The upper ranks of corporate security are seeing a high rate of change as companies try to adapt to the evolving threat landscape. Many companies are hiring a chief security officer (CSO) or chief information security officer (CISO) for the first time to support a deeper commitment to information security.

Follow this column to keep up with new appointments to senior-level security roles and perhaps gain a little insight into hiring trends. If you have an announcement of your own that you would like us to include here, contact Amy Bennett, executive editor.

New CISO appointments, July 2022

Anne Marie Zettlemoyer joins CyCognito as CSO
Ms. Zettlemoyer has over 20 years of experience in technical leadership and has served as a trusted advisor for Fortune 500 companies, government agencies, law enforcement, security vendors, and think tanks. She was most recently the Business Security Officer and VP of Security Engineering at Mastercard. She is also a Fellow at the National Security Institute, and has held a number of strategic and technical security leadership roles, including the Head of Security Architecture, Engineering, and Solutions at Freddie Mac, Director of the Cyber Think Tank at Capital One, Director of Business Analytics at Mandiant, and Special Advisor for the Director of the US Secret Service. She has served on the board of directors and advisors for several security companies and nonprofits, is a founding board member of Security Tinkerers, and advocated for security policies on Capitol Hill. (H/t Security Magazine)

Andrew Hollister promoted to CISO at LogRhythm
As CISO, Mr. Hollister will expand his role to develop and maintain the company’s security governance model and risk strategies, as well as lead the strategy for the protection, confidentiality, integrity and availability of information assets. Hollister will also lead LogRhythm Labs, directing the mission and strategic vision for the LogRhythm Labs threat research, compliance research, and strategic integrations teams. Hollister has held a number of technology and security roles at LogRhythm since he joined the company in 2012. (H/t PRweb.com)

Tony Faria joins Point32Health as CISO
Mr. Faria has been successful in creating and maturing information security functions at a number of Fortune 500 financial services organizations. He is the co-inventor of patented, award-winning cyber assessment methodology leveraged by FM Global, where he was global CISO. Prior to that he was CISO and Security Strategist at Consortium Networks. He is a recognized industry leader and volunteers his time, expertise and resources to help the security industry and his local community. (H/t LinkedIn)

New CISO appointments, June 2022

Nada Noaman joins The Estée Lauder Companies Inc. as CISO 
Ms. Noaman brings over two decades of strategic cybersecurity and management consulting experience in the private and public sectors to her new role. She has led security programs for clients ranging from those in technology, entertainment, media, communications, hospitality, aerospace and defense, retail and consumer, and financial services industries. She brings much of her cybersecurity expertise from over a decade of experience in the Intelligence Community (IC), Department of Defense (DoD), and international NGOs. (H/t LinkedIn)

Kenneth Townsend joins Ingredion Incorporated as CISO
Mr. Townsend is a proven IT and cybersecurity leader with a successful track record spanning over 20 years. He has been successful in a variety of industries and is a highly respected specialist in financial services, retail and healthcare. As an IT and infosec leader, Townsend has led global teams with a focus on establishing infosec programs that align to the business strategy and collaboratively executing IT and security projects. (H/t LinkedIn)

Meredith R. Harper joins Synchrony as SVP, CISO
Prior to joining Synchrony, Ms. Harper held VP, CISO positions at Eli Lilly and Company and Henry Ford Health Systems. Her success has been attributed to her ability to manage large-scale complex programs while advancing the skill sets and careers of her most important assets, her team members. Harper is an active member of the Health Care Compliance Association and holds dual certifications in healthcare compliance and privacy. She is certified as a HealthCare Information Security & Privacy Practitioner through the International Information System Security Certification Consortium, Inc. and a Certified Information Security Manager through the Information Systems Audit and Control Association. Harper is passionate about empowering women and minorities to embark upon careers in technology. She’s committed to transforming the industry by driving engaging and provocative discussions around diversity, equity and inclusion and the value it brings. Harper is an alumna of the University of Detroit Mercy where she received her Master’s in Health Services Administration and her Bachelor of Science in Computer Information Systems. (H/t LinkedIn)

New CISO appointments, May 2022

Eric Galis steps into CISO role at Cengage
Prior to being named CISO, Mr. Galis he had been VP of Compliance and Security for over 4 years. He has over 17 years of experience in information security and risk & compliance. Galis has spent time at two other education software and publishing companies, also within the security function. He got his start in InfoSec at PricewaterhouseCoopers, focusing on the financial services industry. Becoming CISO has been his career goal for some time, he credits the passion and work of his team with helping him rise to the level of this role at Cengage. (H/t LinkedIn)

Angela C. Williams joins UL as VP, Global CISO
Prior to joining UL, Ms. Williams held a number of lead security positions at Hillrom, Blue Cross Blue Shield and Wayne County Michigan, among others. She is a results-oriented CISO with extensive experience leveraging technology to integrate best practice cybersecurity solutions. Williams is a people-oriented leader with a focus to attract, develop and retain the right talent to support a culture of belonging where people thrive. In her spare time, she serves on the Board of the Girls Scouts of Southeast Michigan and as an Advisor for the Henry Ford Community College Computer Information Assurance [CIA] program and University of Detroit Mercy Center for Cyber Security and Intelligence Studies. (H/t LinkedIn)

