Dynamic professional with a strong foundation in Information Security and recent success as a growth-focused Real Estate Investor, adept at applying analytical and strategic principles across both fields. Known for exceptional organizational skills, self-motivation, perseverance, and innovative problem-solving to consistently exceed goals. Highly effective in interpersonal communication and team leadership, excelling in collaboration with diverse individuals and professionals. Eager to leverage these multifaceted skills and return to a career in Information Security, offering a unique perspective and expanded expertise to the field. Successfully identified and acquired under-valued properties through detailed market analysis and strategic investment planning. Implemented data-driven renovation and management strategies that resulted in increased ROI for the property portfolio.

Led ongoing strategic planning and management of the Information Security Program to align with business objectives and regulatory requirements. Collaborated with cross-functional teams and supported leaders to provide security guidance and promote the Information Security Program. Took charge of the Governance, Risk, and Compliance program, achieving HIPAA, SOC2, and ISO 27001 internal and external audits and certifications. Significantly elevated the organization's cybersecurity posture, achieving a 98% security rating, a 30% improvement. Successfully implemented DevSecOps processes for the secure design, development, and delivery of the AWS cloud-native web and mobile applications.

Executed information security strategies to bolster an enterprise-wide Information Security Program, effectively mitigating risks to the organization. Oversaw the entire lifecycle of external and internal audits, including SOC2, HIPAA, PCI, and SOX, ensuring successful completion and implementation of mitigating controls. Played a crucial role in supporting application development by meticulously reviewing security controls and requirements throughout the Software Development Life Cycle (SDLC), encompassing security testing, code review and methodologies, developer training, as well as dynamic and static application testing.

Implemented information security strategies to bolster an enterprise-wide Information Security Program, effectively mitigating risks to the organization. Oversaw the entire lifecycle of external and internal audits, including SOC2, HIPAA, PCI, and SOX, ensuring successful completion and implementation of mitigating controls. Played a crucial role in supporting application development by meticulously reviewing security controls and requirements throughout the Software Development Life Cycle (SDLC), encompassing security testing, code review and methodologies, developer training, as well as dynamic and static application testing.

Spearheaded the creation of robust security solutions to safeguard the processing of Protected Health Information (PHI) and Personally Identifiable Information (PII), while concurrently streamlining organizational expenditures within security budgets. Furthermore, I provided mentorship and oversight to both security operations and help desk team members. My responsibilities extended to crafting and implementing security policies, processes, and procedures to uphold regulatory standards. I also administered IT controls and conducted comprehensive vulnerability testing and remediation measures to enhance application security. Contributions extended to providing comprehensive security support for large-scale deployments of critical applications, developing regulatory-compliant security policies, and overseeing the implementation of various IT controls. This included the administration of SIEM Log Correlation, Email Encryption, Vulnerability Management, Firewalls, Web filtering, Email filtering, Data Loss Prevention, Active Directory, Identity Management, IPS, Anti-virus, and more. Actively managed firewall access, remote access profiles, VPNs, and resolved related issues, conducted vulnerability testing and remediation, and contributed to improved application security through vulnerability testing for Quality Assurance (QA) teams. Furthermore, played a crucial role in responding to evidence requests from internal and external auditors, and efficiently managed service requests, security incidents, and change requests.