Steve Zalewski

Chief Information Security Officer (CISO) at Levi Strauss & Co.


Office Hours

How does this work?

Security executive with a career marked by demonstrable organizational leadership and technology innovation. Focused on delivering business value through the use of technology, process improvement, and organizational development. Strong interpersonal and collaborative skills. Experienced interacting across all management levels and with geographically dispersed organizations. Key Strengths: •Strategic Planning & Execution •Enterprise Architecture/Strategy •Information Security •Security Risk Management •Organizational Management •Security Governance & Compliance •Cybersecurity Incident Response •Cybersecurity Threat Intelligence and Analytics

Ask me about
Work experience

Jan 2021 - May 2021

Levi Strauss & Co.

Chief Information Security Officer (CISO)

Responsible for leading the company’s global cybersecurity organization.


Sep 2015 - Dec 2020

Levi Strauss & Co.

Deputy Chief Information Security Officer (CISO)

Accountable for defining and leading multiple programs in support of the company's cyber security objectives. Responsible for operational security leadership as well as providing leadership with business teams relative to security design and processes, as well security consulting expertise in support of strategic company initiatives. - Lead the company’s cybersecurity strategy, roadmaps and implementation in support of executing a risk based cybersecurity program to protect Levi Strauss’s information assets and brand reputation. - Lead the company’s Global Cybersecurity Threat Intelligence and Incident Response functions, including managing the international team of employees and contractors that monitors and responds to cyber events for the company. - Provide strategy and guidance to the business leadership of our product lines in support of strategic business planning and corporate cybersecurity policy adherence. - Support business leaders and operations partners in infrastructure and application organizations in considering holistic and integrated approaches that provide for data integrity, information confidentiality and service availability of company and consumer data. - Demonstrated experience presenting information security to a wide range of audiences, including Executive Leadership and the Board. Chief Security Architect Accountable for defining and leading the company's security strategy as the company’s senior most technical security leader of our risk based security program. Responsible for security strategy, architecture and roadmaps to design in security controls at an architecture level to protect Levi Strauss’s information assets and brand reputation.

Jun 2009 - Aug 2015

Pacific Gas & Electric Co.

Managing Enterprise Security Architect

Led the Enterprise Security Architecture practice at PG&E focusing on enterprise security technology strategies, roadmap and consulting to address security requirements across the company (Business, Customer, Gas and Electrical Power grid infrastructures). This 3 member security architecture team developed the 3-5 year Strategic Roadmap and Security Practices used for strategic planning and funding justification purposes to support the business functions of the company. Executed a 2 year program to define and implement the companies Identity and Access Management (IAM) Strategy, Architecture and Roadmap. Efforts included developing the strategic roadmap and architecture for the IAM security services to support the business functions of the company and leading a team of 18 solution architects, developers and project managers to deliver the first release of PG&E’s Identity, Credentialing and Access Management Services. These security services spanned Business, Customer and Electrical Power grid infrastructures. Under the Office of the CTO, was responsible for security, Information and Integration shared services portfolio to provide strategic guidance and roadmap direction. Specific portfolio services included: • Security •Content Management (Records/Documents) •Enterprise Integration (SOA/ESB, ETL, Batch) •Business Intelligence/Analytics/Reporting


2004 - 2009

Kaiser Permanente

Sr. Security Manager - Identity and Access Management Services

Managed the Development team for Kaiser’s Identity and Access Management group. This 10 member team of architects, consultants and engineers, with a budget of $2 million, developed Kaiser’s Identity and Access Management Services. Security services included Identity/Access Provisioning, Identity Federation, Single Sign-on, Role Management, Identity GRC, Access Mgmt and Web Services Security. Managed a team of 12 architects, consultants and and production support personnel for the initial deployment of Kaiser’s Enterprise Service Bus (ESB) infrastructure. This wa a $10 Million dollar strategic initiative for Kaiser.


2002 - 2004


Sr. Data Security Architect

Developed strategy, technical architecture and proof of concept for the company’s storage resource management (SRM) data protection and recovery product line. Used SAN and NAS volume based replication technologies to supplant tape-based off-line backup products with disk based online replications as the primary data protection tool. Filed 4 U.S. patent applications for methods developed in the area of data protection processes.


2001 - 2001

Tom Sawyer Software

VP Engineering

Lead Engineering, Documentation and Marketing departments; annual budget of $4M. Expanded the engineering department from 7 to 20 engineers (co-located in United States and Europe). Established schedules, engineering deliverables, staffing needs and the necessary processes and discipline within engineering to deliver their next release of products.


1998 - 2000

Vixel Corporation

Director of Software Engineering

Recruited to manage Vixel’s software development organization, with an annual budget of $5+ million; 40+ member engineering group comprised 1/3 of the company’s employees. Responsibilities for managing and growing the software engineering organization from 4 to 50 engineers as Vixel transitioned from a startup company, through a successful IPO, and into a publicly traded company. Also responsible for software architecture and technical roadmap for the Hub, Switch, and Host Management software development teams.


1981 - 1998

Digital Equipment Corporation (DEC)

Technical Director

Defined and executed the strategic technical strategy and roadmaps for the OpenVMS Operating System Development group. This was Digital’s Enterprise operating system with revenues exceeding $500M million a year and a customer base of 10M million users. • Lead Systems Architect for Adaptive Partitioned Multi-processing model for large scale multiprocessor computing systems. • Led 10 member technical staff. • Granted 3 U.S. patents in the area of software controlled adaptive partitioned multi-processing.


BS, Computer Science

Babson College - Franklin W. Olin Graduate School of Business

Technical Management Education Program Certificate, Business Strategy and Organizational Leadership

Talk to Steve

@ Copyright 2020 OfficeHours Technologies Co.