Ron Sanderson promoted to CISO at Redpoint Global
The appointment is part of Redpoint’s continued commitment to ensuring customer data remains private and secure. Mr. Sanderson is one of Redpoint’s earliest employees. He has taken a leadership role in Redpoint’s security and privacy initiatives, including spearheading SOC 2 compliance and HIPAA certification. He most recently served as Director of Information Security, overseeing the company’s InfoSec awareness training and leading initiatives to build out Redpoint’s Information Security capabilities from the ground up. In his role as CISO, Sanderson will further strengthen Redpoint’s security and privacy approach as the company offers further cloud native offerings to some of the world’s leading retailers, healthcare organizations and financial institutions. (H/t Redpoint Global)

Michael Mestrovich joins Rubrik as CISO
In his new role, Mr. Mestrovich will lead Rubrik’s internal data security efforts and provide cybersecurity and cyber policy expertise to support the company’s mission to secure the world’s data. Mestrovich joins Rubrik with more than 20 years of distinguished IT and security leadership, most recently serving as CISO for the CIA, leading the Agency’s cyberdefense operations, developing and implementing cybersecurity regulations and standards, and directing the evaluation and engineering of cyber technologies. While at the CIA, Mestrovich served on a rotational detail as the Principal Deputy Chief Information Officer for the US Department of State. Before Mestrovich’s career in the public sector, he was a systems engineer at Cisco Systems and served in the US Air Force. (H/t GlobeNewswire)

Roger Hale joins Agora as CSO
Prior to joining Agora, Mr. Hale was CSO at BigD. In his new role, Hale will work with executive management to navigate compliance and security, and determine risk management and security best practices for the organization. He will also serve as the process owner of all assurance activities related to the availability, integrity and confidentiality of customer, business partner, employee and business information in compliance with Agora’s information security and business compliance policies. (H/t PR Newswire)

Rich Baich joins the CIA as CISO and Director of the Office of Cybersecurity
In this role,Mr. Baich will be responsible for leading the strategy and implementation of the Agency’s cybersecurity capabilities throughout CIA’s information technology ecosystem. He comes to the CIA from the American Insurance Group (AIG), where he most recently served as the Global CISO. Previously, Rich was the CISO for Wells Fargo and a principal at Deloitte. He is a retired US Navy Information Warfare Officer and was once assigned as the Special Assistant to the Deputy Director for the National Infrastructure Protection Center at the Federal Bureau of Investigation (FBI). (H/t The Record)

Alex Attumalil promoted to CISO at Under Armour
Mr. Attumalil has been named CISO at Under Armour, where he has been Deputy CISO since 2018. Mr. Attumalil is a transformational leader who has over 18 years of experience in developing, managing, and maintaining information security programs in both the public and private sectors. Previously, he held positions with Vencore, US Government Intelligence Agency, Raytheon, and Lockheed Martin. In his professional career, Mr. Attumalil has taught as an adjunct professor, presented at various cyber conferences, and continues to serve as a technical consultant on various customer advisory boards. (H/t LinkedIn)

Stacy Hughes joins Voya as CISO
Ms. Hughes has more than 20 years of experience leading complex IT initiatives within Fortune 500 financial technology organizations. Most recently, she was the CISO at Global Payments Inc., after holding senior-level positions across governance, compliance and audit functions within the company. In addition, Hughes has been an active industry leader in payment security, serving on the Payment Card Industry (PCI) Security Standards Council Board of Advisors and being recognized by PaymentsSource in 2020 as one of the most Influential Women in Payments. Hughes holds a bachelor’s degree in business administration from Wayne State College and an MBA from DeVry University-Keller Graduate School of Management, Atlanta, GA. (H/t Bakersfield.com)

Keith Dempsey joins ArisGlobal as CISO
Prior to joining ArisGlobal Dempsey, Mr. Dempsey served as CIO/CISO at Xybion Corporation, VP of IT at AIG, and VP of IT at Lehman Brothers. In his new role, he will lead the work to enhance ArisGlobal’s focus on security earlier in the development cycle and represent client-facing functions. He will lead the current advanced electronic guided interceptor system (AEGIS) team and continue to strategically enhance ArisGlobal’s security systems. (H/t PR Newswire)

Nicola McCoy joins RSM as CISO
In her new role, Ms. McCoy will lead the implementation of RSM’s global information security strategy. Joining from Planview, McCoy held the role of Practice Director within the company’s professional services division for over 10 years. There, she acquired a wealth of experience working with FTSE 100 companies, international banks, insurers and defence organizations to enhance key technology governance, architecture, risk and resilience activities, as well as regulatory reporting and enterprise risk management. Prior to this, McCoy spent over 12 years at PwC where she was a key member of the Global IT Security and Global IT functions. (H/t Accountancy Today)

Samuel John Cure joins AMI as CISO
Mr. Cure previously served as CISO of Planview, Inc., and AXIS Capital. Along with his two successful tenures as CISO, he brings a spirit of innovation and expertise in building international cybersecurity programs to the AMI team. He has extensive experience crafting business-aligned cybersecurity programs, providing executive oversight of risk management, including identifying and mitigating security risks in all corporate functions and external-facing products and solutions. With 25 years of experience in the cybersecurity industry, Cure has developed and managed multiple programs and security consulting services with a global focus, spanning North and South America, Bermuda, Europe, and Asia-Pacific. He is known in the field for his trademarked cybersecurity platform, Mr. CISO, developing the IBM X-Force database, and creating several ethical hacking programs for global Fortune 500 companies. (H/t PR Newswire)