As a vCISO (Virtual Chief Information Security Officer), I lead a team of up to eight highly skilled cyber security professionals providing executive continuity for clients that did not have their own CISO in their leadership team. I specialized in strategic consulting and implementing of robust security measures to address security gaps and mitigate findings of audits. My role involves advising executives on critical business questions such as "How should we initiate our cyber security strategy?", "Are we able to withstand an attack?" and "Where should we prioritize our investmenta?" I have extensive experience managing regulatory audits including NIST 800 series, FedRAMP, CMMC, ISO 27001, and SOC2 (types 1 and 2) audits, guiding compliance efforts, remediation strategies, and policy development. I have a background in development of cloud strategies, incident response, and artificial Intelligence.I specialize in implementing sophisticated solutions such as PKI, encryption protocols, cloud disaster recovery, collaborative tools, and secure cloud applications to address complex security challenges. My innovative methods and tools are tailored to meet client-specific security enhancement needs. I oversee the delivery of comprehensive security remediation services, crafting detailed work statements and project roadmaps. I adapt deliverables based on client feedback, manage technical adjustments throughout the project lifecycle, and ensure seamless implementation and client approval.Throughout my career, I have successfully led teams that have generated substantial revenue exceeding one million dollars, demonstrating my ability to deliver impactful cyber security solutions aligned with business objectives.

As the Practice Lead and Cybersecurity Architect for the RISC consulting team, my role involved managing the delivery of security consulting services to our customers. These services included general IT and physical security consulting, incident response and business continuity, regulatory and IT audit compliance, cloud security, and retained security services. I created statements of work in collaboration with client executives and technical teams, reviewed and updated customer security policies and architectures to align with NIST and ISO standards, and provided detailed explanations of technical material to C-suite executives. Additionally, I developed metrics and dashboard ratings for assessing the risk of new technologies, identified mitigations for security gaps, and managed the implementation projects for these initiatives.

I was in charge of developing customer-facing professional services in cyber security and risk management. I led a team of up to eight members, focusing on delivering cyber security enhancements to our clients. I created an internal assessment tool for the New York State Department of Financial Services (NYS DFS 500) to expedite deliveries. Additionally, I developed security services and architectures to address findings from NIST SP 800 series audits and conducted FFIEC audits on IT controls and services, ensuring compliance with financial industry regulations.The organization was sold by FIS to CAPCO, and my team was transferred as part of this deal.

I have consulted with Senior Executives from Global Fortune 500 companies on their Business Continuity and Disaster Recovery Plans. The scope of work encompassed Data Centers housing mission-critical applications, business processes, vendors, and staffing strategies for disaster scenarios.My responsibilities included the review and testing of existing disaster recovery plans, offering technical recommendations for enhancements in networking, data storage, application design, network monitoring, and security. I also evaluated current business processes, suggesting integrations of disaster recovery protocols into daily operations, and assessed staffing models to recommend job roles, training, and performance audits.

As the Lead Consultant for an optimization team of six members, I focus on providing consulting services that assist CIOs in creating enterprise solutions. These solutions align their infrastructure to support business operations in accordance with the TOGAF framework.I have led several customer engagements for Disaster Recovery Strategy, which involved developing objectives for business recovery targets. This included creating Statements of Work (SOW), estimating project costs, and ensuring delivery aligned with the SOW. I have conducted numerous projects that reviewed and audited customer processes and procedures, utilizing the CMMI for IT Services model for assessment. I have documented process flows using Business Process Mapping Notation (BPMN) and developed both the methodology and standards for delivering Enterprise Architecture offerings based on TOGAF, including the creation of an Excel-based documentation framework. Additionally, I have recommended changes to client leadership to address identified gaps in processes, documentation, and skills.

I served as a consultant for IBM's Global Business Continuity and Resiliency Service (BCRS), guiding Fortune 500 executives worldwide on the managerial and organizational hurdles encountered while establishing a risk management framework and high-availability IT solutions for multinational corporations.I also delivered Disaster Recovery training and consultancy to international banks. I crafted the IBM standard methodology for setting up a corporate-wide Disaster Recovery office, encompassing the creation of business resilience and application architectural standards. This methodology was further utilized to pinpoint and allocate financial risks to each executive and their endorsed business functions.

I served as an architect and consultant for IBM's Optimization competency, advising clients on the technical challenges associated with building or migrating data centers, consolidating servers and storage, designing networks, and optimizing processes.I provided subject matter expertise in consulting across multiple technical domains (servers, networking, storage, site & facilities, etc.) and their complex interdependencies. I developed project plans, milestones, and executive metrics for data center migration and optimization initiatives.As a member of an optimization team, I designed a new data center build-out for a global client. This project involved constructing a new data center, reducing 6,000 physical servers to 2,400 virtual servers, migrating applications, and decommissioning existing smaller "processing centers" that were rendered unnecessary after the data center consolidation.

Assembled a team of 16 Network Security Architects and Consultants to address a critical need in IBM's Security portfolio. Oversaw a department budget of approximately $2.5 million and generated revenues exceeding $3 million. Monitored the execution of individual projects, recruited additional team members to accommodate increasing demand, and employed IBM's time reporting system to evaluate team member performance through reporting and reviews.