Lead the development and implementation of enterprise-wide cyber security governance, risk management, and compliance strategies to ensure adherence to regulatory requirements, mitigate risks, and protect organizational assets.

Defined, implemented, and led the Governance, Risk, and Compliance function within Cyber Security.

Analyzed and consulted on security terms for client and supplier contracts, assessed suppliers, and contributed to pre & post sales client engagements• Mitigated risk by negotiating over 30 client contract and supplier security terms and conditions, meeting or exceeding corporate and business standards• Redesigned the Information Security Request Service Offering in support of sales force RFXs. Updated strategy, coached and mentored the sales support team of 14 on information security, standardized over 75 questions/responses database, delivered key service metrics and reporting, increased response accuracy by 80% and reduced delivery time by 40%• Conducted supplier security risk assessments, using a risk-based framework enabling the business to manage and monitor the potential risk of a supplier• Hand-selected to participate on multiple client account “SWAT” teams to eliminate contractual non-conformance. Drove the Service Organization Controls (SOC) assessment at a “Big Five” Canadian bank, implemented the Security Incident Event Management (SIEM) capability for over 100 servers within a Fortune 500 global consumer product client’s infrastructure, remediated over 95% of the non-compliance vulnerabilities in the server environment for a Fortune 50 consumer goods company.

Spearheaded the global Cyber Security team to identify, assess, and mitigate cyber security risks to acceptable levels• Produced and executed a full lifecycle program, including the initial due diligence, risk assessment, deal budget, integration or separation plan, and remediation plan and resolution. Proposed security products sold externally to innovate and drive change• Guided and coached large global-matrixed security team on 25 plus global engagements delivering on time, within budget to an acceptable risk tolerance level • Acted as the Cyber Security principal on the Global Corporate Development Steering Committee, coached on the value and importance of Cyber Security and potential deal risks to over 10 cross-functional leaders• Identified and communicated critical deal-specific business security risks to the corporate CISO, C-level executives, and cross-functional principals along with a proposed risk mitigation plan• Implemented a Cyber Security M&A playbook that guided the team on restructuring plans, tools, processes, and solutions that drove efficiencies and increased security posture

Served as a trusted advisor, confidant, leader and complex problem solver to the VP of the Global Business Security organization• Orchestrated and delivered the business plan for a newly formed team of 25+• Developed organization mission and charter, defined roles and responsibilities and enhanced organizational structure. Recognized as the “glue” that held the team together to drive decisions and objectives • Led the HP Software Security team in an interim role providing leadership and direction for 11 compliance professionals• Directed the annual strategic business and portfolio planning, created workforce plans, managed a $2M budget and facilitated monthly review sessions with directors to ensure achieved of strategic objectives

Responsible for the execution and operation of a new corporate global inter-business units CISO Council program• Implemented and facilitated a new corporate inter-HP CISO Council promoting cross-collaboration, integration, and transition toward a “One HP Security” vision, gaining efficiencies, reducing cost and increasing productivity

Information security partner to the HP Enterprise Services and Global Functions IT CIOs and their direct staff. Counseled executive leaders on cyber security risk, corporate policies and standards, threat vectors, application security and aided in producing risk remediation plans to increase security awareness and reduce business risk• Reduced vulnerability risk by 30%, driving compliance activities on over 275 corporate and business unit applications• Delivered open and meaningful briefings with senior management on relative risks associated with the business sectors to improve the risk posture • Communicated security issues and vulnerabilities, and associated recommended remediation plans, to the CIOs and leadership using scorecards

Developed and implemented an Endpoint Security Services three-year strategy and technology roadmap using best practice methodologies, improving the corporate security posture• Proposed over 16 projects, engaging 56 cross-company resources, advancing the security on endpoint devices

Accountable for the strategic direction, planning, assessment, and development of the internal encryption service offering• Led a global 25+ matrixed team that planned, developed and deployed the first global enterprise-wide encryption solution for over 330K devices, maintaining compliance levels of over 95% • Produced a service offering playbook, executive-level compliance dashboard and successfully implemented a standardized service operating model

Executed a portfolio of interrelated high-visibility corporate-wide security initiatives (HIPAA, Encryption, Data Loss Prevention, Personal Firewall), deploying solutions to over 150,000 global users and increasing the overall corporate security posture. Managed a $2.5M budget within a 2% variance