Doug Jaworski

CISO | Chief Information Security Officer | Financial Services | Protecting $200B+ AUM | Building Resilient Security Programs | CISSP

Houston, Texas, United States

About

Chief Information Security Officer (CISO) and former CTO with 25 years of experience across technology, cybersecurity, and enterprise risk. For the past decade, I served as the founding CISO for Global Atlantic Financial Group. I built the enterprise security program from the ground up following the firm's separation from the Goldman Sachs Reinsurance Group. The program was designed to protect the business as it grew from $45B to over $200B in assets, positioning the firm for its acquisition by KKR. • Zero material cyber incidents over 11 years. • Zero failed audits across NYDFS, NAIC, FINRA, SOX, SWIFT CSP, DTCC, PCI-DSS, HIPAA, GDPR, and the BMA. • Managed security architecture for the migration from on-premises to AWS cloud-native infrastructure with zero business disruption. • Built an AI governance framework enabling responsible adoption ahead of formal regulation. Prior to my tenure as CISO, I served as CTO at Forethought Financial Group, leading the technical transformation that rebuilt the enterprise technology foundation and culminated in the company's $1.35B acquisition by Global Atlantic. My early career was spent scaling infrastructure operations for high-velocity internet platforms, maintaining 24/7 availability through events including the Orbitz NYSE IPO and multiple private equity acquisitions (Blackstone, Cendant). 𝗖𝗔𝗣𝗔𝗕𝗜𝗟𝗜𝗧𝗜𝗘𝗦: Security Strategy & Governance, Board-Level Risk Reporting, AppSec, Identity & Access Management (IAM), Incident Response, Third-Party Risk Management (TPRM), AI Governance Frameworks, Cloud Security Architecture, M&A Security Due Diligence. 𝗢𝗣𝗘𝗡 𝗧𝗢: • CISO, VP/Head of Security, CSO (full-time, interim, fractional) • CTO/CIO where security and technology leadership converge • Board advisory for cybersecurity risk and governance 𝗚𝗘𝗢𝗚𝗥𝗔𝗣𝗛𝗬 & 𝗜𝗡𝗗𝗨𝗦𝗧𝗥𝗜𝗘𝗦: Houston, TX. Open to relocation, remote, or hybrid. Targeting financial services, insurance, PE-backed companies, and regulated industries navigating growth.

Experience

  • Managing Director - Chief Information Security Officer (CISO) at Global Atlantic Financial Group
    Jan 2014 - Aug 2025 · 11 yrs 8 mos

    Founding CISO responsible for building the enterprise cybersecurity program from scratch following the firm’s separation from the Goldman Sachs Reinsurance Group. Led the security function through a decade of rapid expansion from $45B to $200B+ AUM, managing risk across multiple acquisitions and the firm’s transition to a wholly-owned KKR subsidiary. ▪ Maintained a flawless 11-year security record with zero material cyber incidents and zero failed examinations across NYDFS, NAIC, FINRA, SOX, and international regulators. ▪ Built a defensible security posture that withstood institutional due diligence during the KKR acquisition. This maturity directly reduced cyber insurance costs, maintaining coverage terms significantly better than industry averages. ▪ Directed the security architecture for the post-separation unification of three insurance entities and a full-scale AWS cloud-native migration with zero business disruption. ▪ Established an incident response and third-party risk (TPRM) framework that prioritized business continuity, protecting policyholders during multiple high-profile, industry-wide vendor breaches. ▪ Embedded cybersecurity into the software development lifecycle (SDLC), establishing automated controls that supported rapid engineering innovation without increasing operational friction. ▪ Built the enterprise governance and technical controls for AI adoption, addressing risks around data loss and model bias ahead of formal regulatory requirements. ▪ Built and retained a high-performing security organization with zero material attrition over a decade. Mentored a team that provided consistent institutional knowledge through multiple ownership transitions.

  • Chief Technology Officer (CTO) at Forethought Financial Group, Inc.
    Jun 2008 - Jan 2014 · 5 yrs 8 mos

    Led the technical transformation of a national life insurer following a complex carve-out from its parent company, Hillenbrand. Rebuilt the enterprise technology foundation to support modern distribution, culminating in the company's $1.35B acquisition by Global Atlantic. ▪ Achieved full technical autonomy following the parent-company separation, migrating all core infrastructure to a standalone environment with zero business disruption. ▪ Modernized the distribution platform following the acquisition of The Hartford’s broker-dealer, replacing legacy AS/400 systems with Salesforce within six months. ▪ Developed the DTCC and SWIFT platforms for automated clearing and settlement. Built the electronic application (e-App) infrastructure, enabling the issuance engine to scale for global distribution. ▪ Transformed technical operations into a high-integrity control environment, ensuring the organization withstood rigorous institutional audits and SOX scrutiny during its acquisition due diligence.

  • Director, Systems Engineering at ORBITZ
    Apr 2006 - Jan 2008 · 1 yr 10 mos

    Directed global technical infrastructure and 24/7 operations for a multi-brand travel platform processing $10B+ in annual bookings. Managed operations through a period of extreme corporate velocity, surviving three major ownership transitions in under two years: a Cendant divestiture, a $4.3B Blackstone acquisition, and a subsequent NYSE IPO. ▪ Maintained continuous platform availability for millions of daily transactions through all ownership transitions with zero disruption to the booking engine. ▪ Led the infrastructure transformation to consolidate 13 European travel websites (ebookers) across 12 countries into a unified global platform, tripling available hotel inventory. ▪ Partnered with audit teams to establish the initial IT General Controls (ITGC) and SOX 404 compliance framework required for the firm’s public listing.

  • Director, Infrastructure Operations at Edmunds.com
    Nov 2004 - Mar 2006 · 1 yr 5 mos

    Stabilized platform infrastructure and scaled technology operations to support new consumer product launches and B2B data syndication to automotive dealers nationwide. ▪ Built automated provisioning and dynamic scaling using Puppet, Red Hat Satellite Server, NFS, and custom scripting, providing cloud-like elasticity on bare metal hardware. ▪ Scaled B2B syndication infrastructure to reach 98 of the top 100 automotive e-dealers, maintaining zero tolerance for downtime across massive distribution partnerships.

  • Director, Technology Operations at Experian Consumer Direct
    Sep 2002 - Aug 2004 · 2 yrs

    Joined following Experian's acquisition of ConsumerInfo.com to scale the consumer credit reporting platform (FreeCreditReport.com). Managed the platform's growth from under one million to over three million subscribers while processing sensitive data from all three credit bureaus. ▪ Built and operated one of the first tri-bureau consumer credit reporting platforms, delivering data directly to consumers during the early days of online credit access. ▪ Operationalized FACT Act compliance requirements, scaling the platform architecture to handle mandated free annual credit reports across millions of consumers. ▪ Managed critical distribution integrations with Quicken and Yahoo!, consistently meeting hard manufacturing and release deadlines to protect high-volume distribution channels.