The world's largest private independent global cloud hosting company- Direct the development, implementation, and program maturity of Constant's comprehensive compliance program, encompassing CSA, FedRAMP, HIPAA, ISO 20000, ISO 27001:2022, ISO 27017/18, PCI, SOC 2, and adherence to Constant's branding standards.- Spearhead the formulation and execution of global security governance, risk management, compliance, and privacy strategies across Constant's portfolio of brands.- Facilitate close collaboration with key stakeholders to meticulously craft and execute Constant's security, GRC, and privacy roadmap, ensuring strict adherence to regulatory requirements and industry standards.- As the Privacy Leader, oversee the identification and implementation of privacy strategies, conducting privacy assessments, and managing all privacy-related compliance obligations such as GDPR and DPDPA DPAs and privacy reports. Aligning Constant brands to US privacy laws, DPDPA, GDPR, LGPD and other privacy regulations.- Lead, develop, socialize, and disseminate information security and ESG policies, while actively promoting governance documentation within the organization.- Foster seamless cooperation among internal departments, clients, partners, and vendors to identify, mitigate, and remediate risks, resulting in an enhanced risk posture.- Establish and oversee Constant's Vendor Lifecycle Management and Third-Party Risk Management program, bolstering the organization's risk management capabilities.- Lead Constant's software assurance program and compliance to third party software licensing- Drive the optimization of Constant's bug bounty and security awareness initiatives to fortify cybersecurity defenses.- Collaborate with Trust and Safety counterparts to develop compliant KYC processes and establish a comprehensive privacy program aligning with international and US AML, privacy laws and KYC frameworks.

Integrate a Third-Party Risk Management Platform for the Southeast U.S. Largest Utility Provider (Platform Automation and Orchestration)- Identified and integrated key processes into the overarching procurement risk management solution into enterprise risk management platform.- Facilitated collaborative efforts across multifunctional stakeholders to ensure a smooth platform migration, while also automating and orchestrating relevant processes.- Provided strategic insights and delivered executive reporting recommendations to enhance supply chain risk management.- Conducted thorough third-party risk assessments to fortify risk management practices.

A Medical IT Staffing Company- Proposed and advocated for a comprehensive IT asset risk management strategy, optimizing the protection of critical assets and minimizing vulnerabilities.- Developed and presented a roadmap for the effective management of IT assets, highlighting potential risks and mitigation measures.- Conducted in-depth assessments to identify asset-related risks, enabling proactive risk mitigation strategies.- Collaborated with cross-functional teams to establish asset tracking and monitoring mechanisms, enhancing overall asset security.- Introduced best practices for IT asset lifecycle management, ensuring proper risk assessments at each stage.

A secure digital document (B2B/B2C) delivery provider (SaaS)- Crafted and executed Inlet's data protection, compliance, risk, and security strategy, driving the successful implementation of the roadmap.- Aligned Inlet's Information Security strategy with overarching business objectives, ensuring a cohesive approach to Infosec.- Formulated, communicated, and disseminated information security policies, fostering a culture of security awareness.- Established a robust IT risk management framework and compliance program in support of Inlet's Information Security Program.- Led and conducted comprehensive internal risk assessments, proactively identifying and mitigating potential vulnerabilities.- Successfully managed and led external certification and attestation projects, including PCI, and SOC 1/2.- Pioneered the establishment of Inlet's vendor risk management program, overseeing all third-party risk assessments.- Collaborated with cross-functional teams, including development, operations, marketing, and key stakeholders, to define and execute the product security roadmap, secure product lifecycle, and go-to-market strategy for the Inlet platform.

