• Advised companies on how to implement cybersecurity programs in compliance with international standards and best practices. This has included National and International companies with +$1B in revenue, companies being readied for acquisition/merger, as well as smaller organizations trying to comply with the complicated landscape of cyber governance. • Cybersecurity Advisory, Compliance, and Implementation Services for ISO 27001, ISO 27017, ISO 27018, ISO 27005, SOC 2, HIPAA, HITRUST CSF, CMMC, NIST 800-181, GDPR, & PCI DSS

• Cybersecurity Program advisory and implementation for ISO 27001/27005, CMMC 2.0, NIST 800-171, HIPAA, & GDPR.

• Cybersecurity Program implementation advisory for ISO 27001/27017, ISO 27005, SOC 2, & GDPR• ISO 27001 auditor

Security and Compliance Advisory Services for CMMC, NIST 800-181, and ISO 27001.

• As the company's first Cybersecurity and HIPAA Security Officer, I created a Cybersecurity program that aligned the Enterprise Security & Compliance road maps to sales initiatives and business requirements for commercial entry into the U.S., U.K./EU, and Japanese markets. • Created a cross-functional Cybersecurity Committee that oversaw and approved enterprise security initiatives.• Architect for the HeartFlow Cybersecurity program which covered a Multi-Region AWS Production infrastructure and international facilities in California, Texas, Japan, and U.K./EU.• Created and managed the HeartFlow ISMS, Security Risk Management, Vulnerability Management, and Security Incident Response programs.• Responsible for security audit and compliance program for HIPAA, HITRUST CSF, ISO 27001, SOC 2 Type 2, GDPR, and Business Continuity.• Oversight review for security and privacy product roadmap requirements as part of the Product Committee.• Worked with a cross-functional team to improve and implement 3rd party/supplier security risk management. • Communicated Heartflow’s roadmap for security and patient privacy with internal leadership and external partners/customers as part of the Product Sales cycle.

• Cybersecurity Program assessment and advisory services • Advisory and implementation services for bootstrapping IT infrastructure• Business continuity and disaster recovery planning

• Built and scaled the IT infrastructure from seed funding to a 49k sq ft research lab facility with two remote research locations.• Scaled services to match the rapid growth of 80+ employees plus 200+ research and workstation nodes through provisioning standardization and leveraging external & internal cloud services.• Managed Infrastructure & Facilities Dept. and provided senior direction to Operations management and staff.• Minimized IT expenditure to less than 4% of the overall budget through strategic provisioning and vendor relationships.

• Managed 24x7 SaaS infrastructure for an international enterprise with 115,000 global users and over $10 billion in yearly transactions.• Managed six-figure project budgets to keep in line with financial requirements, maximize ROI, and reduce time to market for Fortune 1000 customers.• Worked with vendors to reach 40%-60% discount rates and reviewed co-location architecture to reduce operating costs by 48% per year.• Created policies and procedures for asset and change management, as well as specific clients (e.g.- AMEX, CVG, PG&E, & Chevron) regulatory security audits & requirements (e.g. - PCI DSS).• Managed team of employees and consultants to provide follow-the-sun support for US HQ, Ketera-India (Bangalore), and two co-location facilities on the West and East Coast.• Transitioned external services call center to new internal services department, including upgrading and integrating of systems between India and US support teams.

• Created RFP's and necessary customer documentation.• Provided technical and project management duties to ensure cost and risk compliance.• Managed service relationship with clients.

• Led initiative to implement private cloud architecture to scale production, maximize hardware ROI, match rapid customer base increase, and reduce time to market by +60%-80%.• Improved company SLA's by re-architecture of back-end database systems with additional benefits in reduced operational risk, improved application resilience, and higher back-end transaction capacity.• Reduced operating costs by standardizing equipment and vendors (increased discount level +15%), implementing corporate asset management, consolidating servers (+60% savings), and in-house service management (+20% cost reduction).• Grew managed services staff and budget resources to meet +50% company growth.• Oversaw Information Security Management System policies and projects: Payment Card Industry Data Security Standard (PCI DSS), Business Continuity, Disaster Recovery.• IT Product Owner for SDLC, responsible for CI/CD, release deployments and support.

• Managed Enterprise Security and Network Infrastructure for national retail organizationProvisioned and managed national network of Corporate HQ with 17 T1 connections, two co-location sites, and 56 remote retail locations.• IT project management: Corporate WAN upgrade from single private T1 to a 4xT1 ATM IMA connection, two Enterprise ISP transitions, server upgrade/consolidation, desktop refreshment, asset management, Sarbanes-Oxley and Cardholder Information Security Program (CISP/PCI DSS) remediation.• Oversaw IT supplier management and external partner EDI integrations

• System administration of a heterogeneous 250+ node network with separate corporate, Development, QA, and Production environments.• Setup and maintained corporate and co-located network of servers (e.g.- DNS, NIS, Amanda based backups, IP-SEC VPN, firewalls, Ghost Server, Apache based web servers, ADP Payroll, and Oracle).• Implemented and supported Oracle based ERP solutions.• Managed migration and build-out of services to new SF headquarters and upgrade of co-location site.• Setup and maintained company policies and procedures.• Setup and maintained standardized installation images for Development, QA, and Production systems.

• System administrator for 20 node workgroup network running Windows 2000 Professional and Mac OS 8 workstations, with redundant Windows 2000 Advanced Servers.• Setup Windows 2000 AD environment including network shares, software depots, DNS, and DHCP services.• Setup and managed WAN & LAN connectivity.• Setup Ghost Server and standard installation images for student workstations.

• UNIX administration in a mixed 700+ node Windows/MacOS/IRIX/Solaris 24/7-production environment.• Trained junior staff, provided documentation for procedures, and submitted/tracked problem reports with vendors.• System administration of Veritas Foundation Suite for maintaining the backups of all UNIX and Windows NT workstations/servers.• Maintained internal DNS and NIS maps and LDAP managed user accounts.Software and hardware support of Pixar's SGI workstations, including an upgrade of all 300+ workstations from IRIX 6.2/6.4 to 6.5.• Render wrangling support, i.e. – performance monitoring of the Sun Enterprise 4500/5500 servers, tracking runaway Renderman jobs, and support for the main storage array servers• Animation support for SGI workstations, i.e. - product support for Maya, Alias Wavefront, Amazon, and Pixar's own proprietary animation software.• Supported network of Cisco 5500 Catalysts and helped implement fiber interconnect upgrade.