Experienced, highly trained professional providing guidance, advice, and hands-on support on all aspects of cybersecurity, from developing a comprehensive strategy to implementing innovative technologies.Strategic advisor on cybersecurity initiatives and policy development, lead incident response efforts in the event of a breach.Extremely well-versed in business risk management and have a keen understanding of the ever-changing threat landscape.Key areas of expertise and major focus areas:• Cybersecurity Strategy Development: Lead the development of the organization’s cybersecurity strategy, which includes identifying, analyzing, and mitigating potential information security risks.• Policy and Procedure Management: Develop, implement, and update information security policies and procedures, ensuring that guidelines align with industry regulations and the organization’s overall risk tolerance.• Risk Management: Responsible for conducting regular security risk assessments, compliance audits, and managing the implementation of risk mitigation strategies.• Training and Awareness: Ensure all staff are educated about cybersecurity threats, develop and oversee the delivery of a comprehensive information security awareness and training program.• Incident Response: If/when security incidents occur, coordinate the response ensuring quick and effective remediation, and minimizing damage.• Vendor and Partner Management: Evaluate third party service providers for their security practices and ensure the data shared with these external entities is protected.• Regulatory Compliance: Ensure the organization stays in compliance with the ever-changing local, state, national, and international cyber security regulations.• Budget Management: Oversee cybersecurity budgets. • Metrics and Reporting: To help the organization understand its security posture, measure, analyze and report on key security and compliance metrics.

Overall responsibility for Information Security and Compliance, with a focus on HiTrust, SOC2, SOX and compliance with FTC order. Key focus areas:- Risk Management- 3rd party vetting / security reviews- Cyber Security program- Privacy and Security Awareness training- Policy / Procedure development and compliance- Audits / Assessments / Remediations for SOX IT Controls, SOC2, HiTrust

Overall responsibility for the Information Security Strategy of $1B global-scale logistics, facilities management, and advanced professional and technical services contractor. Supported 5,000 IT users across 50+ projects in 25 countries, within a highly complex operating environment and IT footprint. Partnered with the Executive leadership team to support strategic initiatives to drive growth while managing corporate risk portfolio.Key Achievements:• Developed enterprise cyber security program from the ground up to ensure overall protection of assets and compliance to regulations and required standards, to include all required policies and procedures.• Developed internal cyber security auditing program to ensure continued compliance to required standards. Conduct internal audits to the following standards: ISO 27001, NIST 800-171 and CMMC.• Achieved ISO 27001 and 20000 certifications in 8 months to support a critical business initiative. Achieved perfect score on US Government assessment of NIST 800-171 compliance.• Led evaluation, selection, and implementation of the following tools/solutions: SOC-as-a-service, GRC, vulnerability management, web filtering, malware defense and mobile device management. Implementation of cyber security tools drove overall risk down and increased leadership, board, and customer confidence.

Overall responsibility for the IT strategy and operations of $1B global-scale logistics, facilities management, and advanced professional and technical services contractor, supporting 5,000 IT users across 50+ projects in 25 countries, a highly complex operating environment and IT footprint. Lead a team of 35 and a $10M budget. Delivered results in all areas, specifically:Key Achievements:• Drove system consolidations to reduce overall IT spend on all aspects of IT from licensing to on-going support and maintenance. • Instrumental in planning and execution transition from a wholly owned subsidiary to a standalone company. This included replacement of multiple mission critical systems that were retained by the parent company. Project was completed ahead of schedule by 3 months and 24% under budget.• Successfully managed vendor relationships and reduced overall software maintenance spend by 45%.• Developed centralized data center operation to deliver applications across the globe to include remote austere locations via an internal SaaS type solution.• Fostered an environment rich in innovation, best practices, and process improvements.