Over 20 years of governance and operational security experience. Executive level security consulting, to include program/portfolio creation and management. Provided board level reporting, security strategy creation and implementation, and global business security integrations. Acting CISO and Director of Security for large corporations. Led large multi-project teams at the program level, with oversight of multiple simultaneous and complex implementations of technical security projects. Designed and implemented most aspects of corporate security programs. Assisted large organizations in defining CISO responsibilities and requirements in order to provide alignment of security programs to business operations.
Consulting experience includes delivery of services to include large multi-project/multi-year programs. Provided executive advisory services in a variety of industries, to include retail, aerospace engineering, national/international banking, healthcare, manufacturing, logistics and transportation, federal/state organizations, and others. A wide range of regulatory experience includes PCI, SOX, FFIEC/FIDC, HIPAA, NERC CIP, and security framework knowledge extends to ISO/IEC 27001/27001, NIST, FISMA, OCTAVE and others.
Program level services for customers, including advisement to Fortune 100 executives (CIO and CISO), creation of corporate security programs and strategies, risk program operational definitions and implementation, and delivery of security/privacy framework implementations. Provided all aspects of creating and implementing multi-project technical programs, from requirements gathering to shifting systems into operational SDLC maintenance cycles. Created large risk management frameworks for global enterprises, to include complex operations such as mergers, acquisitions, and divestitures.
21-year military veteran as a nuclear weapons technician, threat officer, OH-58/AH-1/UH-60 helicopter pilot and maintenance operations officer.