Boutique consultancy providing tailored risk management, security, and strategy services.

Built industry-leading security organization, spanning cyber, physical, insider threat, operations, resiliency, and risk management• Staffed arguably the leading security team in investment management. • Spearheaded multiyear codified security strategy, with a focus on data protection, supply chain security, and organizational efficiency. Applied ongoing threat intelligence to steer strategic direction.• Led security architecture team, applying Secure System Development Lifecycle (SSDLC) to safeguard infrastructure/cloud stack, commercial software, and bespoke apps. Incubated DevSecOps function.• Modernized Enterprise Risk Management (ERM) and Governance, Risk and Compliance (GRC). Corralled regulatory requirements and client engagement. Passed internal/external audits with no material findings.• Drove pen testing with industry-leading partner leading industry partner. Regularly assessed industry and bespoke applications, drove remediations, ran both cyber and non/cyber red teams.• Evolved secure supply chain program to manage vendor risk. Unified process with finance, legal, and tech partners, and drove consolidation, contractual revision, and reduced risk. • Led Business Continuity Management (BCM), revamping resiliency program, integrating it with security and business operations, resulting in tested protection against outages.• Led Human Capital Management (HCM), including training, career paths, compensation, and evaluations. Retained talented staff in a hot market. Ensured a hybrid team maintained high morale, productivity, and career progression.• Oversaw Diversity, Equity & Inclusion (DEI). Partnered with NYU’s Tandon School of Engineering to award minority scholarships for cybersecurity. • Modernized HR policy employees in for National Guard/Military Reserve; recognized by Dept. of Defense with “Patriotic Employer” award.• Asked to join investment division as senior leader to manage team, shape strategy, oversee investment operations.

Led security organization, strategy, and risk governance.• Drove comprehensive, multi-year strategy that took security program to broad industry-standard maturity. Strategy spanned disciplines (cyber, physical, insider), combining broad controls with focused kill-chain analysis and telemetry. Success validated by external reviews. Progress regularly briefed to CEOs.• Modernized risk governance from executive decision to daily operations, empowering staff while securing the company, including included a living ERM system revamped SSDLC.• Ran pen testing program with leading industry partner. Executed a high pace of tests against internal and commercial software, resulting in regular remediations. Enacted technical and administrative safeguards to ensure pen tests were executed tightly.• Revamped security standards, based upon international framework such as NIST 800-53 and COBIT. Standards were practical, agreed, and applied; this reduced confusion and further drove down risk.• Created security audit program, assessing standards, compliance, and efficacy. Results fed into daily operations and security strategy.• Revamped program to respond to regulator and client inquiry regarding security, resulting in a company well-positioned to handle an evolving regulatory landscape.• Created security supply chain risk program, partnering with finance, legal, tech, and business. Includes risk assessment, due diligence, contractual/tech review, and offboarding.• Led BCM program. Revamped Incident Response, inspired by federal National Incident Management System (NIMS). Set standards, RTO/RPOs, and drove enterprise testing, resulting in tight incident management and improved operational resiliency.• Corralled COVID-19 operational response, safeguarding employee health while maintaining corporate productivity.• Ran department administration, including budget, org design, staffing, and training.

Created and ran program to directly embed security within business lines.• Built cross-discipline program, placing embedded “local CSO teams” in business. Designed and staffed roles. Directly ran front office security team as player/coach; built/oversaw security teams for research, client service, back office, and corporate.• Secured the front office tech stack, including OMS/EMS trading systems. Enacted SSDLC including threat modeling, secure architecture, pen testing, developer training/testing, resulting in tighter code bases and a security-minded developer population.• Enacted log collection / telemetry, database monitoring, network segmentation, endpoint configuration management, rationalized access management, privileged access management, data loss protection. This helped ensure business applications rested upon a secure infrastructural foundation.• Created risk management process tying together business assets, threats, controls, and audits; result drove priorities, reduced exposures, and was reviewed quarterly by senior management.• Created pioneering program to ensure security of tech vendors and prime brokers, causing external providers to up their game. Partnered on external audit of trading controls. The result was a highly secured trading operation.• Built insider threat program, including monitoring, response, modeling, tooling, case mgmt. Created security policies, training, and awareness program. Started phishing testing program. Partnered to configure and apply background checks, contractual, and compliance controls. The result was a secure and security-minded employee base.• Setup security ops/helpdesk for front office. Included access requests, vulnerability management, control operations, ongoing audits.• Implemented physical control suite for trading floor and front office: camera placement, clean desk, access controls, staff policies, guard post orders, sound proofing, etc.

Partnered with CTO to drive enterprise tech department for a rapidly growing company.• Built enterprise tech program from scratch to support a company rapidly transitioning from a boutique to an institution. This included overseeing tech infrastructure and embedded tech teams, as well as direct oversight of technologist quality.• Staffed and oversaw initial BCM, security, and project management functions, enforcing baseline quality across the organization.• Delivered middleware application services, such as authorization, integration/deployment, scheduling, and data transformation. This enabled faster, more focused delivery of business applications as well as facilitating higher assurance regarding security and resiliency.• Created central tech recruiting function, successfully and rapidly hiring large slates of technologists, from entry to executive levels.

Led team delivering technology to enable investors to better understand the markets.• Reorganized team, raising the bar on development, operations, and data analysis. Hired strong entry-level and experienced technologists to support a growing enterprise. Promoted new managers and senior developers. Work in C#, ASP.NET, VB, SQL Server.• Overhauled existing infrastructure stack to modern, resilient kit, architecting systems to be both secure and high availability. • Oversaw development of systems to intake, normalize, validate, and visualize large heterogeneous economic data sets, facilitating new research and ongoing investments.• Developed distributed-compute application to parallelize the computation of investment algorithms, greatly decreasing daily run time.• Built and staffed data analysis pillar to enable lead researchers. Renovated operations, successfully supporting critical investment functions. Set up a modern support desk, providing a sustained engineering function to deliver ongoing improvements to users.

Architected and led the development of trade execution technology.• Developed new trading technology stack in C#/.NET, replacing disparate applications, thus reducing support and development costs. Introduced automated unit tests, entrenching reliability. Enacted Straight Through Processing (STP) with middle and back offices, improving efficiency.• Developed first electronic execution systems for futures and equities, engaging with traders, brokers, and technologists, allowing a high trade volume without errors.• Created systems to execute trades in new security types, including options and cash stocks. • Supported a complex, changing trading stack for a 24/6 trading desk, simplifying and hardening operations to ensure market access without interruption.• Hired successfully from elite universities, bringing on top talent that thrived at Bridgewater and beyond.

Developed bespoke applications for clients in financial services and transportation using C, C++, VB.NET, ASP, and SQL Server.• Developed and implemented allocation algorithm in C++ for North American train/freight network.• Created object model, database designs in SQL Server for financial services provider.

Worked on IBM's DB2 Intelligent Data Miner, contributing algorithmic development in Java, XML parsing, and test case suites.

TA for CSCI E-220: Intro to Artificial Intelligence. Taught section, held office hours, graded coursework, including programs in LISP. Taught consecutive years, with strong student reviews.