Created and implemented high-risk role framework (utilizing NIST SP800-16) that identified areas for improving and appropriate training. Managed monthly security awareness presentations.♦ Researched, created, and presented cyber security awareness materials (webinars, promotional activities), ensuring continual information security (IS) awareness for all team members that strengthened preservation of corporate image.♦ Aligned internal job functions and responsibilities with NIST framework; justified existence of Education and Awareness (E&A) business unit as separate entity by using framework recommendations that improved visibility and value of unit.

Oversaw security risk review assignments and incident management processes and researched current vulnerabilities centering on medical information technology (IT) environment. Advised staff on resolving complex technical problems.

Spearheaded development and implementation of plans and programs throughout State of California, providing in-depth consulting services to state departments and agencies. ♦ Oversaw security risk and incident management, proactively anticipating and addressing potential vulnerabilities and opportunity areas.♦ Championed development, implementation, and maintenance of State of California’s enterprise risk management program, including formal training program for IS officers. Provided concentrated view of risk management for individual departments.