brianjurczyk.security
~ $ whoami

Brian Jurczyk

Information Security Leader // Cybersecurity Executive

I build and lead enterprise security programs that protect what matters most — people, intellectual property, and data — and earn the trust that lets the business operate. Two decades translating threat landscapes into risk-based strategy that earns board confidence and lets the business move faster, not slower. Clean audits across regulated frameworks (GxP, FDA/EMA, SOX, SOC 1 Type 2, SOC 2). Cloud-first transformations. Vulnerability reductions north of 65%. Seven-figure vendor optimization. Programs built to hold under scrutiny — run the same way whether anyone's watching.

role: Information Security Leader based: CT status: Open to executive, fractional & board opportunities
// 01 — Capabilities

Core Competencies

Cybersecurity Strategy & Roadmaps multi-year program design
Risk Management & Compliance NIST · ISO · SOC 2 · SOX · GxP
Cloud & Infrastructure Security AWS · Azure · identity
Board & Executive Reporting risk narrative for non-technical leadership
Data Governance & IP Protection research data · regulated data
Incident Response & Crisis Management tabletop · playbooks · live response
Business Continuity & DR multi-geography resilience
Security Operations & Threat Intel SOC oversight · vuln management
Vendor & Contract Management procurement · SLA · spend optimization
Team Leadership & Talent hiring · mentorship · culture
// 02 — Track Record

Professional Experience

2022 — Present

Senior Manager, IT Security — de facto Information Security lead

Arvinas, Inc. · New Haven, CT · Clinical-stage biopharmaceutical · ~500+ employees, US + international

Senior-most security leader at the company, owning enterprise security strategy and operations end-to-end on a multi-million-dollar program. Solo internal security executive orchestrating MSSP partners, identity, cloud, vulnerability management, and audit response across 500+ endpoints. Brief the CFO and executive team on security risk quarterly, with ad hoc briefings to the board on material matters.

  • Reduced critical and high-severity vulnerabilities by 65% by rebuilding the security operations framework — integrating MSSP-led SOC, vulnerability management, and advanced endpoint protection into a single coherent program.
  • Directed enterprise penetration testing cycles, driving remediation to closure across application, infrastructure, and identity layers.
  • Passed GxP regulatory inspections (FDA/EMA), SOX IT controls, and customer/partner security due diligence reviews — sustaining commercial and research operations under regulator scrutiny.
  • Eliminated $500K–$1M in annual security spend through vendor consolidation and contract renegotiation, while expanding coverage.
  • Authored and operationalized enterprise BYOD, Incident Response, and Disaster Recovery programs aligned to regulatory and industry standards.
  • Hardened cloud and identity security across Azure, Active Directory, and SAML/Okta — establishing identity as the perimeter.
2014 — 2022

Manager, Corporate IT & Security

LogicSource, Inc. · Norwalk, CT · Global procurement services · ~200+ employees, US + international

Promoted to lead IT and Security operations for a globally distributed procurement services firm. Designed and executed enterprise security frameworks that delivered regulatory compliance while modernizing the underlying infrastructure for scale.

  • Achieved SOC 1 Type 2 certification with zero exceptions for multiple consecutive years; drove SOC 2 readiness across the organization.
  • Executed 100% migration to AWS and Office 365, establishing the firm's cloud-first architecture and security baseline.
  • Stood up a disaster recovery site ensuring operational continuity across US and international geographies.
  • Authored enterprise BYOD, Disaster Recovery, and Information Security policies adopted across distributed teams.
  • Drove data security innovation, including a custom data warehouse and reporting platform serving analytics across 70+ enterprise client accounts.
  • Led major IT infrastructure projects, including new office buildouts and enterprise system migrations.
2012 — 2014

Senior Business Intelligence Developer

LogicSource, Inc. · Norwalk, CT

Designed and deployed enterprise data solutions supporting procurement and financial analytics. Built and maintained secure, scalable data warehouses — the data-engineering foundation that later shaped my approach to security: starting from how data actually flows.

Earlier Career

Audit & IT QA Foundations

BPA Worldwide · Tauck World Discovery

Audit and IT QA roles — foundation in compliance, controls, and operational quality.

// 03 — Credentials

Education & Certifications

Certification
CISSP
Certified Information Systems Security Professional · ISC2
Graduate Degree
M.S. Computer Information Systems
Security Concentration · Boston University
Undergraduate Degree
Bachelor of Arts
Central Connecticut State University
// 04 — Get in touch

Let's Connect

$ ./connect.sh
Open to executive, fractional CISO & board opportunities

Whether you're hiring a permanent security executive, evaluating fractional CISO support, or seeking a security voice on your board — let's talk.

Connect on LinkedIn Download Résumé