Reporting to the CIO I created a visionary cybersecurity program building an innovative, diverse, and committed cybersecurity team with successful programs including:
• Developed cybersecurity program communicating quarterly updates and KPIs to the board of directors and executive leadership
• Established global security policies and standards for privacy and compliance such as HIPAA and GDPR aligning incident response and disaster recovery with corporate crisis management
• Developed SDLC in conjunction with several IT teams to support DAST/SAST capabilities
• Established risk and vulnerability management programs aligned with CMMC, NIST, and CSF standards as well preparing for SOC 2, ISO 27001, and regulatory requirements
• Modernized endpoint security enabling cost reduction and reducing outages and incidents
• Integrated cybersecurity awareness into corporate culture and existing safety programs
• Developed a hybrid 24/7 Security Operations Center (SOC) and threat intelligen

Reporting to the CISO, Led policy and standards development for data and 3rd party supply chain security at BAE Systems
• Served on the Defense Industrial Base Sector Coordinating Council (DIB SCC) Task Force Oversight Committee, providing strategic direction and guidance on cybersecurity
• Member of the federal government's Cybersecurity Maturity Model Certification (CMMC) team
• Aligned BAE with NIST SP standards and established processes for assessing DoD vendor capabilities reducing 3rd party risk
• Improved supply chain security, data management, and overall information security practices
• Developed and delivered CMMC training programs enhancing security at vendors and supply chain
• Fostered a security-focused culture across IT and business teams within the organization

Reporting to the CISO I led the development of BAE's enterprise cybersecurity program and modernized risk management approach
• Designed security architecture, IT security strategy, and coordinated across organizational units
• Served as a trusted advisor to C-suite and board on information security, risk and policy
• Established Insider Threat and Enterprise Risk Management programs for continuous monitoring
• Implemented tools to mitigate state-sponsored threats and protect 45,000 global employees
• Fostered a security-conscious culture throughout the enterprise
• Advised the Department of Defense as a member of the NISPPAC NISA working group
• Enhanced the Risk Management Framework (RMF) process and ensured compliance with DFARS and NIST SP 800-53
• Developed Cyber Governance process and maintained an effective information security architecture
• Evaluated M&A targets for cybersecurity risks

Provided leadership and technical vision for the team by using problem-solving skills and an analytical approach to improve the IT and network infrastructure for our client before taking over internal responsibilities for corporate IT Operations
• Led day-to-day information technology operations for Active Directory and server management
• Worked across teams using collaborative approaches to solve problems
• Supported internal cloud environment across global architecture and global network operations
• Redesigned and implemented network infrastructure reducing annual costs
• Deployed automatic encryption systems to protect research and development
• Supported BAE Team in managerial and career advisory roles

Provided professional services including strategic planning, mergers and acquisitions, technical upgrades and roadmaps, systems integration, process improvement, ITIL implementations, modernization, startup support, and systems rationalization.