I am a cancer survivor, and wanted to take some time to focus on my health, improving my fitness and nutrition. I also traveled with my husband, who teaches geology and environmental sciences. We toured around California on his Harley, visiting geologic formations created tens of thousands of years ago, a volcano that last erupted in 1921, and forests ravaged by wildfires in the last few years. We also visited San Salvador Island in The Bahamas to do some environmental field work, and scope locations he will bring students to for a class next spring. I worked with my son, who was struggling with high school, to find an alternative educational path. I am proud to say that he passed his high school equivalency exam and is now happily taking college classes.

ScaleSec is a professional services company building security and compliance programs for enterprise cloud in AWS and GCP. As a consultant, I helped many clients create or improve their security and compliance programs. I worked with companies ranging from cloud native startups still in stealth mode, to Fortune 500. At the start of each engagement, I performed gap analyses for ISO 27001, SOC 2, and/or FedRAMP implementations, including documentation reviews, architectural reviews, and interviews with management, development, operations, and security teams. I worked with the client executive team to understand business goals and define business case for pursuing target frameworks.Once the framework was selected, I managed security and compliance program development, creating schedules, assigning tasks, managing dependencies, monitoring progress, and reporting status to clients. I worked very closely with the clients to develop risk management, security training, business continuity planning, incident response, secure software development, and configuration management programs built on the clients' current processes and business goals. I developed policies, and controls that ensured the policies were followed.Once these program were in place, worked with the clients and their third party auditors to ensure the audit went smoothly. I performed an initial audit, so that the clients' team would understand the type of questions asked and how to respond. I helped the third party auditors gather evidence and answered their questions on any unfamiliar technology.

CliniComp, Intl. is a global provider of Electronic Health Record (EHR) hardware, software and support solutions. As Cybersecurity Manager, I reported directly to the CEO, and led a team of three security engineers and analysts. I developed corporate security policies, based on business goals and requirements from HIPAA and NIST. My team was responsible for managing the information security requirements of customers such as the Department of Defense and the Veterans' Administration, including compliance to HIPAA, DoD DIACAP/RMF, FISMA, NIST and others. I led the DoD accreditation effort. This not only included the healthcare information management system, deployed to facilities around the globe, but also a DoD network enclave that supports the system. I led an internal audit in preparation for DoD customer audit. I planned, prioritized, and scheduled remediation efforts for findings. I worked with DoD program office and auditors during the assessments. After the assessments, I updated documentation, and reported to the customer status of findings and remediations.

Excentium is a cybersecurity professional services company focused on customers in the public sector. As a Cyber Security Program Manager, I led a cybersecurity team consulting to healthcare companies with Federal, Department of Defense, and commercial customers, as well as monitoring staffing, schedule, and performance. I presented research, recommendations, findings and assessments to clients' HIPAA Compliance Officers, General Counsel, and Executive Leadership. I supervised the testing and documentation updates of the DoD systems for security assessments. I managed the implementation of an alternate computing facility, so that the client could manage assets on hospital and clinic networks in the event of an emergency at the corporate office. I worked with the client and their government sponsor to improve the vulnerability reporting and management process.

Booz Allen Hamilton is a management consulting firm. As an Associate, I was responsible for managing tasking, staffing, funding, and performance of cybersecurity projects for U.S. Navy (SPAWAR) and NASA. Projects included deployments of public key infrastructure, cryptographic products, electronic key management systems, computer network defense, cross domain solutions, and vulnerability management solutions. I interviewed, hired, and trained new employees for my team. I wrote and presented performance assessments for colleagues or employees that I supervised. I also was the Compliance Lead for multiple proposal efforts across the world, ranging from $200k task orders to $250 million multiple award contracts.