Leadership and Strategic Vision: • Successfully assumed interim roles as CTO, and CISO, vCISO providing strategic guidance and vision to technology, business, and financial operations, resulting in significant performance and risk improvements. Security and Privacy Advisor: • Provided security and privacy advisory services to in-house legal counsel, including contract, insurance, and intellectual property reviews from a technology and security perspective. • Served as a trusted advisor to various law firms, offering expert witness testimony and guidance on security matters. Strategic Advisory Roles: • Hired as a Strategic Advisor for boards and top executives in diverse industries, including ports, payments, governments, DoD, banking, healthcare, governments, and more. • Served as a Security Strategic Advisor for elected officials at the federal level, providing valuable insights, and recommendations. Training and Speaking Engagements: • Conducted customized security and software development training programs, equipping organizations with the necessary knowledge and skills. • Delivered keynote speeches at speaking engagements, sharing expertise and insights with industry professionals.History of Creating Revenue: • Successfully proposed and sold a 25 million dollar Security Maturity Program directly to a Federal Credit Union Client. Client hired Dr. Stevenson as the chief architect and to program managed this cross-functional security program that resulted in risk reduction by reducing the threat landscape by 40% and increased revenue through enhanced retention.• Led a $10 million security budget for an Aerospace/Defense client, achieving risk reduction and cost savings.• Successfully proposed and sold a $5 million program for a healthcare client. Client hired Dr. Stevenson as the chief architect and to program managed this security program that resulted in risk reduction by 50% and approved certifications passing for HIPAA, HITECH, and HITRUST.

Assessments, Audits, Planning, Expertise:• Led assessments for Privacy law, demonstrating expertise in privacy-related matters.• Conducted comprehensive risk assessments and developed System Security Plans adhering to a wide range of standards, regulations, and laws such as SDLC, OWASP, PCI, ISO (27000/27001), GPDR, SOX, ANSI, NIST, FIPS, NCUA, FFIEC, FTC, FDA, HITRUST, HIPAA, HITECH, DOD, FedRAMP, and STIGs. Her work involved implementing accreditation and certification recommendations.• Served as an expert consultant on various frameworks and standards, including PCI DSS, Software Secure Framework (SSF), PA DSS, P2PE DSS, PIN DSS, ANSI x9.24, ANSI x9.143, ISO 9564, and ISO 13491. Terry's expertise encompassed software encryption, DUKPT, authentication, software development, and secure transmission of credit card data.• Performed product security assessments, including source code review in agile, waterfall, hybrid environments and other technical requirements.• Led Incident Response efforts, analyzing malware, MITRE attacks, exchange attacks, and providing forensic reporting and legal expert reports.• Engaged in API documentation, exportation law analysis, policy creation, source code and interface review (C, C#, C++, REST, Python, JSON, Java), code testing (functional and security), mitigation analysis, vulnerability analysis, threat incident analysis, QA testing, security testing (SAST, DAST, IAST), DevSecOps, and various forms of static, dynamic, custom penetration and vulnerability testing.• Acted as an expert witness in technology-related cases, providing expertise in intellectual property examination, device examination, intrusion proof, data theft analysis, and assisting attorneys with depositions, testimonies, cross-examinations, discovery preparation, appellate reviews, and motions.• Served as a Subject Matter Expert for technology contract negotiation and review, supporting attorneys with contracts worth millions to tens of millions of dollars.

Architect, Designed, Developed, Continuous Integration, Continuous Delivery and Continuous Deployment, Network Architect and Implemented:• A new cryptographic payments applications, new API using C, C++, Java, Nodejs, SubtleCrypto, JavaScript, Micro-Services, containers (Docker), custom software and hardware cryptography, keys, authentication and authorization in different clouds (Private, AWS, Azure).• A new mobile application with custom cryptography, WolfSSL, (C/C#); object encryption, custom authentication/authorization, and other security mechanisms, for both Android and IOS mobile apps, front-end, plus full API development and back-end systems (full-stack, Micro-Services, Containers) (Private, AWS, Azure).• A new platform and device applications with custom source code development, open-source code development (OAuth, OpenID, OpenSSL, OpenVPN), conversion from Waterfall to secure custom form of Agile, with custom HSM, events, access controls, PKI, obfuscation, cryptography, web applications, databases (relational and RDF), XMPP for both Android, Windows, and IOS mobile applications, API, and full stack in different clouds (Private, AWS, HP). • Performed behavior modeling analysis along creating architecture and development of predictive heuristic behavior algorithms to enhance products with machine learning.• A new 3-Tier NSX and Palo Alto environment that directly connected NSX to Firewalls using BGP, physical and micro-segmented enclaves. New security controls, tools, constructs, and built a new SOC implementing a new SOAR/SIEM system, environmental hardening, key management, HSM, in all cloud environments (Private, AWS, Azure), and created automatization for software deployment and development that hard coded check-ins of source code that included new security controls and code scanning.

