• Implemented and enhanced governance and compliance frameworks including PCI DSS, SOX, SOC 2, FFIEC CAT, HIPAA-HITECH, COBIT, NIST CSF, and ISO. Developed IT and Cybersecurity policies, procedures, controls, and business processes to ensure compliance and address audit findings.• Assisted clients with audits, external auditor relations, risk identification and mitigation, compliance program implementation, policy development, remediation strategies, and workflow enhancement.• Managed… Show more • Implemented and enhanced governance and compliance frameworks including PCI DSS, SOX, SOC 2, FFIEC CAT, HIPAA-HITECH, COBIT, NIST CSF, and ISO. Developed IT and Cybersecurity policies, procedures, controls, and business processes to ensure compliance and address audit findings.• Assisted clients with audits, external auditor relations, risk identification and mitigation, compliance program implementation, policy development, remediation strategies, and workflow enhancement.• Managed an Architectural Security Assessment for a client, covering Security Program, Embedded Device, Network Architecture, Cloud, and Ransomware Defense. Coordinated communication, workshops, recommendations, roadmap development, technical validation, and deliverables across 12 departments.• Conducted risk assessments and IT audits for third-party service providers in auto insurance and regional banking, ensuring adequate protection of sensitive information.• Conducted PCI DSS reviews for credit unions, assessing cardholder data flows and recommending improvements for business processes, risk mitigation, data security, and CDE reduction.• Developed an Information Security Governance Plan for a digital banking initiative, focusing on IT policy, risk management, compliance, threat and vulnerability management, vendor risk, incident response, disaster recovery, business continuity, and secure software development.• Assisted financial institutions with FFIEC Cybersecurity Assessment Tool (CAT) evaluations, providing remediation recommendations and updating policies.• Conducted PCI DSS gap assessments, implemented compliance programs, and updated IT, SDLC, change management, disaster recovery, and incident response policies. Established control standards, conducted CDE identification, risk assessments, control testing, third-party compliance reviews, and assisted with SAQ D and Attestation of Compliance requirements, including upgrading programs to PCI DSS 4.0. Show less

• Leadership: Oversee the strategic direction and day-to-day operations of a non-profit organization dedicated to fostering empathy and compassion through community engagement and charitable initiatives.• Fundraising: Successfully secured donations to support the organization's programs and initiatives, including the annual Wreaths Across America event at Riverside National Cemetery.• Program Management: Led the successful implementation of various community outreach programs, such as… Show more • Leadership: Oversee the strategic direction and day-to-day operations of a non-profit organization dedicated to fostering empathy and compassion through community engagement and charitable initiatives.• Fundraising: Successfully secured donations to support the organization's programs and initiatives, including the annual Wreaths Across America event at Riverside National Cemetery.• Program Management: Led the successful implementation of various community outreach programs, such as Wreaths Across America Day @ Riverside National Cemetery and an Endowed Educational Scholarship.• Volunteer Management: Recruited, trained, and managed a team of dedicated volunteers to support the organization's mission.• Community Partnerships: Established strong relationships with local businesses, armed and uniformed service units, and community organizations to expand the organization's reach and impact.• Public Relations: Effectively communicated the organization's mission, programs, and accomplishments through various channels. Show less

• Developed and Implemented start-up business plan. Established and managed Budget and Accounting, Customer Acquisition and Support, Policies and Procedures, and Operations.• Provided outsourced IT Management, Operations, Security, Monitoring, Maintenance and Support services to clients.• Advised clients on strategies for digital transformation, cloud adoption (public, private, hybrid), and infrastructure modernization.• Conducted IT assessments, risk assessments, and compliance… Show more • Developed and Implemented start-up business plan. Established and managed Budget and Accounting, Customer Acquisition and Support, Policies and Procedures, and Operations.• Provided outsourced IT Management, Operations, Security, Monitoring, Maintenance and Support services to clients.• Advised clients on strategies for digital transformation, cloud adoption (public, private, hybrid), and infrastructure modernization.• Conducted IT assessments, risk assessments, and compliance audits to identify vulnerabilities and improve security posture.• Implemented robust governance frameworks, including NIST, COBIT, and ISO 27001.• Led complex IT projects, including system development, integration, and migration.• Optimized IT operations through automation, virtualization, and cloud-based solutions.• Assisted healthcare organizations with HIPAA / HITECH compliance efforts.• Conducted operational audits for a regional utility company, ensuring compliance with CPUC and FERC Affiliate IT Access and Intercompany Service Request rules. Reviewed Data Center Operations, providing recommendations on upgrade project delays, safe work practices, preventive maintenance tracking, spare parts availability, and policy updates. Show less

