Alexander Shkolnik

Director Security Risk Management And Governance at Dapper Labs

Alexander Shkolnik has a diverse work experience spanning various companies and roles. Alexander is currently serving as the Director of Security Risk Management and Governance at Dapper Labs, where they have been tasked with developing and implementing the organization's ISO/IEC 27001 enterprise security program. Alexander leads all functions of the enterprise security program, including risk management, governance, compliance, training, and incident response. Notable achievements include hiring and leading a team of security experts.

Prior to their current role, Alexander worked at McKinsey & Company as a Risk and Compliance Manager. In this role, they designed and implemented a risk management program for the firm's Digital and Analytics practice and improved the visibility and intervention rate for new consulting projects.

Alexander also served as the Director of Security Risk Management and Compliance at Merchant Customer Exchange (MCX), where they played a pivotal role in building the company's enterprise security program and enabling the successful launch of a new mobile application.

Before that, Alexander worked at Target, where they held various positions, including Manager of Enterprise Privacy, Project Lead of Enterprise Privacy, and Senior Analyst of Enterprise Information Security. In these roles, they oversaw the development and implementation of privacy policies, established the Enterprise Privacy Program, and implemented security practices throughout the organization.

Alexander began their career at Deloitte as a Senior Consultant, specializing in Sarbanes-Oxley compliance readiness services and IT audits for major Fortune 500 clients.

Alexander started their professional journey as a Project Manager at Minnesota Translation Laboratory, where they facilitated day-to-day office operations and performed document editing, quality assurance, and translations.

Overall, Alexander Shkolnik's work experience showcases their expertise in security risk management, compliance, privacy, and governance, along with their ability to build and scale successful programs.

Alexander Shkolnik attended the University of Minnesota - Carlson School of Management from 1999 to 2004, where they obtained a Bachelor of Science degree in MIS and Supply Chain Management. In addition to their formal education, Alexander has also obtained several certifications throughout their career. These include the Certified Information Systems Auditor (CISA) from ISACA in 2007, the Certified Information Systems Security Professional (CISSP) from (ISC)² in 2010, the Certified in Risk and Information Systems Control (CRISC) from ISACA in 2011, the Certified Information Privacy Professional (CIPP/US) from IAPP - International Association of Privacy Professionals in 2012, the Cybersecurity: Managing Risk in the Information Age certification from HarvardX - An Online Learning Initiative by Harvard University through edX in 2018, the Certified Data Privacy Solutions Engineer (CDPSE) from ISACA in 2020, the Certificate of Cloud Auditing Knowledge (CCAK) from ISACA in 2022, and the Governance, Risk, and Compliance (GRC) for the Cloud-Native Revolution certification from LinkedIn in 2023.


Previous companies

McKinsey & Company logo
Target logo
Deloitte logo


  • Director Security Risk Management And Governance

    June, 2022 - present

View in org chart