Supporting the enhancement of CyberSecurity and Privacy requirements for the MSC Cruises USA facilities and to promote Security and Privacy culture and awareness.

Leading Cybersecurity Education and providing hands-on teaching including: Introduction to Cybersecurity, Microsoft Security, Computer Networking, Linux, Cyber & IT, and Network Security, Risk and Threat Management.

RapidAscent provides a 17-week Cybersecurity Job Readiness Program, specifically designed for Active Duty Military, Veterans, and Military Spouses. Integrating the DoD SkillBridge. In collaboration with partners such as CityUniversity and Vets2PM, it offers immersive, hands-on virtual job training.

Responsible for execution and ongoing improvement of the organization’s Cybersecurity risk management program, designed to ensure that the company’s technology systems and data are adequately protected.

Supported the objectives and mission of the Global Cybersecurity Strategy, Governance and Compliance division, with a primary focus on leading and managing the creation of standards, processes and procedures to support global security policies and strategy initiatives.Primary objectives of the Cybersecurity Policy and Standards team include: • The development of new information security related standards, processes, and procedures and the development of security hardening and configuration standards for various platforms and technologies• Conducting security risk assessments and security architecture control reviews to ascertain overall compliance with global information security requirements (ISO27000, and NIST)• Working closely with Cybersecurity and GTS enterprise architects to provide security oversight for proposed global technology standards.

Manager with Deloitte's Cyber Risk Services practice, focusing on Security Program Development, Governance, Risk and Compliance Strategy. I managed assessment teams and provided guidance and technical mentorship. My primary clients are in the Life Science, Healthcare and Energy sectors. Secondary sectors include Travel & Retail. Typical projects included Security Program development, Incident Response Program development, Security Service Development and implementation of Next Generation EndPoint, and Threat Detection/Intelligence solutions.As a Cyber Risk Strategist I also focused on developing and delivering boutique governance and compliance assessment readiness services; designed to increase an organizations security protection, enhancing the current state maturity of client Information Security Programs by designing, building and piloting foundational security program management components and facilitating remediation of identified security priorities. This includes the development and sales of:* Security Program Governance & Operating Model* Security Program Service Model* Security Exception Management Program* Security Framework & Req Development (NIST-CSF, HIPAA, PCI-DSS)* Security Training Program Development (Provided training the in the following areas - Cybersecurity Awareness, Vulnerability Management, Web Application assessment, Risk Framework Assessment, and Breach Response)

Hired in 2013 with A&M's GFD group - Cyber division. Primary clients consisted of Oil/Energy and Health sector clients, as well as and financial and commercial retail clients in the eastcoast region. I engaged clients on a regular basis to discuss cyber security strategy and technical service offerings including: Cyber Readiness Assessment, Security Program Review, Incident Response Planning, and Interim Management.Led Cyber Protection services including:- GRC Analysis (NIST-CSF, ISO 27000, HIPAA, and PCI)- Cyber Readiness Assessments- Compromise/APT Assessments- Interim Management

Hired in 2005, I held a key role in the design of the analytical strategy for Corporate Information Security (CIS), developing process workflows, security plans, custom tools and conducting risk assessments. In addition to leveraging industry methods, the CIS assessment model aligns with “NSA-methodologies", specifically testing and analysis. Supporting the “Defensive (Blue) Testing Model", my customer responsibilities included IT Risk Management, Infrastructure Analysis, Vulnerability Assessment and Simulated Attack Strategy. These strategies were designed to promote dissemination of security principles and awareness to Critical Programs and stakeholders. I held serveral project lead positions for program customers including Integrated Product Team Lead; conducting technical tool delivery, data analysis, storage and reporting, as well as Green Belt Lead for process improvement activities and Analysis Lead for technical tool deployment, development and training.