• Virtual Chief Information Security Officer (vCISO) accountable for securing multiple small and medium-sized businesses. Primary efforts include ensuring that all information security and compliance-related objectives are implemented, executed, and maintained in relation to the business objectives. Provides strategic guidance and implementation for various technical requirements, including network, cloud, application, and identity access management issues. Demonstrated experience with cyber security concepts including encryption services, access control, information protection, and network security.
• Developed and implemented Enterprise Security Program, including policies, procedures, and training program across 11 departments and 1200 employees.
• Performed regular risk assessments, developed risk management strategies to mitigate identified risks, and recommended new security solutions.
• Established the company's security incident response program, including incident investiga

• Chief Information Security Officer (CISO) accountable for the company's Information Security program and maintaining of ISO 27001 and SOC 2 certifications. Primary efforts include ensuring that all information security and compliance-related objectives are implemented, executed, and maintained in relation to the business objectives. Provided strategic consulting directly to the CEO and CIO.
• Developed and drove the strategic direction of the information security program globally to align with business goals and objectives based on the information security metrics (KPIs) to ensure effective implementation and annual updates.
• Developed and implemented a comprehensive information security strategy aligned with business objectives, resulting in a 30% reduction in
security incidents, from 200 to 140 per year, by creating a security team of five people, which included hiring two security architects, two
security analysts, and one security engineer.
• Reduced the organization's risk

• Information Security Director charged with implementing information security measures, processes, and procedures that further protect Mblox operations. Primary efforts include leading the design, implementation, and alignment of the Information Security Management System based on the ISO/IEC 27000 series standards.
• Developed business-relevant metrics to measure the efficiency and effectiveness of the Information Security Management program, facilitate
appropriate resource allocation, and increase the program's maturity.
• Managed data security systems and techniques for detecting, reporting, and investigating breaches in systems security. Primary systems include AlienVault SIEM, OSSEC, OpenDNS, and other investigation platforms.
• Ensured the Information Security Management program supports compliance with applicable laws, regulations, contractual requirements, and policies to minimize or eliminate risk and address audit findings.
• Provided leadership and strategic direction

• Information Security Specialist responsible for the overall implementation of federal governance and compliance initiatives.
• Worked directly with the CISO as a part of the Enterprise Security Management team to develop all FISMA compliance policies and
guidelines to be used across the university.
• Devised a strategic plan for information security risk management to meet regulatory requirements and audit recommendations that received unanimous support from the chief information security officer, CIO, and governance board.
• Composed and deployed a unifying governance standard encompassing all applicable elements of HIPAA. Authored and delivered HIPAA
training to employees and managers.
• Conducted internal assessment of Emory practices against HITRUST Common Security Framework (CSF) prior to CSF assessment.
• Conducted risk-based assessments for the establishment of baseline security practices and policies.
• Increased organizational awareness by educating end users and sta

• Technical Program Manager responsible for the overall information security posture for a variety of Department of Defense (DoD) information systems.
• Managed a diverse IT security team comprised of software developers, network engineers, and system administrators in relation to Data Center Migration taskings.
• Managed both co-located as well as dispersed teams by producing status reports and resolving day-to-day issues.
• Project lead for a variety of certification and accreditation documentation projects that include the development of Risk Assessments, System Security Plans, Contingency Plans, and NIST Self-Assessments.
• Established credibility and rapport with senior DoD program managers and stakeholders at multiple levels, including those external to the
organization by maintaining regular communication.
• Crafted weekly project status reports per PMO templates; tailored content and presentation for various stakeholder levels (VP, Directors, senior managers, customers).

• Manager of the communication-computer branch supporting Special Operations missions. Managed and directed the section's daily operations.
• Information Technology advisor for all IT acquisitions assisting with budget preparation and cost projections for information security projects.
• Established technical infrastructure requirements, including Network Topology, Desktop Systems, Servers, and Wireless Acces s.
• Conducted routine vulnerability scans to identify vulnerabilities in networks, applications, and other systems.
• Provided network service support to 2500 customers serviced by Charleston AFB. Administered unclassified and classified cor
● services
including network monitoring, electronic mail services, file servers, secure remote access, web servers, and SANs.
• Provided technical advice and solutions for 102 Workgroup managers for all LAN/WAN systems.
• Conducted base-wide wireless site survey for access point locations.
• Performed configuration and installation o