• Leads a global team responsible for proactively mitigating the cybersecurity risk of the enterprise and product engineering application portfolio assets by defining strategic direction and documenting secure application architectural patterns and implementation guidelines/templates based on business needs, policies and standards, ongoing compliance requirements, and industry best practices and regulations (e.g. HIPAA).• Develop innovative security strategies and implement a Secure SDLC program using relevant security frameworks and best practices, e.g. NIST 800-218, that integrates vulnerability management and incident response feedback, as well as threat landscape research for product lifecycle hardening.• Build and maintain relationships to partner with business and engineering stakeholders, providing earlyengagement and consulting on application security requirements and risk mitigation strategies during the initial stages of a development lifecycle.• Conduct product and application development architectural reviews, and manage the DevSecOps Engineering functions to define processes and security testing methodologies for CI/CD SAST, DAST, containers / Kubernetes, OSS/SCA, API, etc.

As the Business Information Security Officer (BISO) for the New Business Incubation (NBI) business unit, I built a new team responsible for end-to-end enterprise and product security in the Verizon innovation business unit. Leader of a team of senior principal product and cloud security architects embedded in the business teams to create enterprise and product security architectures and guide implementations that manage risk while enabling the business.This executive leadership role involved working closely with senior corporate and business leaders to develop and implement product and cloud security strategies, as well as driving continuous improvements in secure SDLC and PDLC program maturity by building a "Secure by Design" culture. I was responsible for overseeing all aspects of the BU product security program as well as leading our cloud security transformation efforts, ensuring the security and resilience of our products, platforms, and cloud services.Recognized by my product and development partners as the clear point of escalation and subject matter expert for cyber, privacy, and product risk, my team defined design and engineering requirements for secure coding practices, CI/CD security automation, Static and Dynamic analysis (SAST/SCA/DAST), web and API security, vulnerability management, logging/monitoring (SIEM), incident response, etc.Additionally, as the leader for the Verizon IoT Security Center of Excellence (CoE), I also led a team of senior principal architects that created reference architectures and architecture-based solution designs to reduce enterprise and product risk created by IoT devices.

• Led teams that securely enabled business acquisition integrations, where Cognizant acquired 6-10 businesses per year. • Responsible for M&A security architecture across all information security domains, including conducting Security Program Assessments and risk identification through reviewing Threat & Vulnerability Assessments and Compromise Assessments.• My teams defined secure integration execution by creating current state architectures and then developing end-state and transitional architectures, including proof-of-concept execution and product purchase guidance.

• Led a team of architects, engineers, and PMs that establish policy, standards, and guidelines for all of Cisco’s enterprise infrastructure, including IT, Product Engineering, Supply Chain, Services, etc.• Responsible for securing all data networks (internal and external), user devices, and data center hosting systems, cloud-to-enterprise integration, and working with business teams to effectively apply security policy to their infrastructure through a combination of consulting, establishing consumable policy frameworks, and validating compliance through the Visibility & Control metrics program.