Responsible for all cyber security efforts across all corporate systems and networks. Lead a team that manages, implements and maintains the controls and processes to protect corporate information and cyber assets across 46 states. Provide expert guidance to key business leadership at all levels on strategic oversight concerning all aspects of Cyber Security. Assure implemented controls and processes align with security frameworks (20 CSCs and ISO 27000) and compliance needs (SOX, CIP and PCI). Perform personnel management functions, including but not limited to hiring, conducting performance appraisals, and coaching and developing staff. Provide ongoing assessments and audits of corporate systems and networks, lead the development of enterprise-wide cyber security program. Produce critical metrics for cyber security reporting functions utilizing automated metrics via a Governance, Risk, and Compliance platform, as well as other dashboards and spreadsheets utilized by Senior Management.Accomplishments include:• Build and manage Cyber Security Program• Manage Cyber Security personnel including direct and indirect reports• Implemented a Cyber Security Incident Response process• Implemented an Application White-listing process• Implemented a Governance, Risk, and Compliance platform• Implemented an automated Cyber Risk dashboard• Implemented a Multi-factor Authentication platform• Implemented a Security Information and Event Management (SIEM) platform• Implemented a Vulnerability and Threat management process• Manage third party MSSP and other engagements for product implementations and security assessments• Consult with Information Technology, Operational Technology, Audit, Human Resources and other business lines

Responsible for the development, implementation and management of a corporate Information Security Program that assures compliance with applicable laws and regulations (GLBA and FISMA). Translate regulatory requirements into guidance for business processes and associated technology in accordance to common standards/frameworks (NIST, ISO, and 20 CSCs). Lead all Information Security efforts across all corporate systems and networks. Responsible for all Information Security Governance processes.Perform personnel management functions, including but not limited to hiring, conducting performance appraisals, and coaching and developing staff. Provide ongoing assessments and audits of corporate systems and networks. Lead the development and management of the Information Security Program. Produce reports and metrics for Senior Management and Board of Directors.Accomplishments include:• Developed and maintained technical and operational policies, procedures, standards and guidelines • Manage Cyber Security personnel including direct and indirect reports• Implemented a Risk Management Program • Implemented a Vendor Management Program • Implemented a Business Continuity and Disaster Recovery Program• Implemented a Vulnerability and Threat Management Program• Conducted security assessments, performed gap analysis, recommended and implemented solutions to reduce risk• Performed and managed internal/external security assessments and penetration tests• Implemented a Security Information and Event management platform (SIEM)• Implemented an Incident Response Program • Consultant and subject matter expert on information security topics• Implemented an Information Security Awareness Program

Lead analyst for all information security efforts across all corporate systems and networks to assure the confidentiality, integrity, and availability of information assets, systems, and networks. Responsible for selection, implementation, and management of security controls and processes including but not limited to admin privilege control, application security, incident response, intrusion detection (network and host based), malware prevention and detection (host and network based), operating system hardening, patch management, penetration testing, policy, risk management, security information and event management (SIEM), and vulnerability scanning and management.Provide leadership to other Security and IT staff. Coaching and mentoring staff on security processes and practices. Provide consulting to management, staff, and other business personnel. Provide ongoing assessments and audits of corporate systems and networks. Produce reports and metrics managers.Accomplishments include:• Implemented security standards and controls on systems to harden them from threats• Ran a Vulnerability and Threat Management Program• Conducted security assessments, performed gap analysis, recommended and implemented solutions to reduce risk• Performed and managed internal/external penetration tests• Implemented and managed a Security Information and Event management platform (SIEM)• Developed SIEM reports and responded to alarms raised by the system• Implemented and managed an Incident Response Program• Performed forensic investigations on suspect or compromised systems • Consultant and subject matter expert on information security topics• Maintained technical and operational policies, procedures, standards and guidelines • Managed an Information Security Awareness Program

Various tasks implementing and managing technology and security for agency networks and systems. Leading and mentoring technical teams. Managing projects and staff. Planning and budgeting to meet agency objectives.

Various tasks implementing and managing secure communications, networks, and systems. Leading and mentoring various teams to accomplish mission requirements.