Hewlett Packard Enterprise Security Services-Functioned as a Trusted Advisor, providing consultancy services to CISOs and other C-suite executives across multiple organizations. Identified and delivered strategic recommendations for secure product implementations, programs, and strategies.-Collaborated with the CISO of a global glass manufacturing company, overseeing and leading comprehensive IT risk assessments. Developed a robust risk strategy framework integrated into the enterprise risk management program.-Worked closely with the CISO of a Fortune 100 company, driving a strategy to transition the end-user environment to a Desktop as a Service (DaaS) model. Managed and led a skilled team in delivering a container-based encryption solution (PKI) and Single Sign-On (SSO) implementation.-Successfully managed and led a PCI remediation engagement, ensuring compliance with stringent payment card industry standards.-Oversaw the ISO readiness review and the implementation of ISO 27001:2013 Information Security Management System (ISMS), enhancing information security practices.-Collaborated with Hewlett-Packard (HP) research and external entities to identify emerging product offerings. Provided critical insights and data to enhance existing edge security capabilities.-Collaborated with diverse stakeholders to formulate and execute a product roadmap and go-to-market strategy within the HP Enterprise Security Services (ESS) portfolio. Introduced a cutting-edge tool leveraging data analytics, known as "Security Business Intelligence" (SBI), transforming data into actionable security intelligence. Published internal positioning papers highlighting the value of SBI and BYOD initiatives.

Halian Consulting Services- Led the Enterprise Security Architecture team, overseeing the delivery of Compliance, BYOD (Bring Your Own Device), and Enterprise Security Strategy & Architecture solutions.- Collaborated closely with multifunctional stakeholders to successfully implement secure mobile endpoint solutions, ensuring the protection of sensitive data.- Developed and delivered an enterprise risk and security framework tailored to the needs of a new educational and research hospital in Doha, Qatar, enhancing security measures and compliance.- Worked in conjunction with multifunctional teams, including DevOps, IT, Engineering, and Senior Management, to spearhead the design and implementation of a multi-factor tokenized encryption solution, facilitating secure access to the corporate environment.- Defined and crafted the security architecture for the SIDRA hospital, aligning it with industry best practices and specific organizational requirements.- Directly managed a team of five personnel, providing leadership and support to achieve project objectives and initiatives.

Associate Director/Principal ConsultantCognizant Security Consulting Services• Defined implementation and migration strategy from OnPrem to a SOC for a large Norwegian financial organization.• Lead teams to conduct perimeter security compliance engagements. • Lead an ISO readiness review and remediation engagement for a large insurance organization• Led a PCI remediation infrastructure engagement. • Directly managed a team of 6 individuals and provided project management, engagement management and mentored other team members

IBM Global Account (Office of the IBM CIO)Enterprise Security Architect- Collaborated with diverse stakeholders to identify strategic objectives and created a vision that aligned seamlessly with the overarching business strategies for the IBM CIO's office and various internal cross-functional business units.- Held the responsibility for crafting the information security strategy and overseeing the development and implementation of secure solutions for IBM's worldwide web and mobile infrastructure.- Pioneered the creation and delivery of an internal IT security and risk management framework tailored to IBM's vendors and service providers supporting the organization's business units.- Collaborated closely with IBM's research teams and multifunctional units, driving the development and deployment of the first global load-balancing technology using DNS (Domain Name System).- Led the governance review board for IBM Global Account's internal web and mobile infrastructure architecture, providing invaluable direction, guidance, and consultation to multiple business unit leaders, project managers, and program leaders to ensure the successful implementation of IT infrastructure solutions.- Offered recommendations and consultation for IBM's inaugural utility-based computing environment in 2004, subsequently remarketed as IBM OnDemand, contributing to its success.- Delivered numerous security solutions aligned with industry frameworks such as GS Method, Unified Method, ITIL, CORBA, ISO, and TOGAF.- In 2003, spearheaded IBM's security team and collaborated with various entities, including clients, internal IBM service lines, external business partners, vendors, and global stakeholders, to develop and implement a global IT secure remote access solution. This solution was fully implemented for the world's most renowned retail brand, earning recognition in the form of the IBM Global Services Outstanding Leadership Award from then IBM GM – Ginni Rommetty, (former IBM CEO)