Leading our professional services team that focuses on the incident response, reverse engineering, and malware analysis of ransomware and providing anti-ransomware services to clients. Having the most fun in my life building our services portfolio. We're helping clients on their worst day with the very unique capabilities to avoid payments and mitigate the damage of ransomware actors.

Led a consulting practice of security experts focused on information security risk management and compliance. Strong focus on clients in all facets of the healthcare industry - payers, providers, pharma, and service providers. Current client base includes the largest provider networks, hospitals, pharmacies, PBMs, payers, and IT service providers (EMRs, infrastructure services, etc...) in the nation. Projects split between assessment work based on industry standards, frameworks, or regulatory requirements (HIPAA/HITECH, ISO 27K series, NIST 800 series, SANS 20, PCI, etc...) and security program development. Program development includes a large suite of design, build, and implement components or all of the following programs - incident response, threat and vulnerability management , third party/supplier risk management, risk management, training (technical and non-technical), policy and procedure development, etc...

I consult with CISOs and CIOs on how to best manage their Information Security program. Often times that means providing a risk assessment flavored to their industry, compliance needs, or security framework (HIPAA/HITECH, ISO, NIST, etc...). Other work includes process maturity, risk management, and taking any facet of a program to the next level. Previous work included running technical assessments; much of my work now is translating those findings into actionable strategic programs to address the root causes of the hack.I'm also focused on the healthcare industry with background in HIPAA/HITECH. We're talking to plans, payers, and providers about what the regulations mean to running an IT enterprise.

Responsible for a team of security analysts impacting the security posture of a Fortune 25 enterprise via threat modeling and vulnerability assessments.- Matured program to expand from a compliance driven focus to an enterprise perspective by informing vulnerability assessments, configuration standards, and penetration tests by realistic threat modeling and industry best practices.- Managed security tool assessments, product rationalization, and budget.- Led and adopted network security modeling tools and processes to better understand network changes.- Teamed on 2012's largest US M&A activity to create a combined and centralized InfoSec organization.- Directed and cheer-led skilled and highly motivated InfoSec practitioners to grow, encourage, and challenge a world-class team.

- Supports vision of supporting growth, legislating, and advising in matters regarding Information Risk.- Currently underway with transformational initiatives including Vulnerability Management, Client & Supplier Risk Assessments, Incident Response Planning, and Corporate Risk Register.- Responsible for regulatory compliance controls for DIACAP - Information Assurance Certification and Accreditation Process for ESI's enterprise.- Ensures appropriate security posture with system owners in Wintel, Network, and vendor platforms.- Consults with business and vendor partners on security risks and mitigation strategies.- Coordinates with other regulatory compliance frameworks (PCI, SAS, SOX) to ensure appropriate coverage to risk environments.- Performed multiple efficiency projects leveraging automation to expand InfoSec coverage and visibility into the compliance state of the enterprise. Success resulted in 200% efficiency gain in resource utilization.- Developed and matured ESI's InfoSec scorecard provide executive level insight into the performance, quality, and demand management of Information Risk Management.

- Manage business partnerships including relationship and contractual issues, primarily in software and service engagements.- Drive cost savings and efficiencies through effective management of business processes.- Ensure compliance to service level agreements (SLAs).- Negotiated contract terms and conditions, resulting in significant cost savings and risk mitigation.- Provide budget and spend analysis for vendor portfolio.- Successfully implement a year-long information security assessment project to achieve DIACAP (FISMA) compliance for multi-million dollar communication platform partner. Responsible for overviewing all control implementations, facilitating audit program with government agencies, and orchestrating internal readiness exercises.- Implemented security controls and best practices into vendor statement of works & master service agreements for those vendors housing critical data.

- Grew & organized CIO Boards in St. Louis, Memphis, Baltimore, & South Florida – featured members include CIOs of Anheuser-Busch, Monsanto Company, Maritz, Edward Jones, Emerson, and Express Scripts.- Presented smart packages to sales team with thorough, pertinent information for developing winning marketing strategies for new accounts.- Gained valuable knowledge coordinating with C-level executives.

- Update and refine Southern Illinois University School of Business website, particularly incorporating social media and current university event data. - Facilitated projects on alumni relations development including a Speakers' Bureau and School of Business Blog.

- Maintain daily operations of professional and student staff of major metro radio station.- Responsibilities include human resources function, particularly training staff of 6-8 full and part-time staff.- Performed IT support functions for small office network.