Lead the information security program for DST Health Solutions - the medical software division of DST Systems.Leadership and ManagementPerformed annual and ad-hoc penetration testing on key financial systems as required by PCI DSS.Perform detailed, ongoing risk assessments to identify areas within the organization that pose the greatest risks associated with regulatory requirements, financial impact, and/or contractual obligations and developed an ongoing schedule of security assessments based on the results.Lead third-party vendor in assessing all internet-exposed applications.Lead various management, technical, and development teams in remediating vulnerabilities discovered during the security assessments both internal and external.Served as liaison to Department of Defense during their annual DIACAP audit of key systems and coordinated the efforts of those involved in the remediation of any deficiencies found.Serve on the Global Security Council, a cross-functional team of management from all technology-related departments responsible for setting and maintaining information security policies and procedures across the enterprise.Worked with compliance department to develop annual HIPAA and General Information Security training for all DST HS associates.Lead Incident Response team charged with investigating and responding to information security and HIPAA-related incidents.Provide guidance and leadership to software development teams to ensure security best practices are followed in all internally developed applications and systems.Lead massive effort to bring key systems into compliance with the PCI Data Security Standards.

Responsible for securing the BHS computing environment, ensuring the integrity and confidentiality of patient data. Lead various teams to ensure compliance with HIPAA regulations.Leadership and ManagementLead ad-hoc team tasked with addressing issues raised during annual PriceWatehouseCoopers security audits resulting in a reduction in the number of observations from over 60 in 2003 to less than 10 in 2004.Served as official liaison to PwC auditors; gathering information they required and assisting them as needed.Chaired the committee responsible for creating a comprehensive suite of policies and procedures fulfilling the administrative requirements of the HIPAA Security regulations.Lead the implementation of two major projects that increased the security of patient information and provided technical staff and management with tools allowing continuous monitoring and auditing of key systems.Lead cross-functional team composed of members of the BHS Audit and Compliance departments and the Siemens IT staff to perform a comprehensive HIPAA Privacy and Security risk analysis.Received an employee achievement award my first year with Siemens.

Designed, implemented, maintained, and managed corporate LAN/WAN infrastructure connecting home office to over 100 branch offices and parent company headquarters. Managed a group of 5 technicians and support specialists providing second and third level support for approximately 500 users.Leadership and ManagementRecruited, hired, trained, and managed network and desktop support technicians.Managed IT budget of $1M.Created a shared vision of IT infrastructure for corporate management and staff.Design and ImplementationWorked with PC vendors to develop a standard computer image for use at remote sites. This reduced costs associated with PC configuration and support and eliminated human error during the workstation/server setup process.Identified and implemented remote support tools allowing for more effective and efficient end-user support. Reduced downtime resulting from system failures and reduced expenses associated with support-related travel.Security and Special ProjectsLead Y2K compliance project. Met with vendors and service providers to assess Y2K compliance. Developed contingency and disaster recovery plans to cope with potential problems. Identified and implemented changes required, achieving 100% compliance with no system failures or service interruptions as a result of the date change.Received corporate award from Global Networks Department for the robustness, efficiency, and security of our local and wide-area networks as part of the company-wide Digital Networks Architecture (DNA) project.