• Ensured service delivery, quality control, client satisfaction, and client retention.• Conducted SOX 404 IT audits for clients in various industries, including utilities, manufacturing, insurance, service, and technology. Developed narratives/documentation, performed walkthrough and operational effectiveness testing, and facilitated remediation.• Managed the SOX 404 Audit (Finance & IT) team for a national services firm with several divisions. Brought in specifically for success in… Show more • Ensured service delivery, quality control, client satisfaction, and client retention.• Conducted SOX 404 IT audits for clients in various industries, including utilities, manufacturing, insurance, service, and technology. Developed narratives/documentation, performed walkthrough and operational effectiveness testing, and facilitated remediation.• Managed the SOX 404 Audit (Finance & IT) team for a national services firm with several divisions. Brought in specifically for success in dealing with “difficult” clients and “sensitive” situations. The scope included process narratives, developing control objectives, risk control matrices, testing, assistance with remediation, and developing an IT policy framework – all in a very accelerated timeframe. Ensured standardization across all divisions and managed project scope, time, cost, quality, human resources, communications, and risk.• Served as Special Examiner to perform IT audits of insurance companies by the state Department of Insurance. Scope of examinations included Physical Security, Logical Security, Program Change, and Business Continuity.• Developed new IT audit best practices, templates and documentation standards based on new regulatory updates and guidance. Trained Technology Risk Management team on best practices and tools and performed QA on their work.• Consulted a power & gas corporation to assist management in realizing the full value of IT and its readiness for projected growth. Observations concerning corporate culture, organization, infrastructure, operations, and applications were completed. Provided recommendations to management and the Board of Directors to improve the overall IT governance, environment, operations, and organization.• Conducted COBIT-based IT Assessment and IT Spending Analysis in conjunction with an internal Fraud Investigation for a manufacturing organization. Provided management with recommendations to improve IT governance, operations, spending, and asset management. Show less

• Directed IT governance, planning, implementation, operations, support, and maintenance for offices, distribution centers, users, and contract manufacturers across the US, Canada, UK, EU, Hong Kong, and China during a hyper-growth phase and company IPO.• Implemented general computer and application controls and developed policies, processes, and procedures related to IT operations, service management, security, acquisition, managing 3rd Party providers, capacity planning, configuration… Show more • Directed IT governance, planning, implementation, operations, support, and maintenance for offices, distribution centers, users, and contract manufacturers across the US, Canada, UK, EU, Hong Kong, and China during a hyper-growth phase and company IPO.• Implemented general computer and application controls and developed policies, processes, and procedures related to IT operations, service management, security, acquisition, managing 3rd Party providers, capacity planning, configuration management, and change management.• Managed the technical and business process implementation of an ERP system with global operations including contract manufacturing in China, logistics in Hong Kong, distribution centers in the US and UK, and retail customers worldwide.• Oversaw various IT development and implementation projects such as Dynamics, warehousing and distribution, EDI and eCommerce, business intelligence, product life-cycle management, disaster recovery/business continuity, help desk, security, LANs, global WANs and VPNs, storage/backup, email, and other applications.• Led business process enhancement and Digital Transformation projects for Fulfillment, EDI, Order Management, Inventory, Warehouse Processing, 3rd Party Logistics, Retail Supplier Compliance, Supply Chain, Procurement, Product Coding, Financial Reporting, and Invoicing. Show less

• Designed a global WAN & VPN network with operations in the US, China, Hong Kong, Taiwan, and Singapore.• Directed the IT governance, planning, implementation, operations, support, and maintenance functions across all offices and locations.• Participated in technical reviews and due diligence on start-ups seeking venture funding.

• Managed the implementation and development of Oracle solutions for clients in the communications industry, including LECs, ISPs, DSL providers, dot coms, e-commerce, and multimedia companies.• Formed and led cross-functional teams, created and developed proposals, SOWs, and project plans, and mapped solutions to customer business requirements.• Ensured project quality management, maximized budgets, developed and managed risk mitigation strategies, and identified and developed new… Show more • Managed the implementation and development of Oracle solutions for clients in the communications industry, including LECs, ISPs, DSL providers, dot coms, e-commerce, and multimedia companies.• Formed and led cross-functional teams, created and developed proposals, SOWs, and project plans, and mapped solutions to customer business requirements.• Ensured project quality management, maximized budgets, developed and managed risk mitigation strategies, and identified and developed new business opportunities. Show less

• Developed and managed an Integrated IT Master Plan for a Base Conversion Project - "Subic Cybercity", establishing national benchmarks for networked communities. This included a prototype ID card system for the National ID Card initiative and the first integrated emergency response system (Emergency 911) in the Philippines, setting national standards for fire, medical, and law enforcement response. Led cross-functional teams of technical and functional resources, both internal and external… Show more • Developed and managed an Integrated IT Master Plan for a Base Conversion Project - "Subic Cybercity", establishing national benchmarks for networked communities. This included a prototype ID card system for the National ID Card initiative and the first integrated emergency response system (Emergency 911) in the Philippines, setting national standards for fire, medical, and law enforcement response. Led cross-functional teams of technical and functional resources, both internal and external. Established a Project Management function to ensure standard processes, effective communication, portfolio management, status reporting, training, and consistent project delivery.• Managed the procurement, bidding, and implementation of a World Bank-funded, SAP R/3-based integrated financial management system. This system served as a prototype for computerized national audit and accounting standards and policies for Philippine government agencies.• Designed, deployed, and managed support systems for 18 heads of state, their delegations, and the international press corps at the 1996 APEC Leader's Summit. This included communications infrastructure, data center, Internet access, host website, email, Emergency 911 System, CCTV, ID/Access Control System, and end-user support. Show less