanNashWarehouse Forklift Operator at SpartanNash

    View Profile
Claudio Placanica