Work directly with business units to facilitate IT risk assessment & risk management processes, & work with stakeholders on identifying acceptable levels of residual riskCreate a framework for roles & responsibilities with regard to information ownership, classification, accountability & protectionDevelop & enhance an information security management framework using appropriate elements from: International Organization for Standardization (ISO) 2700X, ITIL, COBIT/Risk IT & National Institute of Standards & Technology (NIST)Provide strategic risk guidance for IT projects, including evaluation & recommendation of technical controlsLiaise with IT architecture team to ensure alignment between security & enterprise architectures, coordinating strategic planning implicit in se architectures. Coordinate information security & IT risk management projects with resources from IT organization & business unit teamsCreate & manage a unified & flexible control framework to integrate & normalize changing requirements resulting from global laws, standards & regulations. Ensure that security programs are in compliance with laws, regulations & policies to minimize or eliminate risk & audit findingsLiaise among information security team & privacy, corporate compliance, audit, legal & HR management teams as requiredDefine & facilitate information security risk assessment, including reporting & oversight of treatment efforts to address negative findings. Manage security incidents & events to protect corporate IT assets, including intellectual property, regulated data & client's reputation

Spearhead business and technology partnership in process redesign to achieve business needs and establish application delivery roadmap.Collaborate with executive business and technology stakeholders, industry leaders, and trusted colleagues on roadmap status and issues.Direct high-performing teams in delivery, reporting and risk mitigation of roadmap priorities with precision communication of strategy throughout the project life cycle.Provide exceptional oversight to Vendor network, comprising project management, development and business analyst resources in the end-to-end execution of project deliverables.Lead core management team that drove adoption of Agile utilizing the Scaled Agile Framework (SAFe).Uncovered and introduced groundbreaking system efficiencies that slashed annual costs and led to dramatic increases in productivity.

Consolidated three corporate headquarters into a central facility. Saved $1.4M in redundant expenses.Cut security risk by 70% by implementing company-wide Principle of Least Privilege policy. Saved $1.5M in yearly remediation.Responsible for the various companies' security and compliance operations as required to meet obligations under HIPAA.Develop and implement the overall HIPPA policies and procedures for companies.Develop organizations Business Continuity Plan including driving annual tabletop exercise.Implemented a managed security services program to ensure the appropriate monitoring and alerting required to secure our PHI environments.Develop the overall strategy for moving operations from a private cloud to Amazon Web Services.Report to the Board of Directors the operational risk position for organizations as the Compliance Officer.Coordinate with client security organizations to ensure an effective response to any incident which may impact the confidentiality, integrity or availability of data or system capabilities.Developed IT strategy for a business with $15M in annual revenue that grew revenue by $1.3M per year.Led an Agile team of 12 IT managers and 42 IT specialists.