Manage Information Assurance efforts for selected systems supporting national infrastructure.Serve as Information Security DSME to system managers and mentor second level engineers.

Revamped graduate-level Cybersecurity Capstone course, adding a risk assessment capstone project, and update the course annually to reflect current cybersecurity topics, threat models, as well as CISSP CBK as amended.Refresh content for Ethical Hacking, and System Infrastructure and Lifecycle Management courses annually, prior to teaching for the upcoming semester.

Teach cybersecurity (CEH, CISA, CISM, CRISC, CISSP, Security+, ), ITIL, and project management courses, in-person and on-line. Customers ranged across defense, government, healthcare, financial services, telecommunications.Customized content as needed to meet client needs, optimizing time in classroom, expediting return to their workplace with education that aligned to business needs.Consistently received high satisfaction scores from students, leading to repeat sessions.

Developed Information Security Program for $7.2b credit union, to address FFIEC requirements and NCUA examinations, collaborating with system owners to align business processes to regulatory requirements, and maintain risk to senior management agreed-upon thresholds.Worked with business owners to determine processes and metrics to periodically monitor KPIs, KRIs, and risk trend(s), aligning business objectives and security directives.Developed reporting methodology, reporting cybersecurity and privacy metrics to senior management.Implemented Third Party Risk Assessment Program for all technology vendors, and implemented processes for business units within the credit union to identify new vendor and service providers, prior to contract-signing, enabling audit team to have a means to access these vendors and service providers. Mentored security analysts on the security team, and fostered cross-team collaboration, establishing partnership with infrastructure and development teams, reducing costs while enhancing capabilities.Participated in Jack Henry (Symitar) and FS-ISAC Community Institution and Association Council working groups, and presented at FS-ISAC and RSAC conferences.

Performed gap analysis, privacy, risk, and third-party service provider assessments utilizing varied frameworks.Created audit methodologies and approaches to resolve client issues within compressed timeframes.Collaborated with business units to identify additional threats and risks, validate exploitation likelihood, and facilitate project plan(s) to remediate findings to close the security program gaps.Drafted policy, program(s), remediation project plan(s) to address security and risk issues for organizations, based on their chosen framework or business, to enable these business units to successfully pass other third party engagements (SOC1/SOC2).Reviewed people, process and technology controls by working closely with the following Information Security Frameworks:PCI DSS 3.2NIST CSF and 800-53/171ISO 27002:2013CIS/SANS Top 20HIPAA/HITRUST

Adjunct Faculty in Healthcare Technology degree program courses, developing and delivering courses on healthcare technology, as well as the Health IT Workflow Process, to lead to the successful deployment of technology to meet public health outcomes.

Revamped a pharmacy benefits organization’s Information Security program, leading to their winning of the contract with a major retailer using a ISO framework.Performed and managed risk and vulnerability assessments using HITRUST CSF or NIST 800-53, and penetration test, projects, drafted remediation roadmaps, and managed corrective action project plans.Managed and mentored Information Security Analysts.Participated in HIMSS Security Working Group, and presented at local and national HIMSS and IAPP events.

Taught courses in Management of Information Systems, and Introduction to IT Security

Creating course material, delivering course material for certification boot camp programs as well as online webinars.

Deliver on-site training, specializing in security subjects such as CISSP, CEH, CISA, CAP

Delivering training to corporate clients in the NY/NJ region.

Taught courses including Career Portfolio Strategies, Microsoft Desktop Operating Systems, and Networking Standards and Protocols.

Deliver week-long boot camps for vmware ESX and vmware View.

Taught Windows 2003 MCSE Track, CIW programs, CompTIA A+ and Network+ programs.

Reviewed threats, vulnerabilities, and provided recommendations to operational and business units within Munich Re and Munich Re America.Performed security audits to verify compliance with security policies.Wrote scripts and managed systems to monitor servers and applications using Load Management tools including NetIQ AppManager, HP Network Node Manager, Openview Operations, Microsoft Operations Manager, Mercury/HP LoadRunner. As Configuration Manager, led successful effort to implement HP Service Manager in effort to move towards following ITIL best practices. Administered databases under SQL 7.0, 2000, 2005.Support Exchange 2003/2007 and SharePoint, application and access security issues.