• Serve as business information security officer (BISO) supporting the Global Operations division. • Provide guidance on interpretation and compliance with security policies, standards, and controls.• Support Global Operations on implementation of security initiatives, security control adoption, security vulnerability remediation, security modernization, and risk issue management.• Publish and present monthly security briefs to lines of business.• Brief CISO and security leadership on business goals and priorities for successful collaboration.

• Served as business information security officer (BISO) supporting the Finance, Risk, Legal, HR, Audit, Multifamily, and IT divisions. • Provide guidance on interpretation and compliance with security policies, standards, and controls.• Supported lines of business on implementation of security initiatives, such as NIST 800-53 security control adoption, identity and access management governance, security vulnerability remediation, security modernization, and risk issue management.• Publish and present monthly security briefs to lines of business.• Brief CISO and security leadership on business goals and priorities for successful collaboration.

• Established an accreditation and authorization process at USAC to align with NIST 800-37 Risk Management Framework.• Identified, Selected, and Implemented NIST 800-53 controls on key systems.• Launched new security capabilities to reduce risk, such as, data loss prevention technology (Proofpoint), endpoint encryption (Dell DDPE), Splunk SIEM, and advanced endpoint security (Carbon Black).• Strong focus on vulnerability management that reduced vulnerabilities by 1500%.

• Developed the GWU information management program, which was a framework to categorize and protect information assets. • Collaborated with the Division of Information Technology and the Office of General Counsel to establish a new data classification model, new information security standards, and record retention requirements. • Conducted annual assessments to identify and remediate risks to regulated information.• Served as the university HIPAA privacy officer and chaired the HIPAA governance committee at GW, which consisted of key university stakeholders and schools involved in the management of health information. • Key contributor in the university Payment Card Industry Data Security Standard (PCI-DSS) Compliance Program.

• Established formal vulnerability remediation process. The process scanned, discovered, and remediated security vulnerabilities on over 3500 systems on the GWU network. • Developed an IT Risk Register that cataloged risks aligned to services supported by the Division of Information Technology. Risks ranged from security vulnerabilities, technical debt, business continuity issues, and regulatory compliance gaps.• Rolled out GRC application for tracking risks, workflow, remediation, and system profiles on Agiliance. Reported progress on a weekly basis to CIO. • Collaborated with the Office of the Vice President for Research to support principal investigators achieve Federal compliance required of sponsored research grants.• Co-authored the Information Security Policy and the Records Management Policy

• Established formal vulnerability remediation process. The process scanned, discovered, and remediated vulnerabilities on 8000 systems and reduced vulnerabilities by 75%.• Rolled out self-service patching for employee endpoints. The new capability provided flexibility in patching and improved time to patch by 50%.• Streamlined the intrusion detection topology that increased coverage and reduced cost.• Chaired monthly security roundtable with key IT stakeholders across company. • Developed first SOX-compliant security awareness online training program.

As Director of Sales Engineering, was responsible for producing dynamic sales engineering team capable of supporting US internet services sales department. Product portfolio and expertise spanned internet connectivity (T-1 through OC-3), security services, routing, hardware, and web hosting services.

Hired as a Sales Engineer and was promoted to manage two Sales Engineering teams (domestic and international). Product portfolio and expertise spanned internet connectivity (T-1 through OC-3), security services, routing, hardware, and international transit/private line services.

Member of the Corporate Information Systems department. Responsible for desktop IT support and wide area network support.

Member of the Investment Division. Responsible for the management of the IT help desk that provided desk top, local area network, wide area network, and securID/token support for the division.