Developed and executed robust cybersecurity strategies, ensuring compliance with PCI-DSS, ISO27001, SOC2, COBIT, NIST-CSF, HIPAA, CCPA, and GDPR across diverse industries. Strengthened stakeholder relationships through strategic security assurance activities, led vendor assessments and implemented third-party risk mitigation. Drove multiyear cybersecurity roadmaps, aligning with business risks and budget considerations. Built and managed a high-performing cybersecurity team, overseeing company-wide security controls in accordance with SOC2, HIPAA, PCI, and global privacy requirements.

Directed and enhanced the Third Party Risk Management Program at Interpublic Group, managing a team of cybersecurity professionals to assess and respond to client inquiries and requirements, fostering strong client relationships, and ensuring alignment with industry standards.Successfully led the ISO 27001 Program Management, overseeing the implementation and maintenance of the Information Security Management System (ISMS) across the organization, resulting in the attainment and sustained certification of ISO 27001 compliance.Led a SOC 2 Type 2 audit engagement, meticulously assessing and validating the design and operationaleffectiveness of controls. Effectively collaborated with cross-functional teams, ensuring alignment with AICPA Trust Service Criteria. Delivered comprehensive audit reports reflecting a deep understanding of IPG's informationsecurity processes and IT-related systems.Led the development and documentation of comprehensive cybersecurity policies, establishing a robustfoundation for security practices within Interpublic Group, and ensuring compliance with relevant industry standards and best practices.Oversaw cybersecurity awareness training program, demonstrating leadership by designing and delivering engaging sessions that increased organizational resilience against cyber threats, resulting in a measurable improvement in staff awareness and adherence to security best practices.Provided strategic leadership and guidance in the design and implementation of cybersecurity initiatives, fostering a proactive approach to risk management and compliance within Interpublic Group.

Lead incident responder with a mission to respond and restore to service when cyber security events areescalated, that threaten the confidentiality, integrity, or availability of network services of the firm. Service owner, project manager, and subject matter expert for enterprise-wide endpoint management solutions.Directed the efforts of security analysts, vulnerability management, penetration testers, investigators, forensics, and corporate counsel when responding to escalated events through all phases of the incident response process.Led the Incident Response efforts for a global media & and entertainment company against hundreds of attacks in support of NBC and client companies (NBC Sports, Universal Parks and Resorts, Fandango, Telemundo, and Universal Pictures)Subject matter expert for endpoint management platform for security operations division use during incident response. Trained and mentored other team members on best practices for proper use.Provided cyber security training series to technology leaders, at multiple NBCU sites, to reduce physical, cyber, and data handling security risks by increasing awareness of policies that govern personnel throughout the firm.

Played a pivotal role as a Senior Cyber SOC Analyst at First Data, actively participating in the monitoring and analysis of security events and incidents to safeguard payment card data, adhering to PCI-DSS (Payment Card Industry Data Security Standard) requirements.Implemented and maintained advanced security monitoring tools, including SIEM solutions, to continuously detect and respond to security incidents, ensuring compliance with PCI-DSS regulations.Conducted thorough investigations into security incidents, analyzing and documenting findings, and providing detailed reports to management and relevant stakeholders, contributing to the improvement of incident response capabilities.Collaborated with internal teams and external partners to assess and remediate security vulnerabilities and gaps in alignment with PCI-DSS controls, ensuring a secure payment card processing environment.Developed and implemented security policies and procedures specific to PCI-DSS requirements, fostering a culture of compliance and security awareness within the organization.Worked closely with cross-functional teams to enhance incident response processes, contributing to the development and execution of tabletop exercises and simulations to strengthen the overall cybersecurity posture.

Performed phishing and malware analysis to respond to end users reporting suspicious emails from external senders. Implemented blocks enterprise-wide based on those investigations.Utilized open-source databases to prepare reports for NBA Senior Management that provide an overview of current trends, threats, and risks associated with new, emerging, and/or current global markets.Conducted thorough investigations into security incidents, analyzing and documenting findings, and providing detailed reports to management and relevant stakeholders, contributing to the improvement of incident response capabilities.

Provided chain of custody, digital forensics, threat intelligence, evidence collection, and pre-incident preparation supportfor long-term DEA investigations, involving large scale drug trafficking/money laundering cases on local and national levels.Assisted in numerous Grand Jury investigations; studied case findings and pre-arrest indictments through sentencing.