• Spearheaded the design and execution of enterprise-wide cybersecurity and privacy strategies, elevating security posture and operational resilience across the organization.• Led governance, risk, and compliance (GRC) transformation by implementing streamlined processes, robust controls, and real-time monitoring to ensure seamless SOC 2 compliance.• Established strategic security initiatives, including code scanning, cloud security posture management, and advanced threat detection, to mitigate risk and strengthen cloud infrastructure.• Led security operations, focusing on proactive risk management and safeguarding critical customer data to ensure business continuity and service integrity.• Directed IT operations to optimize system performance, streamline workflows, and drive automation, ensuring efficient service delivery and alignment with security and compliance standards.

• Directed tactical security operations following the acquisition of 1010data, deploying controls to safeguard critical data assets and ensuring rapid response to emerging threats throughout the integration process.• Led the development of a strategic roadmap for ISO 27001 certification, conducting a comprehensive gap assessment to align operations with international security standards.• Established a vulnerability management program, utilizing a risk-based approach to eliminate backlogs and enhance overall security posture.

• Led comprehensive M&A assessments, enhancing deal valuation and strategic alignment across multiple acquisitions within the rapidly evolving digital asset landscape.• Provided expert security insights into emerging Web3 technologies, including institutional-grade cold vault storage, non-custodial cryptocurrency wallets, and NFT solutions.• Spearheaded risk prioritization initiatives and IT strategy development while overseeing the successful integration of acquired firms into existing operations.

• Drove a transformative cybersecurity roadmap, significantly reducing risk and achieving exceptional audit outcomes across the organization.• Strengthened product security and fostered a DevOps culture by integrating security architecture reviews, threat modeling, and code scanning into the software development lifecycle (SDLC).• Remediated vulnerabilities across millions of devices, enhancing vulnerability management with measurable service level agreements (SLAs) and ensuring compliance with PCI DSS standards.

• Propelled the growth and innovation of advanced threat technical services across North America, Europe, the Middle East, India, Africa, Asia Pacific, Greater China, and Japan.• Designed and launched a global cloud-based managed service for threat detection and response, leveraging big data analytics, machine learning, behavioral anomaly detection, threat intelligence, and proactive threat hunting.• Developed a 24/7 global security operations capability within professional services to support intrusion detection and incident response, enhancing client resilience against cyber threats.Practice Director, Security Services• Led the US and UK practice with over 150 engineers, providing advisory and technical services across all domains of information security for clients in the financial, healthcare, insurance, technology, and other sectors.• Managed strategic projects focused on secure cloud enablement, cyber defenses, and governance, risk, and compliance (GRC).OpenSky was acquired by TUV Rheinland Group, having delivered over 750 projects to Fortune 500 companies.National Practice Lead, Cybersecurity Testing Services• Founded and developed OpenSky’s national cybersecurity testing practice.• Oversaw comprehensive security assessments, including penetration testing, application security testing, static code analysis, red teaming, vulnerability assessments, and social engineering.Regional Practice Lead, Security Services• Launched the Mid-Atlantic region practice for security and risk management professional services.• Created security services portfolio and methodologies, leading advisory and technical service delivery across all aspects of information security for diverse industry clients.

• Established and led a new security professional services division, managing P&L across five office locations.

• Led efforts in penetration testing, application security assessments, incident response, and forensics.

• Delivered security, risk management, and compliance services to Fortune 500 clients