Responsible for assisting clients organize and operationalize their cybersecurity programs. Most recently Sage Advisory assisted a national fiber optics company identify their cybersecurity capabilities and develop a set of practical, actionable, and achievable activities to increase the confidence of the executive team regarding the firm’s ability to deliver the level of service expected by customers while protecting their data. Jay’s focus is on the development of a ‘right-sized’ cybersecurity and compliance program that supports the goals of the business and its customers. Through understanding the business, culture, customer base, legal / contractual / regulatory requirements, Sage Advisory LLC works with clients to develop strategic and tactical plans which includes communication protocols for all levels of the organization as well as continual measurements and monitoring. The goal is to align the program with the business while making sure adjustments can be made as the business climate shifts. Core Capabilities include:Cybersecurity Strategy and Operational capabilities development / assessment Cybersecurity program development / management Governance and Risk program assessment / development / managementCybersecurity Documentation review / alignment / development Compliance framework assessment / alignment (NIST, ISO, PCI, Shared Assessments)Third-party program assessment / development / managementvCISO support geared towards small and medium organizations

As a Professional Services Engagement Manager, Jay's focus is on expanding the Professional Services business that includes business development, sales liaison, customer education, and oversight of successful services delivery. Jay supports the Sales team and is also a primary point of escalation for client opportunities as well account oversight during project engagements. Jay's regions of operations includes both the Midwest and Texas, Oklahoma, Louisiana, and Arkansas (TOLA) regions to enable our customers to successfully leverage Professional Services for maximize their investment in the Tenable Solutions. The Professional Services Engagement Manager is also closely involved in helping mentor, develop, and evaluate consultants.

As Principal Risk Consultant, Jay's primary responsibilities included the delivery of industry-leading governance, risk, and compliance consulting services for our customers, engagement delivery, and other information security risk management tasks in line with the overall direction of the company.

As Director of Strategy and Governance, Jay works with our customers of different sizes, complexities, and types to assist them with building, enhancing, and managing a best-in-class cyber security program through practical, actionable and sustainable initiatives. Jay has built or led detailed maturity assessments as well as facilitated executive level workshops to assist CISOs in maturing their cyber security programs. Jay's ability to merge leading cyber security practices into the fabric of an organization's business environment and culture allows an organization to maximize their investments and gain operational efficiencies.

As the Director of Cloud Governance, Risk & Compliance, Jay was responsible for the development and implementation of the cloud based GRC program to assist clients in migrating business operations to cloud service solutions. In addition to providing strategic direction, planning and assessments, the GRC program at Fishtech was being built to assist organizations with traditional IT compliance and security needs. Lastly, Jay assisted customers with addressing their compliance mandates and ensuring they are taking practical and achievable steps in building and maintaining an information security program that can adhere to the applicable compliance mandate.

Jay provided information security and compliance consultative services to the Oracle Commercial Cloud team. This included assisting the business with understanding how the various compliance mandates impact the 80 plus cloud offerings on a global scale. Jay assisted the Director of Compliance with identifying possible long-term strategies for maturing the GRC program in order to support the rapid growth of Oracle Cloud offering suite. Finally, part of the responsibilities was to define and develop a workshop to help the business and security teams better understand the needs of each other to be sure the cloud platforms were both secure and function for Oracle's clients.

As a Managing Consultant, Jay had direct oversight for all operations performed by a team of senior security consultants and supported the Practice Director to exceed revenue targets and provide a high level of customer service to our clients. Key responsibilities included project portfolio management, delivery, presales support, development / maturing the Governance Risk and Compliance (GRC) solution portfolio, and acting as the primary point of escalation for all client issues during a project. As a Managing Consultant, Jay was directly involved in hiring, mentoring, developing and evaluating team member’s performance. Key Responsibilities Included:Program development and delivery of the information security strategic planning workshops to senior leadership for various customers.Provided various GRC services to clients to assist them in maturing the organization’s information security program in a cost effective manner.Provided direct sales support for project scoping/proposals and the development of project change orders.Identified opportunities within client accounts and work with the sales team to assist the client in solving their business problems and providing additional services into existing client accounts.Conducted pre-sales presentations for clients.Ensured team projects are completed on-time and on-budget.Responsible for overall practice performance (P&L) as well as team development through mentoring and coaching.Conducted over 25 executive level workshops assisting the leadership team of organizations with assessing the maturity of the various information security program elements, prioritization of activities, and planning to achieve maximum efficiency of the program in a cost conscious manner.

Provided vision and leadership in developing, socializing, implementing, and supporting the company’s information assurance program. Planned and implemented practical and achievable policies and practices for the protection of business information and systems. Ensured compliance with regulatory requirements (Sarbanes-Oxley, HIPAA, and Canadian bills C-8 and C-31). Jay was responsible for designing and executing programs for user awareness, incident response, compliance monitoring and security assurance testing and auditing.

Collaborated with management regarding business objectives and constraints in an effort to deliver an acceptable and cost-conscious information assurance program. Served as the liaison between the IT department and facilities security to coordinate initiatives, share information, and increase the level of safety of employees and assets. Worked with the IT department and business units to identify, justify, implement, and validate information assurance initiatives to meet ongoing compliance regulations (Sarbanes-Oxley and Payment Card Industry Cardholder Information Security Program) and the company's defined security posture. Created and presented security policies, guidelines, and standards to affected departments and employees. Provided monitoring, testing and auditing to ensure the effectiveness and efficiency of the information systems controls and security program.