K

Kristin Brown

About

Detail

Denver, Colorado, United States
Contact Kristin regarding: 
work
Full-time jobs
Starting at USD200k/year

Timeline

work
Job
school
Education
folder
Project

Résumé

Jobs verified_user 0% verified
  • A
    Advisory Boards & Strategy
    Jun 2024 - Jun 2025 (1 year 1 month)
    • Advisor to leadership teams on GRC operating models, audit readiness, and risk-to-value storytelling. • Guided security roadmaps for aerospace/regulated clients; prioritized initiatives by ROI and risk.
  • (
    Executive Learning & Research
    (Information Security & GRC)
    Jan 2024 - Current (2 years 6 months)
    in AI/strategy and algorithmic business thinking; refreshed CISSP/CISM domains. exam 4th
  • Dizzion
    Compliance Program Manager
    Dizzion
    Mar 2016 - Jul 2016 (5 months)
    Implemented risk-based controls and streamlined assessment workflows to reduce onboarding friction and audit cycle time across customer/vendor ecosystems.
  • C
    Compliance Program Manager
    Crocs, Inc.
    Jun 2015 - Jun 2017 (2 years 1 month)
    Retail scale, international footprint: standardized evidence frequencies, rationalized control mappings, and coordinated field ops and vendors for consecutive clean audits and avoided exposure.
  • S
    Selected Consulting Engagements
    Jan 2015 - Jan 2017 (2 years 1 month)
  • D
    Head of IT Risk & Compliance (Sr. Consultant)
    Denver International Airport (DEN),
    Jul 2013 - Jan 2024 (10 years 7 months)
    • Built the GRC operating model (policy/standards/exception governance, risk metrics, execution cadence) that materially accelerated decision-making and improved evidence quality. • Implemented risk scoring and ownership guardrails that focused remediation on material risks and sustained backlog control. • Led a hybrid on-prem/AWS modernization of PCI payment services; rationalized control inheritance, strengthened reliability, and simplified assessor engagement. • Standardized audit/evidence playbooks; instituted repeatable readiness checks and corrective-action tracking across business units and vendors. • Drove contract compliance and right-sizing with suppliers; aligned SLAs/OLAs to risk tiers and service criticality. • Enabled ex
Education verified_user 0% verified
  • M
    MIT executive coursework in Artificial Intelligence: Implications for Business Strategy & Algorithmic Business Thinking
    Jan 2024 - Jan 2025 (1 year 1 month)
  • C
    CISSP - training & domain mastery
    Jan 2017
  • University of Phoenix
    ITIL - training
    University of Phoenix
    Jan 2001 - Jan 2003 (2 years 1 month)
  • University of Northern Colorado
    B.S.
    University of Northern Colorado
    Jan 1995 - Jan 1997 (2 years 1 month)
  • C
    CCP domain studies and exam preparation
  • M
    MIT executive coursework
  • C
    CISM - training & exam prep
  • C
    CMMC Certified Professional (CCP) domain studies and exam preparation
Projects (professional or personal) verified_user 0% verified
  • G
    Global Stored-Value Partnership Playbook
    Mar 2013 - Jul 2013 (5 months)
    Developed a global onboarding framework (legal, operations, risk, BCP) and reference assets for partners; created validation workflows to accelerate compliant market entry across multiple regions and brands. Constraint-driven re-platform: defined trust boundaries, clarified key management responsibilities, documented assessor-ready evidence ownership, and established release gates linked to control inheritance. Integrates CVSS with BIA/CIA tiers and ownership rules; implements weekly burn-down, exception aging thresholds, and stop-the-line criteria for significant risks. Unified control matrix and evidence runbook across 185+ stores and distributors; embedded store-friendly training and vendor alignment to sustain clean cycles international
  • R
    Retail PCI Standardization - Crocs (Global)
  • R
    Revenue-System Modernization
  • N
    NIST-Aligned Risk Framework (iSAFE)
  • V
    Vendor Enforcement & Contract Controls (Airport)