As the Director of Information Security & Compliance at Invitation Homes, I am proud to be part of a forward-thinking technology leadership team dedicated to safeguarding our cloud native digital landscape. With a comprehensive approach to cybersecurity operations, I lead the charge in developing and implementing robust cybersecurity operations, risk management and compliance programs tailored to our unique business needs.My responsibilities encompass a wide array of critical initiatives, including:• Strategic Vision: I am tasked with formulating and executing the strategic direction for cyber security operations, risk management and mitigation strategies, ensuring that our technology framework aligns seamlessly with current and emerging regulatory requirements.• Cybersecurity Technologies: I oversee the deployment of advanced cybersecurity technologies and programs, ensuring that our security posture is not only compliant with industry standards but also resilient against evolving threats.• Performance Metrics: I develop and report on performance metrics that clearly demonstrate our business impact and effective risk reduction, translating complex security measures into actionable insights for stakeholders.• Cross-Functional Coordination: My role involves coordinating activities across various departments to foster a culture of compliance and security awareness, empowering teams to prioritize cybersecurity in their daily operations.Through collaboration and innovation, I work to create a secure environment that enables Invitation Homes to thrive while protecting our assets and stakeholders.

Command Security Program Manager - Information Dominance Warfare Officer tasked to provide cyber and physical security, all-source analysis, indications and warning (I&W), collections management, and counter terrorism efforts against Terrorist Networks and country specific nation state actor groups. Korea & Northern Iraq and Physical/Information Security Subject Matter Expert.

As head of Cyber Risk Trusted Advisory Services, I managed the customer relationship and ensured customer cyber risks are addressed with the appropriate solutions. I collaborated with senior leadership to deliver cyber resiliency visibility and management through cyber risk management and consulted on remediation initiatives. I empowered organizations to navigate the complex legal landscape of cyber threats, cyber insurance and secure their digital assets by offering tailored solutions for businesses seeking comprehensive cyber risk management strategies. I identified, quantified, and managed cyber risk across people, process, governance, and technology to deliver a continuous holistic assessment of all internal and external influencing factors over the cyber risk posture of an organization. With this information leadership/cyber risk owners were empowered to prioritize their cyber risk strategy with verified and proven metrics of risk acceptance levels. The data and analytics delivered ensured organizations have verifiable proof to validate cyber risk insurance decisions align with budget and risk tolerance goals. Creating a continuous line of sight allowed organizations to access up-to-date data with reports and charts to support strategic cyber decisions. The cyber security remediation areas of expertise I provided included business continuity, disaster recovery, enterprise risk, governance, and compliance.

As Technology Risk Manager - IT Executive, I manage the Technology Risk Team providing risk and compliance oversight of the Guild Mortage technology environment. I provide leadership in developing, implementing, and overseeing the technology risk management framework of the organization. This includes regulatory expertise in identifying, assessing, and mitigating enterprise and technology-related risks to ensure the security, availability, and integrity of technology systems and data and ensure compliance with applicable laws and statutes. Further responsibilities include team leadership, policy and procedure management, and performing annual enterprise risk and threat assessments. Tasked with tracking internal and external risk identification, scoring, remediation efforts/projects, recommending and implementing systems or programs to mitigate risk, develop risk controls, and align IT Audit Defense with leadership to improve the overall risk posture of Guild Mortgage.Corporate Programs Managed:• Business Continuity and Disaster Recovery• Technology Risk Management• Incident Response• Crisis Management

As VP Enterprise Continuity and Security, I lead the Enterprise Business Continuity, Crisis Management, Physical Security & Safety and Cyber Incident Response projects and programs for Fairway Mortgage, a 10,500+ employee company with locations in 49 states. • Responsible for IT Governance, Risk and Compliance program, IT Audit, Business Continuity and IT Disaster Recovery audit and testing. • Planned, directed, and managed all aspects of business continuity functions and processes, including business impact analysis, business continuity planning, annual exercises, and regulatory and compliance audit defense. • Served as the subject matter expert and architect for Business Continuity working closely with Senior IT Executives and the business to insert IT Risk Management practices and implement policies, procedures and programs designed to comply with FFIEC, NIST 800 Series, COBIT standards and guidelines, as well as investor and regulatory requirements. • Led IT GRC (Governance, Risk and Compliance) Team• Implemented a best-in-class Business Continuity Management program to integrate, consolidate and streamline business continuity, cyber incident response, crisis management, disaster recovery and emergency management processes across the organization into an efficient cohesive program. • Sourced, implemented and managed the corporate wide crisis & emergency communications system to keep our employees safe and connected during severe weather and other dangerous events affecting Fairway employees and offices across 49 states.• My responsibilities also include leading the Corporate Safety and Security department for 10,700 employees and eight corporate facilities nationwide.

