Experience (and examples)
Delivering High Value
- Reduced Cybersecurity Risk
- Performed dozens of risk assessments / strategic plans for clients of all sizes and industries across the united states
- Educated Clients
- Integrated new entry-level and mid-level analysts into the existing security program
- Provided clarity of execution for management
- Improved Client and Vendor Relations
Industries
- Financial Services
- Credit card processing company that needed to reach service provider level 1 PCI compliance.
- A new credit card company that was buying and building card portfolios, and needed NY DFS compliance.
- Startups
- P2P payments company that needed a brand new security program. There were 3 people working there at the time. We started with a risk assessment and then had monthly meetings to help them progress where they could afford to do so.
- Software development company with a referral product that had a solid IT security program in place, but wanted to make sure they didn't miss anything critical.
- A larger software development company that still operated like a startup. We lifted up their security program to meet SOC2 type II and ISO 27001 compliance. A client due diligence program and vendor management program were put in place to satisfy several large customer needs.
- Health Care
- Risk assessments on several regional health care entities that all had multiple locations.
- Manufacturing
- Several companies that didn't have compliance needs, but wanted to make sure that they fully addressed security concerns within their IT security program.
- Public / Municipalities
Previous Roles I've Held
- Virtual Chief Information Security Officer (vCISO)
- Chief Information Security Officer (CISO)
- Director of Risk Management
- Senior Network Security Analyst
- Pre-Sales Engineer
- Networking Technical Support Analyst
- Project Manager / Consultant
Certifications
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)