• Demonstrated visionary leadership, driving significant performance improvements across technology, business, and financial operations in the retail payments division.• Successfully managed a 2 million+ security budget, resulting in risk reduction, improved client relations, and reduced operating costs. Implemented a vendor management program for overall cost reduction.• Prepared and delivered technical presentations, cost projections, business cases, project charters, and plans to executives, customers, and peers.• Conducted comprehensive risk analysis and managed remediation efforts for PCI DSS, PIN DSS, PA DSS, P2PE DSS compliance, covering software and hardware enhancements (software development & implementation through CI/CD), card holder data protection, vulnerability management, and rigorous application penetration testing for Connective Payments.• Recognized as an expert consultant in PCI DSS, PA DSS, P2PE DSS, and PIN DSS, specializing in software encryption, DUKPT, and secure transmission of credit card data.• Led incident response investigations, collaborated with corporate attorneys, performed malware analysis, investigated privilege escalation attacks, and conducted vulnerability and exploit analyses.• Expertise in various security testing methods, including white/black box, manual, custom, and automated approaches, network security assessments, penetration testing of web applications, platforms, databases, and backend systems, as well as threat investigation and response.• Developed and implemented customized cryptographic solutions using WolfSSL (C/C#), OpenSSL, and OpenVPN. Created secure Agile systems for software development, established a new Secure SDLC process, conducted code reviews, and provided training on secure coding practices. Designed and implemented custom code (Full Stack), functions, features, mechanisms, hardware security modules (HSM), key management systems, and cryptographic authentication and authorization mechanisms.

• Led EDS as the Lead Security Program Lead/Architect, overseeing the development and design of the Multi-Mission Satellite Operations Center (MMSOC) Ground System Architecture (GSA) that supports RDT&E, Space Command, and Operationally Responsive Space (ORS).• Successfully managed a 1 million+ budget, reducing risk and operating costs, while improving client relations and retention. Implemented a vendor management program that effectively reduced overall expenses. • Served as a direct report to the Air Force Information Assurance Manager, responsible for preparing DITSCAP/DIACAP packaging and creating risk mitigation assessments for agency designs. • Designed Cross-Domain Solutions for Red/Black data issues and implemented a multilevel security solution for enclaves/domain issues using data guards. Ensured compliance with the local Wing's MAC level. • Developed Security Management Plans, authored Data Guards White Papers, and created a Security Composite View. • Played a key role in developing system and subsystem specification documents, architecting security solutions, creating use cases and scenario sequence behavior diagrams, and overseeing interface control document development. • Provided mentorship and training to network/hardware engineering staff, acted as a customer liaison, and contributed to prototype development. • Generated comprehensive documentation, including requirements documentation, design documentation (sequence, sample subroutines, use-case, etc.), API documentation, and policies. • Conducted detailed reviews of source code and interfaces (C#, C++, C), performed functional and security code testing, carried out mitigation analysis, and conducted QA and security testing, including white/black box testing for penetration, vulnerability, and custom attacks. • Provided expertise in recommending appropriate tools and trade-offs to enhance system performance and security.

Building on her record of success, Terry successfully managed a substantial security budget, reduced risk and operating expenses while enhancing client relations and retention. She is skilled in delivering impactful technical presentations, business plans, and revenue projections to executive-level stakeholders. She is adept at creating white papers, establishing change management procedures, and implementing new standards. Terry's expertise extends to risk assessment, internal auditing, and ensuring compliance with federal agency standards. With a strong focus on security, she excels in source code review, application issue resolution, access controls, policy implementation, and security testing.Accomplishments include: • Provided strategic leadership to enhance performance across technology, business, and financial operations. • Managed a 1 million+ security budget, reducing risk, improving client relations, and optimizing operating expenses. • Developed and delivered technical presentations, business plans, revenue projects, and cost projections to key stakeholders. • Created white papers, established new standards, and implemented change management procedures. • Prepared risk assessment documentation and mitigation strategies to meet DOJ standards for the Sheriff department. • Conducted confidential source code security reviews, resolved application issues, and ensured cryptography and authentication mechanisms. • Oversaw medical device security, access controls, event correlation, policy creation, and implementation. • Led security testing, including penetration testing, network security, threat investigation, malware and vulnerability analysis.• Created and implemented a new vendor management program that reduce overall costs. • Prepared internal auditing procedures and reports for CISO, along with preparing other risk mitigation/resolution and internal auditing documentation for other departments that had to meet other federal agencies standards.

Offering expertise in specialized campus networks and optical ring configurations, Terry has delivered high-performance infrastructure spanning over 12 miles. Known for exceptional technical presentations and solution-driven approaches, Terry has created white papers, established standards, and implemented effective change management procedures. Security is a key focus, encompassing confidential source code reviews, resolving application issues, and ensuring robust cryptography and authentication mechanisms. Additionally, Terry has expertise in compliance requirements such as FDA and HIPAA, and has implemented cost-saving vendor management programs.Accomplishments include: • Successfully led as a lead architect and project manager, overseeing the design, engineering, and implementation of secure network solutions for a specialized 12-mile optic ring campus network, utilizing Cisco Optical technology and advanced design techniques for a fully meshed environment. Adapted the network to meet new Abbott's standards using Extreme. • Prepared and delivered comprehensive high-level technical presentations, proposing solutions, return on investments, project charters, project plans, and budgets to executives, technical committee boards, and peers. • Authored white papers, established new standards, and implemented change management procedures to enhance operational efficiency and effectiveness. • Conducted confidential source code security reviews, addressed application issues, and provided resolutions for cryptography, authentication, and security mechanisms. Managed medical devices, access controls, event correlation (SIEM), policy creation, implementation, assessment, QA testing, and penetration testing.• Produced internal documentation for auditing to meet Federal Drug Administration requirements. Prepared risk assessments and mitigation reports/presentations, ensuring compliance with HIPAA and FDA standards. • Developed a vendor management program.