Cliff Barbier

CEO

Baton Rouge, Louisiana, United States18 yrs 7 mos experience

Highly Stable

Key Highlights

Led global cybersecurity programs enhancing security posture.
Successfully integrated 11 acquisitions with risk-based security plans.
Increased cloud security compliance across multiple platforms.

Stackforce AI infers this person is a Cybersecurity Architect with extensive experience in enterprise security and compliance.

Contact

Skills

Core Skills

CybersecurityCloud SecuritySecurity Architecture DesignIt Audit

Other Skills

Security AdvisorSecurity CompliancePolicy as CodeConference SupportCode of ConductMergers & Acquisitions (M&A)Global Cross-Functional Team LeadershipTeam CultureSecurity ControlsM&A Due DiligenceStrategic LeadershipRegulatory AuditsRegulatory ExaminationsSecurity AutomationSecure SDLC

About

I am a highly adaptable and collaborative team leader with over 10 years of experience managing projects and building and motivating effective and cohesive teams. I successfully confer with and educate groups across organizations to create enterprise-wide security programs that enable DevSecOps in cloud. I also translate technical concepts for non-technical end users, helping them understand regulatory issues that apply to them. As a seasoned organizer with a proven track record in driving top-quality outcomes, I have successfully: ✓ Developed Policy as Code (PaC) programs aligned with security frameworks and company policy. ✓ Created reference architectures/design patterns and co-created configuration baselines for AWS, GCP, Azure, and SaaS providers to scan for non-compliance and malicious activity in IaC deployment plans and live cloud environments. ✓ Eliminated security incidents in acquired companies over 4 years by evaluating 21 M&A targets for risks and creating risk-based security plans to successfully onboard 11 acquisitions. ✓ Revolutionized Equifax’s Security Architecture program by reviewing 100+ applications monthly across 25 countries, establishing 2 major and 6 minor processes, and creating separate Jira ticket types for enhanced efficiency. I am a results-oriented professional proficiently utilizing various technologies for numerous problems, I adapt to new, challenging, and fast-paced environments, and I excel in handling high-priority projects of diverse scope.

Experience

Nielseniq

Principal - Cybersecurity Architect

Nov 2022 – Nov 2025 · 3 yrs · Remote

Led the global Cybersecurity Architect team. Created and managed enterprise-wide cybersecurity programs influencing the design of all infrastructure & products.
Standardized the enterprise security posture by eliminating four disparate CIS Control implementation approaches, achieved by architecting a Policy as Code program that unified configurations across design, engineering, SSDLC, and infrastructure, including ongoing monitoring.
Enhanced cloud security compliance across 20 development teams & all infrastructure teams by 14 points (as measured by CSPM) within one year by establishing 50+ cloud service configuration baselines across Azure, AWS, GCP, and SaaS via the Policy as Code program.
Increased GRC assessment efficiency for CIS Controls by 20 person-hours per week by successfully advocating for quantitative measurement and proving the practicality of implementing the CIS Controls Assessment Specification in NielsenIQ.

Security AdvisorSecurity ComplianceCybersecurityCloud Security

Bsidesnola

Organizer

Nov 2017 – Apr 2023 · 5 yrs 5 mos · Greater New Orleans Area

Created the conference code of conduct and incident response policy.
Managed pre-conference tasks, meetings, and division of work.
Performed day-of setup, support, and general conference troubleshooting.
Performed audiovisual setup and troubleshooting.
Registered attendees.

Conference SupportCode of Conduct

Equifax

Senior Security Architect

Sep 2015 – Nov 2022 · 7 yrs 2 mos · Remote

Co-led the work of the global Security Advisement team while establishing a team culture of autonomy, fun, collaboration, and respect. Advised on security across the enterprise.
Directed the global Cybersecurity Architecture practice through a large-scale digital transformation as a result of the 2017 Equifax breach. Built the Security Architecture & Advisement practice to such a high standard that Mandiant uniquely identified the team as the sole global security division requiring no corrective actions.
Implemented “Secure by Design” principles across 25 countries, increasing reviews before go-live by 80% after on-boarding, training, & coaching 12 architects.
Improved the maturity of the Security Architecture & Advisement team to CMM Level 4 measured by Gartner by creating repeatable, manageable, & scalable processes.
Increased cloud security compliance posture by 50+ points over four years by co-developing a Policy as Code strategy with 100+ secure configuration baselines, embedding automated scanning (pre-deploy & CSPM) into the global SSDLC.
Increased the security of all deployed applications, as measured by a reduction in pentesting results & bug bounty budget, by integrating the policy as code results into an automated security scorecard used by BISOs for all product go-live decisions.
Minimized enterprise risk during corporate expansion, successfully folding in 11 acquired companies by designing risk-based security plans and in situ architectural remediation.
Reduced liability risk from 21 M&A targets an average of 60%, by developing a program of CWE mapping due diligence security findings (DAST, SAST, & pentest), negotiating remediation with the target, and reporting to leadership.
Accelerated global breach recovery by reviewing all enterprise information systems within 3 months, ensuring the security of high-profile services promised to the US Congress by aligning policies & architecture with NIST CSF standards.

Security AdvisorSecurity ComplianceCybersecuritySecurity Architecture Design

Fdic

IT Examination Analyst

Jul 2010 – Jul 2014 · 4 yrs

Performed regulatory IT examinations of banks across four states.
Enhanced institutional risk posture across 175+ banking institutions by examining banks then delivering ratings to CEOs, CFOs, and Boards of Directors, evaluating their regulatory compliance with GLBA and 12 CFR Part 364.
Reduced systemic financial risk in high-volume payment systems for 15 regional banks by leading specialized audits of complex EFT architectures (ACH, Wire Transfer, Mobile Capture, etc), identifying findings in high-volume payment processing systems.

IT AuditSecurity Compliance

Tracesecurity

Security Engineer / Security Services Manager / Compliance Director

Oct 2005 – Mar 2010 · 4 yrs 5 mos

Provided direction and advice as the 3rd delivery hire, helping the company grow from 225 to more than 800 customers in 4 years.
Scaled security service operations to support a 250% increase in total customer growth by managing an engineering team servicing 225+ financial institutions and writing standardized delivery procedures for the organization.
Drove expansion into new regulated verticals by co-creating three new product offerings (IT Audit, Risk Assessment, and PCI-DSS) and architecting a proprietary GRC regulatory library to translate complex compliance standards for technical and executive audiences.

IT AuditSecurity Compliance