CyberSecurity and IT / Third-Party Risk consultant focused on developing, enhancing and implementing CyberSecurity and IT / Third-Party Risk frameworks, programs, policies, processes and procedures, for large and small companies.• Developed and implemented a customized, NIST-based cybersecurity control framework, including an enhanced set of NIST-based policies, control standards and procedures, tailored to the firm’s business requirements and designed to ensure compliance with SEC regulations, while significantly improving enterprise-wide cybersecurity and quantifying and reducing associated cybersecurity risk. • Implemented an enhanced Third-Party Risk Assessment process featuring a risk-based controls assessment based on ISO 27001 and the SIG framework. Performed / managed dozens of Third Parties assessments on offshore and onshore vendors.• Led a GDPR Compliance Initiative following a significant international acquisition.• Implemented an IT Risk framework based on FAIR and AXIOS to quantify and reduce outstanding risk exposure and guide organizational decision-making processes.

Provided CyberSecurity, IT and Third-Party Risk consulting for a variety of Fortune 500 clients in Banking, Media, Healthcare and Brokerage verticals.• Designed and implemented a secure Virtual Desktop Infrastructure (VDI) featuring Citrix, for offshore third parties to connect to the internal company network. • Led hundreds of Third-Party risk assessments from MSA / SOW through findings remediation.• Led effort to improve the risk-posture of a major Media company by over 45% across 14 ISO control sets.• Conducted Cybersecurity Audits/Assessments based on AUP, ISO 27001, NIST.

Progressively increasing responsibility on a team driving the seamless redesign and automation of world-class CyberSecurity processes; implementing a framework of IT security policies and metrics; evaluating and implementing new, state-of-the-art technologies; and managing the operational security of a global Active Directory infrastructure.• Led major upgrade of firewall infrastructure, ensured smooth functioning of daily firewall infrastructure operations. • Managed and maintained a SIEM infrastructure featuring the centralized logging of server, firewall and application logs, and real-time alerting for suspicious activity.• Ensured the smooth functioning of Vulnerability Management and Incident Response processes.

Delivered IT-support services to small, mid-size companies in the NYC area.