• Regional Cybersecurity Leader, responsible for leading the development and delivery Cybersecurity Services for Financial Institutions clients in the Northeast (DC to Maine), responding to market opportunities, and managing and building teams, and overseeing a portfolio of projects and client relationships. • Helping clients navigate complex technology, compliance and cybersecurity challenges through Digital Transformation, Fractional / Virtual CISO, Cybersecurity Program Roadmaps, Gap Assessments, Threat Assessments, Risk Assessments and Technology Audits. • Key internal strategist at CLA in enhancing methodologies, tools and automation into service delivery, developing proprietary tools, emerging platforms and adoption of best practices.

(Firm Acquired by CLA)• Director in Management Consulting and Cybersecurity Risk Management Advisory Services. Responsible for client service, developing, hiring and mentoring managers and staff, developing and executing growth plans. • Founder and Practice Leader in Cybersecurity / CISO Advisory Services, and Security as a Service.• Founder and Practice Leader in SOC 1 & SOC 2 Auditing.• Management Consulting services included organizational operational transformation assessments, strategic plan development, IT strategic plans and roadmaps, statewide IT systems / services consolidation assessment, software and vendor selection, control optimization, business continuity planning, incident response.

• Appointed to lead 20-person department operating as primary point of contact for Lottery retailers, as well as the regulatory arm of the agency working closely the contracted State Police - Lottery Security Section, the FBI, and other stakeholders. • Conducted oversight of all program areas for retail contracts in a network of over 5000 retail business including ensuring contract compliance, contract termination, contract application, processing, approvals and denials, and administrative rulemaking. • Advised Lottery Director on development of global Lottery strategies, agency policies and political positions, and business plans. • Developed and managed department budget, created and executed strategic business plan, and supervised staff development, and made final personnel decisions. • Collaborated with marketing and field services departments to expand the retailer channel, including developing and implementing recruitment and retention strategies. • Served as primary point of contact for legal issues pertaining to retailers, working closely with attorneys, state legislators, the Governor’s Office, trade associations, and the publicly-appointed Lottery Commission to ensure the Lottery was adhering to its mission.• Member or Transformation Leadership Team.

• Appointed as the Chief Audit Executive, reporting to the Lottery Director, with a dual reporting relationship to an independent Audit Committee comprised of Governor-appointed Lottery Commissioners. Advised the Commission on areas of significant risk and weakness.• Evaluated agency risk with complex Lottery industry security regulations, improved organizational governance and enterprise risk management practices, cybersecurity practices, and operational efficiency. Leveraged BI tools and cyber analytics to enhance operational effectiveness, advised on various strategic topics. • Developed and managed department budget, created and executed strategic business plan, and supervised staff development, and made final personnel decisions. • Developed the audit plan and risk assessment, overseeing the direction and quality assurance of audit work products, and reporting results to the Leadership Team and the Audit Committee. • Member or Transformation Leadership Team.

Served under general supervision from the Oregon Statewide Internal Audit Director. Responsibilities include assisting Internal Audit functions within each state agency in adhering to International Standards for Internal Auditing, and conducting internal audit quality assurance reviews. Specific to DAS, was responsible for auditing and consulting to improve agency operations and help ensure compliance with laws and regulations, statewide and internal information security policies and procedures. Determined audit topics, objectives and scope, developed audit plans, and audit programs. Created testing methodologies, conducted testing for design and operational effectiveness of internal controls, managed audit progress and budget, developed and consolidated audit findings, developed recommendations for corrective action, authored reports, and presented reports to the Audit Committee.

Audited agency operations and information systems security and consulted to add value to the organization, improved services to members and help ensure compliance with laws and regulations, statewide and internal information security policies and procedures. Methodologies include COBIT, ISO/IEC 270002, and the PMI Project Management Body of Knowledge (PMBOK), and various IT industry leading practices. Determined audit topics, objectives and scope, developed audit plans, and audit programs. Created testing methodologies, conducted testing for design and operational effectiveness of information security controls in place to protect member information, managed audit progress and budget, developed and consolidated audit findings, developed recommendations for corrective action, authored reports, and presented reports to the Audit Committee.

• Served as a Technology and Enterprise Risk Services Manager, consulting with Federal agencies regarding enterprise risk management IT controls, and cybersecurity. • I was responsible for planning and managing consulting engagements, managing local, regional and national teams, maintaining day-to-day client relationships, developing and presenting work products, reports, and recommendations to C-Suite, Boards and Commissions. • Example clients: Executive Office of the President, White House Office, Office of Management and Budget, Office of National Drug Control Policy, National Security Council, Veterans Affairs Department, Navy, Health and Human Services.

• Managed and conducted information systems audits, security vulnerability assessments, and business process evaluation projects of state government information systems and IT infrastructure, and data centers. • Presented reports and recommendations to the Legislative Audit Committee, a bipartisan committee of State Legislators. Management and oversight responsibilities included managing teams of auditors during audits, and acting as a senior level leader in the IS audit function reporting directly to the Deputy Legislative Auditor.