Co-owner in start-up and ultimate sale of five retail businesses • Created financial scenarios, contracts, evidence and supporting documentation to support sale of boutiques • Implemented and maintained three different point of sale systems (QuickBooks, ShopKeep, Shopify) across multiple locations• Provided technology support and trouble-shooting to resolution• Owned financial oversight and reporting responsibilities – state franchise reporting, payroll and sales taxes, etc.• Developed training and user resolution procedures to empower employees to resolve common issues• Executed all back-office activities – inventory management, receiving, vendor returns, inventory counts, on-line order processing and shipping, etc.)

Responsibilities:Hired to build and operationalize the Cyber Security Governance, Risk and Compliance program from ground zero. Led a distributed global team of 50+ and over $4M non-HR related budget in all aspects of technology risk management - technology privacy program (GDPR, CCPA, Schrems II, etc.), data protection and governance, 3rd party risk, risk assessment methodology, risk universe, policy/standard creation, management, enforcement and exceptions, SOX preparedness, SOC1 and SOC2 reporting, global ISO27001 customer audits, vulnerability management, mergers and acquisitions and security awareness.Major Accomplishments: • Built complete Data Protection Program while reducing overall cost ($1.2m annually) of the program and minimized end-user disruption – encompassing both structured and unstructured data. 55,000 endpoints, all corporate cloud and on-prem storage• Automation and leveraging GRC solutions across multiple business partners in the organization to maximize transparency and minimize cost.o Risk Assessment Methodology established – used by Cyber GRC, Internal Audit and Legal Compliance. Consistent issue management. Minimize duplicate testing.o Vendor Risk Management – used by Cyber GRC, Sourcing, Legal Privacy and vendor owners in the business (Top 125 vendors monitored daily)o Data Management – used by entire organization to meet data classification and data handling policies and drive data retention reduction activities• Global Data Privacy program established for Technology to meet Legal Compliance, country laws and regulation obligations.o Privacy by Design stories embedded in developer epicso Privacy Impact Assessments (200+) to reduce ongoing privacy concernso Structured data assessments to validate existence and necessity of personal data

Responsibilities: • Directed six direct reports and $2.3M budget in all aspects of enterprise risk management, 3rd party risk management, business continuity, crisis response and compliance per Global Data Protection Regulation (GDPR) and PCI. Perform customer-facing reporting per HITRUST, SOC1, SOC2 and AOC.• Globally responsible for creating focused Cyber security Governance, Risk and Compliance strategies to exceed client and market needsMajor accomplishments: • Led organization through two public breach events to successful root cause analysis, notifications, client discussions, remediation roadmap development, data analytics and ultimate remediation completion.• Organized entire GDPR compliance program for over 400 applications in an environment with significant personal data collected.• Built customer compliance reporting program to drive communication of improved Cyber Security program.• Established risk program and risk universe building automation in existing solutions to drive accountability and improvement in risk profile globally.• Automated vulnerability reporting, accountability and inclusion in change management protocol to ensure remediation.

Started and operated this firm to deliver full range of IT and operational support services to area businesses and nonprofit organizations. Deployed expertise in work scope definition, resource allocation, program implementation, system startup and creative troubleshooting.* Succeeded in opening new retail boutique location and set up POS system and back-office accounting system for chain of family-owned retail stores.* Spearheaded creation of five-year economic development plan for Oklahoma Native American Tribe, including future investment strategies and ongoing employment opportunities per long-term tribal mission.* Personally designed and introduced IT control structure as part of client’s IPO process.

Rehired to form and lead teams of up to 80 professionals and multimillion dollar budgets in managing multiple risk engagements. Concurrently acted as Resource Manager for 140-person Southwest Region, optimizing utilization (85%+) and profitability. Personally handled portfolio of over 50 clients with maximum interaction and clear communications. Established and maintained internal IT Risk Universe to achieve baseline for control environment expectations. * Served as Area IT Effectiveness Leader and guided over 20 IT organizations to better IT alignment with business goals, govern critical processes and pilot continuous improvements.* Deployed as IT Partner to manage $20M engagement with global private equity firm to ensure IPO readiness, SOX preparedness, business continuity, internal audit, risk analysis and business process improvements.* As IT Lead, coordinated multiple IPO readiness efforts for clients, including regulary assessment, internal controls and ongoing compliance.* Selected to supervise Dallas Kimball School College Program, a two-year initiative to prepare students for college; also participated in numerous university recruiting events and interviews.

Managed multiple important IT/Business projects from inception to completion, handling all external audit activities related to the IT environment. Directed IT control environment engagements to significantly improve the quality of IT service to the business. Projects included:• Dynamically led organization–wide team in worldwide preparation and conversion of entire organization to more stable, duplicated IT environment. Ensured success by performing pre and post–implementation reviews of duplicated environment and coordinating integrated testing of duplicated environment prior to go–live.• Achieved company transition from centralized warehouse model to regionally–based model. Work scope also included warehouse re–model and application re–design to achieve improved efficiencies.• Led C–level reporting of IT performance.