As a Virtual Chief Information Security Officer (vCISO), I seek to help guide our clients with their security programs who need assistance with security leadership. I provide input in the development, enhancement, and delivery of our client’s growing Cybersecurity practices. I serve as the executive Cybersecurity resource for our clients who do not require a full time CISO, but still have the need for executive expertise within cybersecurity. Alternately, this role may serve other organizations in transitional stages with the need for an interim CISO.Responsibilities:Be the designated executive Cybersecurity resource for our clients.Work with clients to develop their cybersecurity programs, identify and propose prevailing Cybersecurity standards and best practices and provide leadership bringing those programs to fruition.Regularly report to client business executives on the status of their information security program.Regularly liaise with the client for regulatory and compliance related standards.Guidance and oversight for continual assessments (vulnerability, risk, and penetration testing), helping to prioritize the results to mitigate risk.

Started Sentinel Cybersecurity as an Information Security consulting organization. Worked towards meeting growing demand for security guidance, with a focus on administrative, physical, and technical areas.Key Accomplishments:• Developed cybersecurity strategy guidance aligned with the business strategy, and governance models for the oversight of cybersecurity programs and activities• Created a cybersecurity risk assessment process and templates to identify, assess, prioritize, manage and monitor cybersecurity risks• Developed identification methodology for critical business functions and mapped to critical information assets• Developed information security policies and procedures• Created a Business Impact Analysis (BIA) to determine recovery requirements• Developed Target Operating Model (TOM) with associated roadmap, processes, manual templates, and defining risk quantification methodologies• Developed assessment for customer data handling processes; core project/ program management processes, including people, processes and IT. • Developed assessments for ISO27001/2, NIST CSF, HITECH, HIPAA, PCI • Created executive and tactical reports for senior stakeholders

• Implemented program for risk management, information protection, and security assurance of information assets.• Championed, administered, and provided interpretation of Information Security Program policies/procedures to facilitate risk-based decisions by key stakeholders. • Developed information protection educational materials for role based training as well as board level program reporting.• Identified, established and maintained strategic relationships with key stakeholders to help increase maturity of Program throughout operational processes, projects, and other initiatives• Served as a key member of the IT leadership team and worked effectively with Facility Privacy Officials (FPO), Ethics and Compliance Officers (ECO), and other key decision-makers serving on the Division/Facility Security Committee.• Partnered with key stakeholders to assure facilities can respond timely to regulatory audit requests.

• Developed Information Security Program for all division facilities from initial program concept with no staff to mature organization with dedicated staffing.• Transformed IT governance structure to integrate security into business processes at all levels• Established processes for business units comply with security related regulatory requirements (HIPAA, SOX, PCI)• Partnered with IT colleagues to assure ongoing maturity of IT operational and strategic security goals• Initiated compelling communications with key stakeholders to launch information protection initiatives• Increased awareness and/or understanding of needed actions to correct identified information security risks• Oversaw integration of role-based training into facility operations and provided continuous monitoring to validate effectiveness.• Developed staffing and recruiting strategies with career development, mentoring and coaching, succession planning, and performance Management• Was actively involved in Human Resources recruitment, performance evaluations, and management of IT division staff• Ensured appropriate training and development programs utilized to attract, retain, and develop personnel required to support information security program• Oversaw and coordinated information security incident investigation and reporting• Coordinated with corporate departments and/or external entities (e.g., law enforcement) as required to facilitate rapid response• Partnered with FPO and/or ECO on cross-disciplinary incident investigation and reporting

• Configured facility core switches and router devices to provide device failure redundancy and WAN multilink dynamic routing services.• Lead network technical efforts within division for network design and deployment, and ongoing administration, including roll out of wireless "Guest Networking" for facilities.• Lead and provided training for team of technicians at each facility to oversee and manage their networking infrastructure.• Provided wireless surveying and deployment services for facilities which included wireless controller installation, configuration, and upkeep.• Developed and implemented network infrastructure performance monitoring and alerting solution.• Provided network solution consulting services for division facilities.• Coordinated network division efforts to integrate with enterprise strategies.

• Central designer and implementer for enterprise firewall managing system (Checkpoint Provider-1 system).• Provided diverse technical security expertise to Information Security team, including firewall-VPN architectural design and deployment, to intrusion detection and prevention efforts.• Provided training and mentoring for on-boarding of incoming security engineers in Information Protection department.• Provided security consulting services to corporate as well as field facility personnel• Designed, implemented, and administered corporate perimeter and internal security devices which allowed for an efficient and secure company infrastructure.

• General security related consulting to large corporate and financial businesses as well as providing consulting level expertise and guidance to clients on all levels, including technical and executive strata• Architectural development and design of security solutions for small to large-scale enterprises.• Assist sales staff with presentation of consultative services, projected technologies and interaction with executive, engineering, and administrative prospective clients.• Develop "Statements of Work" (SOW) for project development and implementation.• Regularly developed reports on various security related criteria for presentation of information to technical and executive audiences.• Security audits, focusing on device vulnerabilities, security policy analysis, and "Best Practices" development and documentation.

• Developed and expanded managed information security operations center methods, equipment, policies, and procedures.• Worked to monitor and maintain customer's secure infrastructure through support of information security assets - Firewalls, IDS, VPNs.• Provide auditing and reporting services to clients, customized for end point audiences, either technical or executive.

• Managed and maintained all aspects of IT operations for facility.• Developed and configured network routing and switching infrastructure.• Researched and developed implementation of protocol routing over satellite space segments• Implementation and management of email, file, and print servers infrastructure.• Provided end user PC support for staff as well as deployment of new staff IT assets.