As the AVP IT responsible for the enterprise Business Continuity & Disaster Recovery program. I led a dynamic team of Business Continuity and Disaster Recovery professionals in developing the Enterprise Disaster Recovery and Business Continuity program ensuring availability of systems and business functions for Mr. Cooper/Nationstar Mortgage and subsidiaries. • Working closely with the CIO and Senior IT Management, I implemented projects and programs designed to comply with FFIEC, NIST 800 and COBIT standards and guidelines mitigating risk and ensuring Internal IT and External Audit compliance. • In under a year, I brought Mr. Cooper/ Nationstar into full BCDR compliance for investor, regulatory and audit requirements. • I worked directly with business and IT senior leadership to architect and implement Nationstar's cutting edge Disaster Recovery Program for critical IT and mortgage applications and infrastructure to ensure competitive business advantage and resilience. • I engaged directly with senior to mid-management, technical and non-technical stakeholders to ensure business continuity and disaster recovery risks were identified and addressed. • Expertly conducted all annual business continuity and disaster recovery testing, reporting and exercises. • Ensured all new application and infrastructure environment changes were captured and documented for BCDR testing.

As IT Manager of Disaster Recovery and Data Protection, I led the IT Disaster Recovery and Data Protection projects to mature programs for GameStop Corp, a Fortune 500 and S&P 500 company headquartered in Grapevine, Texas. • As part of IT Infrastructure and Information Security team I served as the subject matter expert for all disaster recovery and data protection strategies. • As the disaster recovery technology expert, I worked directly with business and IT senior leadership to develop, architect and reinvigorate GameStop’s Disaster Recovery Infrastructure Program for critical IT and Retail applications and systems. • I ensured all new application and infrastructure environment changes were captured and documented for DR testing updates by utilizing automated environment discovery and change management tools ensuring business continuity requirements were met. • By assessing emerging risks and threats I was able to update management on solutions and issues that could potentially negatively affect GameStop and its subsidiaries. • I also engaged with GameStop international business units, acquired technology brands and subsidiaries to achieve standardized disaster recovery capabilities and awareness to limit the overall GameStop risk exposure.

As Information Security Audit and Compliance Manager I was responsible for all aspects of the Information Security and Audit Compliance certification process for the AIG server infrastructure go-live release process. • Coordinated security audits and scans, remediation, server hardening and adherence to compliance standards before release to the production environment. • Partnered to identify and prioritize opportunities for utilizing Security & Compliance processes to achieve the goals of the enterprise. • Communicated Security & Compliance processes, status and changes to customers and Sr. Management. • I was also responsible for tracking key Security & Compliance Process project milestones and recommending adjustments to Project Managers.

I led the Levi Strauss & Co.'s strategic Enterprise Production Data Center Migration and Disaster Recovery projects. • Expertly managed 60 matrixed technology resources with a budget of over $7M for a successful on-time and on-budget delivery.• Tasked with migration analysis, RFI/RFP process, costing, estimates, vendor management, legal and contract negotiation and solution selection. • Once the data center vendor was selected, I planned, scheduled and led all aspects of project including budget, P&L, C-Level senior leadership presentations and briefs, change management and vendor relationship. • Upon completion of the data center move, I evaluated and recommended both disaster recovery vendors to LS&Co.'s C-Level management team and headed the project. • I mentored junior project staff throughout the project. • Managed vendors such as Sungard, CyrusOne data centers and HP.

I was responsible for the management of Brinks Inc. strategic enterprise business projects ensuring alignment with corporate strategy.• Tasked with building consistency of process across projects and customer satisfaction. • Planned, scheduled and led all aspects of project including budget, P&L and vendor management. • Applied project management knowledge, skills, tools, and techniques in supporting other project managers. • Led Enterprise Data Warehouse, Sales Strategy and External Customer Portal Projects.

I provided overall program and project leadership, customer engagement and infrastructure technology consulting as a member of the Savvis/CenturyLink Professional Services team. • Managed and implemented Business Continuity, Disaster Recovery, IT Audit, Infrastructure and Information Security solutions, as well as emerging Managed Services offerings and Cloud technology projects. • Successfully grew revenue through outstanding customer service and vendor control. • As a professional services consultant I managed disaster recovery and business continuity implementation and remediation projects for large Fortune 100 clients. • Led large scale infrastructure implementations, data center migrations, managed hosting and vCISO security engagements for numerous Fortune 500 clients. • Tasked with leading teams, project scheduling, budget, purchasing, RFPs, infrastructure installation, systems integration, regulatory compliance, quality assurance and customer satisfaction. • Served as a virtual Chief Information Security Officer for managed services clients.

EHPT - Led multiple large global telecommunications projects for custom Ericsson telecom, technology & security solutions including high end, Secure Network and Telecommunications builds, Billing Systems Ericsson Voice and Data Networks, Billing Mediation and Business Intelligence systems.

Sr. Business Systems Analyst 11/97 – 10/98 • Systems Analyst charged with the mapping, testing and quality assurance of multiple integrated projects, processes and systems to include desktop applications, imaging systems, data correction, CD storage systems Project Lead 01/97 – 11/97 • Designed, developed, and implemented the Corporate Operations Training Project,Manager of Quality Control Operations 011/94 – 01/97 • Managed and directed GLI’s national equipment & driver force of over 10,000 employees.