Author and developer of courseware on various cybersecurity, risk management, and technology topics.- (ISC)2 Express Learning Course Development, “Securing the Remote Work Force”, June 2021, (https://bit.ly/3eZGRLT)- ISC)2 Blog, “Remote Work During the Pandemic: What We Got Wrong”, February 2021 (https://bit.ly/3BFdFDH)- Mobile Device Security: A Comprehensive Guide to Securing Your Information in a Moving World”. Published by CRC Press in 2010- Certified Information Security Manager (CISM) Review Manual, 2009. Study guide contributor.- Official (ISC)2 Guide to the CISSP CBK, Second Edition, 2009. “Access Control” chapter- Information Security Management Handbook. A leading reference book for CISSP certification preparation. 2001, 2004, 2005, and 2006 editions. Chapter topics include Phishing, Off-shore Development Risks, Email Retention, Biometric Security, and Penetration Testing.

Currently transforming the Enterprise Information Risk Management team by providing leadership, consultation, and advisory expertise to develop an effective and sustainable digital risk management program in the areas of program strategy, risk assessment, assurance, third party cyber risk, resiliency, insider risk, and governance.- Improved the capabilities and effectiveness of the enterprise Insider Risk Program by advising on the design and build-out of program.- Established an Insider Risk data analytics capability by designing an enterprise data analytics architecture.- Greatly improved Governance, Risk, and Compliance (GRC) management by leading the technology search, selection, and deployment of a GRC technology platform.- Improved the program efficiency and analytical capabilities of the organization as the Agile Release Train Engineer for Enterprise Information Risk Management.- Exemplified the company’s commitment to diversity and equity as the project manager and lead author of the “American Family Insurance Guide to Allyship” on behalf of enterprise Business Resource Groups.

Transformed the growth of the company’s Information Security program by leading high-performing teams in the areas of Compliance and Risk Management, Identity Management, Defensive Technology, Vulnerability Management, Threat Hunting, and Incident Response services. - Greatly improved the effectiveness of the threat management program by implementing industry-leading threat-hunting and adversarial simulation technologies and practices. - Established the company's first Enterprise Insider Threat program.- Unified security policies through the development of the first enterprise-wide security policy set.- Ensured comprehensive disaster recovery capabilities through dramatic improvements in the scope, completeness, and quality of the company’s digital resiliency program.- Proudly earned a reputation for cultivating positive relationships with peers and management, building strong relationships with business partners, and promoting a strong, customer-focused environment.

Partnered with organizations to help achieve their information security goals as an Interim CISO and Information Security Expert, specializing in information security program development, security program analysis, information risk management, and security leadership.- Served as Interim Chief Information Security Officer for a leading mortgage insurance provider.- Guided clients in scoping and developing effective and financially-responsible security program capabilities. - Identified security gaps and proposed opportunities for client program improvement, technology enhancement, and risk reduction. - Greatly improved the effectiveness of the threat management program by implementing industry-leading threat-hunting and adversarial simulation technologies and practices. - Established the company's first Enterprise Insider Threat program.- Unified security policies through the development of the first enterprise-wide security policy set.- Ensured comprehensive disaster recovery capabilities through dramatic improvements in the scope, completeness, and quality of the company’s digital resiliency program.- Proudly earned a reputation for cultivating positive relationships with peers and management, building strong relationships with business partners, and promoting a strong, customer-focused environment.

Led the restructuring and enhancement of the information security program for QBE’s North American business unit, ensuring the program continually drove down security and operational risk while meeting the company’s business, financial, regulatory, and customer expectations. - Ensured team alignment with corporate strategic objectives by unifying and consolidating the division’s multiple security functions.- Reduced operating expenses over $150,000 in the first 6 months through efficiency transformations, team consolidation, and elimination of redundant licensing.- Established program visibility and support by cultivating key partnerships with divisional and corporate leadership.- Promoted a global enterprise focus for security issues (such as compliance, vulnerability management, and penetration testing) by establishing cross-divisional peer collaboration.

Established a comprehensive information security program for a large regional financial institution, including strategic planning, tactical execution, and operational support. - Effectively addressed the bank’s strategic focus by realigning the security program based on business lines and strategic areas.- Reduced technical vulnerability risk by 90% through partnerships with IT and business organizations.- Greatly improved relationships with federal examiners and internal/external auditors by increasing the efficiency of responses to GLBA, SOX, and OCC examinations/audits.- Established a positive working relationship with the bank’s Board of Directors, executive governance committees, business leadership, and regulatory agencies through honesty, integrity, and consistency.

Member of the instructional staff of the SANS Institute, one of the leading security training, research, and certification organizations. Developed courseware and led classroom instruction for following courses:- Security Essentials Bootcamp- CompTIA Security+ Certification Training- GIAC Information Security Officer Certification Training- Information Security Leadership - GIAC Certification: Information Security: The Big Picture- Operating System Security- Fundamentals of the Internet Protocol

Established credibility and customer confidence in the company’s information security program by ensuring efficiency and coverage of all program aspects. Established and improved multiple aspects of the program, including information classification, policies and standards, comprehensive application assessment & testing procedures, and improved vulnerability management.

Established and led a global program to ensure information security program alignment with corporate business and IT strategic objectives.

Created the strategic and operational models for information security and led the IT security program during the company’s spin-off from Lucent Technologies. Also assumed leadership of the IT Audit group.

Led risk assessment and internal consulting activities, security technology architecture, and the evaluation and implementation of appropriate technologies to protect Lucent’s computer systems, network infrastructure, and intellectual property.