Nancy Free has diverse work experience in the fields of IT compliance, risk management, and regulatory policy. Nancy has held several leadership roles in different companies, including Armor Cloud Security, GameStop, Energy Future Holdings, Southwest Airlines, and Centex. At Armor Cloud Security, Nancy served as the Chief Risk Officer, Data Privacy Officer, and virtual Chief Information Security Officer (vCISO). Their responsibilities included overseeing data protection strategy, ensuring compliance with privacy laws and regulations, managing compliance with multiple regulations and frameworks, and leading various risk management programs. Nancy also played a key role in external evangelization and was involved in mentoring and educational programs through the Armor Women's Network.
At GameStop, Nancy designed and implemented a comprehensive IT compliance program across multiple brands and countries, resulting in significant improvements in compliance results. Nancy handled various aspects of compliance management, including IT SOX and PCI DSS, ITGC Framework, process governance, SOC assessments, operational audits, executive and board reporting, data privacy and PII, IT policy management, third-party vendor assessment, security awareness training, disaster recovery, and contract review.
Prior to GameStop, Nancy worked in regulatory policy and compliance at Energy Future Holdings and IT audit at Southwest Airlines. Nancy began their career in IT governance at Centex.
Nancy Free's education history includes studying Biochemistry at the University of North Texas. Nancy has also obtained various certifications such as Integrated Audit & Assurance Professional, OCEG GRC Auditor, Certified CSF Practitioner, Certified Information Privacy Manager, Certified Data Privacy Solutions Engineer, GRCP, ITIL v3 Foundation, Program and Portfolio Management Certification, and Certified Information Systems Auditor.
Sign up to view 1 direct report
Get started