• Intricately involved in the oversight of all aspects of the information security program, including incident response, data protection, and application security• Implement and facilitate the information security governance program to support compliance with regulations (i.e. CCPA, NY DFS), industry standards and frameworks (i.e. NIST, ISO 27001, SOC2), and contractual requirements• Partner with IT, Legal, Compliance, Finance, Human Resources, and other departments in support of information security initiatives• Selected as one of only 3% of employees with top leadership potential for the 2019 WFG Leadership Training program• Manage high-risk security events, serving as the primary point of contact for the executive team• Assist with the budget and strategic planning of a multi-million dollar information security program• Prepare security program metrics and key risk summaries for the Information Security Committee presentation• Recruit and hire a robust security team• Manage a team of analysts responsible for monitoring, detecting, and responding to 1000 - 1500 monthly security events• Develop, maintain, and publish comprehensive ISO27001-based information security policies and standards• Develop and maintain the incident response plan• Created and led information security training and awareness programs, including incident response training for senior executives• Provide risk guidance and security expertise for IT and software development projects, including architecture review and proposing secure alternatives• Reduced eDiscovery costs by as much as 80% by identifying a need for and spearheading the implementation of an in-house litigation support and eDiscovery solution• Perform annual PCI self-assessments for crucial business applications• Spearheaded the certificate management initiative, driving the adoption of internal communications encryption with minimal overhead to IT resources

• Managed vendors for incident response and SIEM administration• Implemented and managed enterprise encryption and application security programs• Reviewed and developed information security policies• Responded to security incidents as an incident manager and subject matter expert• Provided eDiscovery and litigation support

• Acted as interim head of the information security office while the company was transitioning between CISOs• Partnered with various IT teams, including regional IT Directors, database and system administrators, and software developers, to implement enterprise-wide security initiatives• Developed and maintained ISO27001-based information security policies and standards• Assisted with the strategic planning of a multi-million dollar enterprise-wide information security program• Implemented and managed enterprise encryption and application security programs• Performed incident response as an incident manager and/or subject matter expert, including providing log analytics• Developed and presented security training for software development teams of 30+ people• Provided litigation and forensic support, including enterprise data acquisition and malware analysis• Implemented, operated, and managed multiple security platforms, including an encryption HSM cluster and a forensic acquisition system• Performed enterprise-wide monthly vulnerability assessments• Managed contractors tasked with the development of the information security web portal

• Developed back-end functionality for an online magazine website, including a performance monitoring system, credit card processing components, and customer lead management systems

• Maintained and developed highly customized, acquired real estate systems• Performed troubleshooting of system-level and software-level issues• Performed requirement analysis and project planning• Managed development team and resources• Managed contractors during project development and testing

• Maintained and developed software systems for real time credit card processing• Performed project management of in-house and contract developers• Drove and implemented project tracking and reporting procedures (management reports)

• Developed business strategy and marketing plans• Performed project management and software development• Performed business systems analysis, including requirements gathering, analysis, and documentation• Designed and implemented Oracle database backup strategy and development environment

• Designed, developed, and tested client/server and Internet applications in a Unix environment• Performed project management• Developed and maintained an internal financial and billing system• Designed customer and financial databases• Mentored and guided software engineers

• Provided key skills and technical understanding to assigned projects• Assisted in project organization and structure• Assisted in business analysis and proposal documentation• Taught professional education courses (SAP Administration and Oracle Backup and Recovery)

• Monitored, tuned, installed, and configured multiple SAP R/3 Systems running on AIX and Oracle• Developed automation and operation utilities for data warehousing systems• Provided global 24x7 customer support for SAP systems

• Developed system administration and automation tools• Developed deployment scripts