Perform cybersecurity risk assessments of Suppliers and third parties to identify & validate threats and remediate risks.Measure assessments against key controls and industry security standards, i.e., PCI-DSS, HIPAA, ISO27001:13, SSAE18-SOC2 Type2, etc.Cultivate and enhance trusted relationships with business partners, supply chain sourcing, and other team members to gain consensus approvals on strategies, recommendations, findings, and project plans.

Managed the SOC 2 Audit and HITRUST Assessment engagements.Develop and implement frictionless improvements to the Information Security and Compliance programs. Created and implemented a comprehensive Rapid Implementation Program.Mitigated technical risks to applications and infrastructure.Implemented improvements in the risk management process.

Champion the ISACA certification training programs and increase awareness and attainment of ISACA certifications and certificates.

Manage deployment and overall operations of the Corporate Governance, Risk, Compliance, and Ethics Program for a company with a national footprint.o Developed and implemented a comprehensive compliance program that achieved a 99.8% compliance rate among employees, a 38% reduction in expenses, and an over 13% increase in revenue.Lead investigations and recommend security solutions in alignment with information security policy and standards, resulting in improved management of… Show more Manage deployment and overall operations of the Corporate Governance, Risk, Compliance, and Ethics Program for a company with a national footprint.o Developed and implemented a comprehensive compliance program that achieved a 99.8% compliance rate among employees, a 38% reduction in expenses, and an over 13% increase in revenue.Lead investigations and recommend security solutions in alignment with information security policy and standards, resulting in improved management of information security projects.Manage third-party audits and evaluations and report statuses to ensure successful completion.o Led successful SOC 2 audits that resulted in zero exceptions and high satisfaction from auditors.o Developed and implemented an internal audit and continuous improvement framework that identified areas at risk of audit findings and mitigated the risk.Manage Third-Party Risk Management along with Vendor and contract Management.o Developed and implemented a vendor management program that achieved a 100% completion rate for vendor assessments.o Coordinated the implementation of security controls for a critical vendor that significantly reduced the risk of a data breach Show less

Responsibilities• Ensure compliance with HIPAA and other applicable regulations, standards, and practices• Monitor, report on and assist in coordinating mitigation of technical risks to applications and infrastructure• Conduct annual and intermediate NIST framework-based, HIPAA-mapped risk assessments• Assist in reviewing supply chain technology risk• Support the maintenance of policies and procedures related to information security• Manage our security and compliance… Show more Responsibilities• Ensure compliance with HIPAA and other applicable regulations, standards, and practices• Monitor, report on and assist in coordinating mitigation of technical risks to applications and infrastructure• Conduct annual and intermediate NIST framework-based, HIPAA-mapped risk assessments• Assist in reviewing supply chain technology risk• Support the maintenance of policies and procedures related to information security• Manage our security and compliance work request ticket system. Show less

Manage the definition, design, and implementation of IS Security related projects and initiatives for improved organizational preparedness and security posture. Collaborate with key organizational stake holders, business partners, Information Services staff and vendors to define project scope, desired results and delivera bles . Manage the creation of information security policies, procedures, and a security program. Develop a plan to monitor systems for security gaps, design… Show more Manage the definition, design, and implementation of IS Security related projects and initiatives for improved organizational preparedness and security posture. Collaborate with key organizational stake holders, business partners, Information Services staff and vendors to define project scope, desired results and delivera bles . Manage the creation of information security policies, procedures, and a security program. Develop a plan to monitor systems for security gaps, design effective solutions and provide reports to management. Gather analyze, and interpret, policies, procedures controls, and other documents. Identify the business and technical flow of systems, processes and dependencies to maintain effective development of security programs, initiatives and controls. Create and update documentation according to standards and best practice; preserve and maintain key project information for future use. Plan projects and develop programs; identify resource needs, funding required and priority. Manage all aspect of Program/Project development to facilitate delivery, completion and formal adoption. Assign individual responsibilities and manage tasks to meet dates to secure the successful completion of initiatives. Oversee deliverables assigned to colleagues, vendors to ensure timely completion of organizations IS security related initiatives. Show less

HR Special Projects Manager:• Served as the Special Projects Manager and planned, implemented, and evaluated Human Resource Information Systems (HRIS) in the field and office environment• Ensured compliance with HIPAA, Army, DOD, and local regulation and guidance• Controlled, serviced, and maintained equipment valued at over $850K• Led the Human Resources & Administrative Department for a 644-person military/civil support organization• Wrote policies and procedures to guide… Show more HR Special Projects Manager:• Served as the Special Projects Manager and planned, implemented, and evaluated Human Resource Information Systems (HRIS) in the field and office environment• Ensured compliance with HIPAA, Army, DOD, and local regulation and guidance• Controlled, serviced, and maintained equipment valued at over $850K• Led the Human Resources & Administrative Department for a 644-person military/civil support organization• Wrote policies and procedures to guide all personnel actions; evaluated work results• Oversaw all administrative processes, including employee evaluations, awards, promotions, accountability, and legal actionsAir Defense Systems Operations Sergeant:• Planned, implemented, and evaluated all aspects of the Brigade Aviation Command, Control, Communications, Computers (C4) Intelligence, Surveillance and Reconnaissance (ISR)• Initiate and coordinate the connection and interconnection of the IT system with the global information and communications systems• Managed operations and complied with all Federal Aviation Administration, military, and local regulations• Maintained and serviced $6.5M worth equipment• Supervised a junior staff on multiple projects guiding their onboarding, networking, professional development, technical knowledge, and career management Show less

• Supervised all clinical staff to handle administrative processes and legal entitlements of veterans• Utilized the Veterans Health Information Systems and Technology Architecture (VistA), and Computerized Patient Record System (CPRS) programs to administer scheduling functions• Identified scheduling errors and duplicate provider appointments; implemented corrective actions• Conducted research and follow-up after referring clients to appropriate care providers