As the Global Head of Information Technology & Enterprise Security, I provided visionary leadership across IT infrastructure, cybersecurity, enterprise applications, business intelligence, and data management. Delivered strategic solutions that aligned technology, security, and data practices with business objectives while ensuring operational excellence and regulatory compliance.Key Responsibilities:Strategic LeadershipCybersecurity Program DevelopmentIT Infrastructure & Operations Management Enterprise Applications ManagementBusiness Intelligence (BI) & Data AnalyticsData Management & GovernanceRegulatory Compliance & Risk MitigationTeam Leadership & DevelopmentVendor & Stakeholder Management

A seasoned cybersecurity executive with extensive experience leading security and risk management initiatives in the medical device and healthcare industries. Proven expertise in safeguarding enterprise IT systems, medical devices, patient data, and intellectual property through the development of robust cybersecurity strategies and frameworks.Key accomplishments include building and scaling cybersecurity programs aligned with regulatory requirements such as HIPAA, HITRUST, FDA 21 CFR Part 11, GDPR, ISO 13485, ISO 27001. Adept at integrating security into product development lifecycles, ensuring compliance while driving innovation across healthcare and medical device platforms.Demonstrated a proactive approach to managing emerging threats, orchestrating advanced threat intelligence, incident response, and vulnerability management programs to mitigate risks effectively. Skilled in aligning cybersecurity objectives with business goals, fostering a security-first culture, and presenting technical insights in a business-friendly manner to executive leadership and boards of directors.

Led the global cybersecurity strategy with a specialized focus on securing mergers and acquisitions (M&A) activities. Oversaw the assessment and integration of acquired entities, ensuring seamless and secure transitions while aligning cybersecurity efforts with organizational goals. Developed and implemented security frameworks tailored to address risks inherent in M&A processes, including pre-acquisition due diligence and post-acquisition system integration.Managed risk assessments of target companies, identifying vulnerabilities, data protection gaps, and compliance risks. Collaborated with legal, finance, and IT teams to address cybersecurity concerns in contracts and negotiations. Designed and executed secure integration processes, ensuring business continuity and minimizing disruptions.Drove enterprise-wide cybersecurity initiatives, safeguarding IT systems, data, and intellectual property across a global footprint. Led incident response and risk management efforts, with an emphasis on crisis scenarios involving M&A activities. Maintained compliance with international regulations, including GDPR, CCPA, and ISO 27001, while navigating the complexities of global operations.Built and guided a high-performing security team, fostering expertise in threat management, M&A security, and compliance. Advised executive leadership on emerging cybersecurity trends and their implications for growth and innovation. Developed a culture of proactive risk management and security awareness across the organization.Demonstrated expertise in secure IT integration, regulatory compliance, and advanced threat mitigation. Delivered comprehensive security solutions that supported Culligan International’s strategic goals and ensured operational resilience during transformative M&A activities.

Led the development and execution of a comprehensive cybersecurity program with a focus on medical device security and regulatory compliance. Directed all aspects of information security, ensuring the protection of enterprise IT systems, product platforms, and patient health information (PHI) in a highly regulated environment. Designed and implemented security strategies tailored to the unique challenges of the medical device industry, aligning cybersecurity initiatives with business goals and innovation priorities.Established robust security frameworks to address vulnerabilities in medical devices throughout their lifecycle, from design and manufacturing to deployment and maintenance. Collaborated with R&D and engineering teams to embed security-by-design principles into product development, ensuring compliance with FDA cybersecurity guidance, EU MDR, and ISO 13485 standards. Led risk assessments and implemented safeguards to protect device integrity, data confidentiality, and interoperability within healthcare ecosystems.Oversaw enterprise-wide cybersecurity efforts, including threat intelligence, incident response, and vulnerability management, to mitigate risks to both IT infrastructure and connected medical devices. Developed and tested disaster recovery and business continuity plans to maintain operational resilience during incidents.Ensured compliance with industry regulations and standards, including HIPAA, HITRUST, GDPR, and NIST-CSF, and supported successful completion of audits and certifications. Partnered with legal, privacy, and compliance teams to address global regulatory requirements and emerging cybersecurity trends.Built and led a high-performing security organization, fostering collaboration across cross-functional teams to drive a culture of security awareness. Provided strategic guidance to executive leadership, articulating risks and opportunities related to product security, data protection, and evolving cyber threats.

Served as a strategic cybersecurity advisor to multiple organizations, providing executive-level guidance on developing, implementing, and managing comprehensive information security programs. Partnered with leadership teams to align security strategies with business objectives, ensuring risk mitigation and regulatory compliance across diverse industries, including healthcare, technology, and finance.Designed and executed tailored cybersecurity frameworks for clients, addressing specific organizational needs and regulatory requirements such as HIPAA, GDPR, SOC 2, and ISO 27001. Conducted risk assessments to identify vulnerabilities and developed actionable plans to enhance security postures, including policy development, security awareness training, and incident response planning.Provided expert oversight during mergers, acquisitions, and cloud migrations, ensuring secure transitions and minimizing business disruptions. Directed third-party vendor evaluations and implemented risk management strategies to secure supply chain ecosystems.Collaborated with internal IT and compliance teams to strengthen defenses against advanced cyber threats, leveraging expertise in threat intelligence, vulnerability management, and data protection. Led virtual incident response efforts, coordinating investigations, containment, and recovery strategies to address security incidents effectively.Acted as a trusted advisor to C-suite executives and boards, translating technical risks into business insights and presenting actionable recommendations to strengthen organizational resilience. Fostered a security-first culture within client organizations, equipping teams with the tools and knowledge to address evolving cybersecurity challenges.Demonstrated ability to deliver scalable, cost-effective security solutions, empowering organizations to achieve compliance, protect critical assets, and build stakeholder trust in an increasingly complex threat landscape.

Directed the design, implementation, and management of enterprise-wide information security and privacy programs, ensuring the protection of critical assets, sensitive data, and regulatory compliance. Provided strategic leadership to align security and privacy initiatives with organizational objectives while mitigating risks across IT systems, data platforms, and global operations.Led the development of comprehensive security frameworks and policies, leveraging industry standards such as NIST-CSF, ISO 27001, and GDPR. Oversaw data protection strategies, including encryption, access controls, and data loss prevention (DLP), to safeguard personally identifiable information (PII) and protected health information (PHI).Managed regulatory compliance efforts, ensuring adherence to privacy laws such as GDPR, CCPA, HIPAA, and SOX. Successfully guided organizations through audits and certification processes, establishing robust governance structures to maintain ongoing compliance.Directed threat intelligence and incident response programs, identifying and mitigating cybersecurity threats while coordinating investigations, containment, and recovery efforts during security incidents. Implemented vulnerability management practices to address risks across on-premises, cloud, and hybrid environments.Collaborated with cross-functional teams, including legal, IT, HR, and compliance, to embed security and privacy best practices into business processes and systems. Delivered executive-level insights and recommendations to leadership, enabling informed decision-making on cybersecurity investments and risk management priorities.Built and led high-performing security and privacy teams, fostering a culture of accountability and continuous improvement. Provided training and awareness programs to educate employees on security and privacy responsibilities, reducing organizational risk and enhancing resilience.