Glen Armes
Principal Fractional CISO at a Cyber & Information Risk Decision Intelligence Firm
About
Results driven Executive Cybersecurity Leader who has architected and led ISO 27001/02 and NIST programs for 22+ companies, using FAIR-based quantification and offensive-security insight to translate cyber risk into board-level business value. A recognized security thought leader, Glen blends regulatory expertise with hands-on operational know how to design data-driven controls that both harden defenses and accelerate business innovation. Track record of aligning security investments to measurable business outcomes makes him a trusted voice in the boardroom and a catalyst for enterprise-wide digital trust.
Security and Leadership Competencies
Security Governance & Compliance, Enterprise Security Risk Management (Qualitative and Quantitative), Security Metrics & Board Reporting, Crisis Management & Incident Response, Business Continuity & Disaster Recovery, Security Architecture & Zero-Trust, Technology & Cyber Resilience, Threat Intelligence & Vulnerability Management, Identity & Access Management (IAM / PAM), Program Management & Operations, Security Awareness & Training, Strategic Planning, Vendor Management, Financial Management, Team Building, Career Development & Leadership, Information Systems Compliance, M&A Cyber Due Diligence
Frameworks and Standards
NIST CSF 2.0, ISO 27001/02, ISO IEC 31000, FAIR, HITRUST CSF, ISO 27017 / 27018, IEC 62443, TOGAF-S, CIS Controls v8, SSAE 18 / SOC 3, NIST Privacy Framework 1.1, ISO 27701, NIST Post-Quantum Standard, MITRE Attack Framework, COBIT, PCI-DSS, OWASP, SOC 1 & 2, ITIL
Legislation
SOX, GLBA, HIPAA/HITECH, SEC Cybersecurity Disclosure Rules (17 CFR 229.106), Multiple Security (e.g. 23 NYCRR 500, Multi-State NAIC Insurance Data Security Model), Multiple Privacy (e.g. GDPR, CCPA/CPRA, Illinois BIPA, Virginia CDPA, Colorado Privacy Act)
Held Chief Information Security Officer (CISO) for over 9 years.
U.S. Air Force Veteran
**All views expressed are my own and not those of my current or past employers**
Experience
Principal Fractional CISO
Armes Vantage · Celina, Texas, United States
Jun 2025 – Present(11 mos)
AV | Cyber & Information Risk Decision Intelligence
Chief Information Security Officer (CISO)
Old Republic International Corporation · Celina, Texas, United States
Jan 2021 – Jun 2025(4 yrs 6 mos)
Global Chief Information Security Officer (CISO) responsible for all aspects of the information security program for a publicly traded $9 billion Insurance Company holding 19 subsidiaries operating companies. Trusted adviser to the Executive Leadership Team, Executive Committees valued for thought leadership, and board of directors technical acumen and business partnership approach to managing risk and information and cyber security.
SVP, Chief Information Security Officer
Old Republic Title · Tampa/St. Petersburg, Florida Area
Jul 2016 – Jan 2021(4 yrs 7 mos)
Chief Information Security Officer charged with end-to-end stewardship of the enterprise-wide cybersecurity program. Own vision, strategy, and execution for all cyber and cyber-adjacent resources across the organization, directing personnel, technology, and policy to protect critical information systems and support business objectives. Develop, test, and maintain the corporation’s cybersecurity strategy, plans, and policies to meet evolving regulatory obligations while enabling growth. Serve as a trusted partner to executive leadership and the board—translating technical risk into business terms, advocating policy changes that advance organizational cyber initiatives, and ensuring program alignment with enterprise priorities. Lead, coordinate, and integrate cybersecurity operations, maintaining accountability for program success and resilience. Manage a $8 million annual cybersecurity budget, optimizing spend to maximize risk reduction and return on security investment.
VP, IT Engagement Manager
Old Republic Title · Tampa/St. Petersburg, Florida Area
Mar 2015 – Jul 2016(1 yr 5 mos)
Drove seamless alignment between business objectives and technology execution across a multi-project portfolio. Cultivate deep partnerships with business leaders, resolving conflicts and translating requirements into actionable IT roadmaps that consistently meet—or exceed—stakeholder expectations. Champion productivity by recommending new systems, streamlined processes, and select org changes, accelerating project delivery and value realization. Oversee end-to-end project governance: scope definition, resource and timeline management, status reporting, and benefit tracking. Lead an enterprise Mobile Application Development team, delivering high-impact iOS and Android solutions that enhance customer and employee experience. Results include strengthened business-to-IT trust, faster project cycles, and measurable gains in operational efficiency.
Senior Director, IT and SaaS
Telligent · Dallas/Fort Worth Area
Sep 2010 – Mar 2015(4 yrs 7 mos)
Senior technical leader accountable for global infrastructure services and the enterprise-wide cybersecurity program. Directed every facet of IT—networks, cloud, compute, storage, and cyber defense—while operating multiple Tier III data centers that delivered mission-critical SaaS solutions to millions of users worldwide with 99.99 % availability. Designed and operationalized the company’s first formal security program—policies, hardened baselines, vulnerability management, configuration control, and multi-layer perimeter protections—cutting critical findings by 80 % in the first year. Reviewed and negotiated customer contracts, SOWs, and RFP/RFI responses, leading security due-diligence assessments that accelerated deal cycles. Managed a $3.5 million annual IT budget, reallocating funds to resilience and automation upgrades without cost overruns, and mentored a high-performing global team that consistently exceeded service-level targets.
SVP, Division Operations Manager op2®
op2® a Division of Old Republic National Title Insurance Company · Dallas/Fort Worth Area
Aug 2007 – Sep 2010(3 yrs 2 mos)
Full-stack owner of a 24×7 SaaS business line, directing everything from infrastructure and cybersecurity to national sales, marketing, help-desk, pricing, SLAs, and P&L performance. Architected and operationalized a comprehensive security program—policies, hardened baselines, vulnerability-remediation loops, configuration management, and multi-layer perimeter defenses—safeguarding always-on customer platforms. Launched a customer security-assessment process that cut questionnaire turnaround to <48 hours, strengthening trust and accelerating deal cycles. Steered a $3 million annual budget, reallocating spend to resilience and growth initiatives while meeting margin targets and delivering continuous, mission-critical service to a nationwide client base.
Senior Systems Administrator
Old Republic National Title Insurance Company · Greater Minneapolis-St. Paul Area
Aug 2004 – Jan 2008(3 yrs 6 mos)
Systems Administration Supervisor
Raytheon Solipsys · Washington D.C. Metro Area
Aug 2001 – Jul 2004(3 yrs)
Information Systems Manager, Logistics Group
United States Air Force · Tokyo, Japan
Apr 1998 – Jun 2001(3 yrs 3 mos)
Education
University of Maryland Global Campus
Bachelor of Science - BS, Computer Studies
1997 – 2000
Expertise
Specialties
