V.P. Information Security Risk Management And Compliance
Current
Palo Alto, Ca, Us
• Design and implement innovative consulting methodologies while overseeing all aspects of IT security risk assessments and compliance projects.• Demonstrated CISO expertise while working for a Palo Alto based firm with accountability for coordinating the implementation of an infosec system and achieving SOC 2 attestation.• Configured, deployed, and optimized the information security system for a San Francisco based startup which attained SOC 2 and ISO 27001 attestations.• Spearheaded large-scale Information security improvement projects for key clients, such as PsiQuantum, ALOM, Neo-Photonics, Mosaic, Innovista, and Incode.• Achieved measurable success in both consulting and assessment roles through business process optimization, policies and procedures development and implementation.• Utilized Salesforce to establish infosec related business processes for an IT organization as a means to meet client requirements, including information management systems, risk assessments, and disaster recovery planning.• Assisted health care organizations, such as Mountain Park, Innovista, InteliChart, and Great Plains Health, in conducting HIPAA risk and compliance assessments and remediations.• Performed IT risk assessments, designed processes, and executed continuous improvement initiatives for private equity and hedge funds, including Shamrock Capital, Everest, Ariel, and Bessemer.• Directed and oversaw critical cybersecurity projects while performing due-diligence activities for investment targets.• Partnered with various financial services organizations, including SelfScore – Deserve, Aircastle, Murphy Bank, and Compass Bank to establish information security systems.• Reviewed and evaluated current processes for Essex Property Trust and implemented optimization efforts for SOX.