Promoted to functional head of cyber security to reflect greater maturity and expanded scope of the security program. Developed vendor risk program, leveraging standard assessment tools to identify vendor-sourced risks and develop contractual and technological mitigations as appropriate. Lead program to identify and mitigate key GDPR risks, as well as collaborate with senior leadership and cross-functional committees develop organization-wide data privacy program. Leveraged existing policies and deployed tools to launch comprehensive data lifecycle initiative. Developed team and negotiated promotions in line with their career growth and leadership potential.

Recruited to lead Cybersecurity program to greater maturity level. In first 90 days reorganized security team to improve incident detection and response process automation, freeing resources to focus on program development and maturity. Developed new program charter to better clarify goals of the department, improve inter-departmental relationships, and align activities with organizational goals. Lead cross-functional team in overhaul of policy frameworks, updating and creating new policies as necessary to better align with existing programs and current state of the organization. Lead a team of five (5) information security professionals, and was responsible for a $1.5M budget.

In this part-time role I collaborated with a team of instructors to present curriculum, provide laboratory instruction, and draw on my professional experience to guide students through a series of online classes hosted by the University of Michigan's Nexus program, in partnership with HackerU. The goal of this program is to take students with little to no Information Security experience and provide them with the knowledge and skills necessary to successfully launch a career.

I was re-engaged after successfully developing an impressive security program that set the stage for a $50 million contract renewal in 2012 when I served as the CISO. In this role, I was tapped to quickly create and implement a secure development program to alleviate some clients’ concerns regarding potentially catastrophic security compromises. My objective was to quickly develop a cutting-edge solution for these clients that would fortify their confidence and trust in our ability to protect their customers’ most sensitive data. I continually improved processes in the department and inspired a highly productive team to eclipse even the most ambitious goals. I was best known for innovating future-focused solutions that shielded clients from potential liabilities by reducing risk and ensuring regulatory compliance. DELIVERED RESULTS:► Insulated organization from $7M+ in potential fines per event by leading a GDPR compliance initiative; reviewed all processes for compliance issues and closed all gaps to ensure compliance. ► Ideated and introduced a complete risk-management system aligned with business objectives and risk tolerance that complied with ISO 270001 standards and client demands.► Produced 90% reduction in event detection timeline, from several days to mere hours, through development and launch of robust incident management system.► Positioned business to avoid $2.5M in monthly fines while supporting changing contract terms through overhaul of disaster recovery plan and transition to new infrastructure.

In this role, I partnered with the CISO to modernize and optimize the security infrastructure enterprise-wide for this Fortune 500 subsidiary of Samsung Electronics. I project managed several multimillion-dollar projects and led a global team of 12 cross-functional employees to integrate new security solutions into the legacy structure. I leveraged deep expertise in the software development lifecycle (SDLC) to direct the design of several ingenious solutions to ensure security processes aligned with best practices. Reporting directly to the CISO, I contributed to the strategy for the entire IT department and provided continual feedback to the executive team during implementation.DELIVERED RESULTS:► Generated 40% drop in downtime from security misconfigurations within 1 year by introducing KPIs and weekly meetings with oversees team. ► Shifted mindset from reactive to proactive. Empowered employees to quickly identify issues, mastermind solutions, and implement remediation strategies. ► Achieved 90% malware-update compliance.

Working at Health Alliance Plan (HAP) allowed me to hone my communication skills while eliminating silos that were crippling the efficacy of the department. Collaborative by nature, I quickly broke down barriers to communication and cooperation between teams, opening the door to new ideas and fresh perspectives. In my time with HAP, I designed streamlined operational systems and processes for the security function of the IT program and ultimately enabled a myriad of issues to be addressed and go-live timetables to finally be achieved.

I jumped into this role with both feet, quickly leading the IT team through a comprehensive, campus-wide IT security analysis. This allowed me to identify vulnerabilities and optimize processes for the University, enhancing the user experience for over 20 thousand students. I modernized and evolved the legacy security program, overcoming resistance from leadership with logical, straightforward rationalizations for every change I requested. I secured buy-in for my solutions and led the implementation of the new technology. DELIVERED RESULTS:► Saved $150K by eliminating redundancies throughout the system and replacing outdated technology with efficient solutions. ► Generated $350K in software cost reduction through contract renegotiation.