Full time Information Security leader for various companies in industries such as banking, lending, commercial real estate industry, financials, critical infrastructure, and healthcare. Senior Information Security leadership overseeing effective teams dynamics impacting the security of both small and large (35,000+) regional and global employees. Hired as a vCISO on critical assessments and regulations such as NIST, ISO, HITrust, FedRAMP, SWIFT, PCI DSS, and others. Privacy for CCPA and GDPR. With backgrounds combining my expertise in information technology, program and people management, and with diverse technical experience balanced with business systems I was able to transform the organization. I'm a frequent industry speaker. Credentialed security evangelist known for developing and implementing new and effective technologies and/or processes to match identified needs. Innovative and strategic leader, consistently pursuing new challenges in a collaborative fashion to solve business problems while maintaining security. High work ethic and passion, but tenured to cost effective and highly adoptable business processes.Specialties: M&A, Contract negotiation and vendor/client/supplier management, Policy and procedure development, security program design and management, SOC development, Workforce education and training development, Enterprise risk management, Risk analysis and vulnerability assessment, Budgeting, Business continuity planning and program management, Disaster Recovery, Auditing and Security control design.

MasterLock / Sentry Safe CISO & IoT & ICS IT Security Director - Regulatory/compliance requirements such as SOX, SOC2 type I II, ITIL, ITSM, COBIT, SSAE-16, NIST 800, ISO 27001, NIST, PCI DSS, and EU PRIVACY GDPR.Led implementation and managed security policies, standards, and hardening guidelines for Network, infrastructure, Industrial Control Systems, Internet of Things and Operational Technology. Assessed current protection level of the network, infrastructure and Industrial Control Systems and the compliance of these assets related to company policies, industry standards, customer expectations, threat intelligence, and applicable legislation. Supported projects, assessed the effectiveness of the security of the network, infrastructure and Operational Technology/Industrial Control Systems environments, and involve stakeholders during implementation and management of solution strategy for detected security problems. Protection and security of the following (Network devices, networks, data-centers, Industrial controls and infrastructure surrounding) ► Past Accomplishments:• Delivery of infrastructure & applications / 100% digital business model• M&A separation/integration• Restructured Product Security Development, Services & Operations organizations to optimize delivery execution, achieving results with 25% less headcount. Improved attrition from 40% to 4%.• Transitioned legacy product and clients to a new multi-tenant platform that combines a cloud-based SaaS backend layer with a PaaS-based webstore interface layer.►Value Propositions:Passionate about execution and delivery of a quality product & service. Meeting customer commitment and desired results is priority one for my teams. Effective management of expectations and risk are paramount to achieving viable solutions.My blend of business acumen and technical breadth allows me to effectively navigate challenges and opportunities in dynamic companies.

Senior Manager with extensive operational and technical experience applying IT security, compliance and governance within the healthcare organization under frameworks such as PCI-DSS, HIPPA, ITIL, NIST, ISO, and HITECH. Tasks included the management of: Information Security Compliance, Information Security Governance, Incident Response, SIEM monitoring, Risk Management Vulnerability Testing, and Penetration Testing Projects.

Tackled various short-medium term contracts working my way through graduate school with critical responsibilities of assessing and providing effective Information Technology and networking and system security recommendations for their organization. Worked through various IT consulting firms such as TEKsystems and Encadria.