IT Cybersecurity leader that is passionate about safeguarding data and ensuring regulatory compliance. I lead with integrity.

• Development, implementation, and management of IT/IS standard controls, procedures, and guidelines for the enterprise.• Perform internal assessments, audits and monitor security compliance to IT Standard Controls ensuring adherence to industry and governmental regulations.• Regularly monitors, manage and addresses IT/IS risks for the organization.• Manage compliance and security platforms.• Conducts application security assessments for new and existing technology solutions.• Establishes application security controls, roles, SOD’s, and entitlements for enterprise business solutions.• Ensures security compliance and meets all service-level agreement requirements.• Continuous review of organization risks to the business and offer resolution approaches.• Assists IT/IS leadership in prioritizing projects to address risks, articulating best practices, budget and technology needs.• Reports security performance against established security metrics daily, weekly, monthly• Reviews access control for key systems• Manages annual or ad hoc security audits and related findings, including risk register.• Manages IT/IS vendor relationships for third party security services and platforms.• Monitors IT related security training, communication, and education.• Manages mobile device and hardware security, in partnership with cybersecurity and infrastructure teams.• Manages architecture and infrastructure security in partnership with application and I&O teams.

I build custom pool cues as an artistic outlet to my technical job. It's a hobby.

• Provides technical assistance and oversight to customers on issues regarding cyber security.• Assists in the creation, review and implementation of processes and procedures surrounding incident response, computer forensics, and malware analysis.• Threat and vulnerability management duties; Conducts vulnerability scanning, security log analysis, and root cause analysis.• Assists in the development of policies, standards, procedures and guidelines.• Conducts cyber security audits and network scans against critical digital assets.• Works independently to identify, evaluate, conduct and schedule cyber security functions to ensure all applicable cyber security requirements are met.• Conducts cyber security assessments to include impact and gap analysis.• Participates in rotating 24/7 on-call schedule duties.

• Lead Cyber Security Initiative to assess Process Control Network environment• Provide technical assistance and oversight to customers on issues regarding cyber security• Assist in implementing processes and procedures surrounding incident response, computer forensics and malware analysis• Architects, designs, evaluates and integrates information security infrastructure solutions• Assists in the development of policies, standards, procedures and guidelines• Oversees the response to cyber security audits, network scans and penetration tests against critical digital assets• Conducts cyber security assessments to include impact and gap analysis• Work independently to identify, evaluate, conduct, schedule and lead cyber security functions to ensure all applicable cyber security requirements are met• Threat and vulnerability management duties; vulnerability scanning, root cause analysis, threat correlation, penetration testing, security log analysis• Provide project manager responsibilities• Managed Security Service Provider (MSSP) fulfill 24/7 on-call support duties on a rotating basis

• Plan and perform IT vulnerability assessments and SOX compliance programming including security reviews of operating systems, applications, general controls, infrastructure, system development, data center, and contingency planning/disaster recovery reviews. Interface with the financial and operational business units to perform integrated risk assessments and technology internal control reviews.• Develop recommendations for corrective action and suggestions to improve operating efficiency. Successfully communicate and articulate information to all levels of management, associates, and internal clients. Review all recommendations with the appropriate management personnel. Inform Executive Management of major risk and vulnerabilities, or violations of Corporate Policy.• Worked with Corporate Legal to establish a 3rd party compliance program, including routine assessment. Identified standard language to be included in all IT service contracts. Performed routine compliance reviews for all high risk vendors to ensure sensitive company data is adequately protected. • Determine purpose and scope of each assessment in line with corporate policy and internal department objectives by assessing risk factors, key controls activities, and other pertinent information. Establish follow-up schedule for major assessment findings and worked with operation teams to achieve compliance.• Undertake responsibility for special project work such as new system and application consultation and assistance in the development and maintenance of internal control practices and methods.• Lead security teams and managed projects using ITIL best practices. Assisted in training and development of new team members.• Assisted the Chief Information Security Officer in the establishment of corporate policy and an information security awareness program.