•Lead teams of varying levels of security consultants and actively participate in performing: o Comprehensive risk, compliance and maturity assessments across diverse customer environments and verticals. o NIST 800-53, CSF, and 800-171, HIPAA Security Rule, ISO 27001, CIS Top 20, and PCI DSS compliance assessments. o In depth security process risk and maturity assessments focusing on access control, risk management, configuration management, change management, resiliency planning, security incident response, security operations, etc. •Develop information security policies, plans, processes and road maps in alignment with risk environment, adopted frameworks and industry standards.•Aid organizations in implementing information security programs and strategies.•Identify vulnerabilities, potential threats, risks and provide key recommendations to mitigate risks and improve information security practices.•Provide vCISO and risk advisory services to clients, addressing compliance, security best practice, and business issues.•Deliver presentations reporting information security posture and strategy to board level executives.•Built NIST CSF and comprehensive security process practice areas to meet customer’s growing requirements.•Assess organization’s IT service management and IT governance practices against industry best practice frameworks such as ITIL, ISO 20000, and COBIT.

•Perform comprehensive risk assessments for customers, including the identification of vulnerabilities, potential threats, risks and provide key recommendations to mitigate risks and improve information security practices.•Identify customer vulnerabilities through vulnerability scanning, penetration testing, social engineering, and policy/process reviews.•Assess organizations IT service management and IT governance practices against industry best practice frameworks such as ITIL, ISO 20000, and COBIT to determine process vulnerabilities. •Develop information security policies and processes for customers in alignment with ISO 27001:2013, NIST 800-53, PCI DSS 3.0, HIPAA and other best practices.

•Design, implement, and maintain Corporate IT Asset Management Program; including standardization of financial, contractual, and inventory functions to support life-cycle management of hardware and software assets.•Formulate and implement policies and procedures for tracking and analyzing technical and financial data of company software, hardware, and equipment throughout the entire IT asset life-cycle. •Explore opportunities to maximize unused or partially used IT assets to achieve full efficiency and return on investment (ROI) from company assets. •Conduct software license utilization analysis and create necessary reports in support of decision-making in the IT business domains. •Design, implement, and maintain IT Vendor Management Program with key focus surrounding vendor risk management, contract management, relationship management, performance management, and financial management.•Lead the design, implementation and management of the necessary processes to ensure the organization obtains optimal performance and value from select third party IT vendors managed through the ITVM Program. •Prepare and manage IT Asset Management budget, inclusive of client hardware, software, and personnel.

•Provide direct supervision to a team of distributed technical support professionals that delivered desktop and phone support services. •Provide project oversight and leadership for enterprise desktop support initiatives, including cross-functional project management, financial planning, human resource scheduling, technical guidance and participation. •Develop and maintain enterprise level Incident Management processes based off of ITIL’s v3 framework for service delivery.•Conduct regular review of the enterprise Service Desk support services to ensure that end user needs are met, and ensure timely service delivery.•Provide oversight of enterprise-wide identity and access management, including account administration, access review, and other supporting activities.•Collaborate on the implementation, oversight, and enforcement of tactical policies and procedures required for efficient service delivery to user base. •Establish key performance indicators and regular review for the Information Technology Services group to ensure that support efforts comply with end user expectations.

•Primary responsibility for the creation, documentation, and deployment of standardized desktop/laptop images.•Perform enterprise-wide identity and access management, including account administration, access review, and other supporting activities.•Provide regular incident and problem management services in support of a distributed user environment.•Provide root cause analysis on a continuous basis in support of production applications and systems.•Perform hardware break/fix activities while liaising with external IT vendors as needed.