- Was brought in to Saks OFF 5TH to separate the security teams and processes from the parent organization
- Led Privacy and Security initiatives, pro-actively identifying risks and providing guidance and strategy for the business to decide on a go forward plan.
- Worked closely with Legal, Marketing, Development to enact these.
- Managed IT Security strategy and partnered with HR for smooth on and off-boarding experiences
- Automated Identity and Access Management reducing on-boarding from 2 weeks to real-time
- Led application Security initiatives for a fast paced developer led environment.
- Identified Technology and Compliance failures and worked cross functionally to remediate.
- Built out the organizations Business Continuity plan aligned to the ISO 22301:2019 standards.

HUMAN uses modern defense to safeguard organizations from bot attacks and fraud.

· Joined HUMAN pre Goldman-Sachs buyout to re architect the technology stack for rapid growth.
· Led name change initiative and migrated the entire technology platform to a Single Sign-On process.
· Spearheaded efforts to enable HUMAN to obtain their first unqualified SOC2 Type 1 report.
· Obtained HUMAN’s first ISO/IEC 27001 certification enabling international expansion.

· Responsible for the Security program of the organization, reports to the CEO of MSG Ventures, a wholly owned subsidiary responsible for technology innovation and management.
· Founding member of the Diversity and Inclusion Committee. · Built a new security program and partnered across the organization to become PCI compliant after MSG and subsidiaries Point of Sale systems were compromised.
· Designed security roles and hired a team to support the business. · Developed and executed an organization-wide, user security awareness program which resulted in industry leading phishing reporting results. · Established an application security and system vulnerability management program, which resulted in reduction of risk for regulated public facing systems.
· Collaborated with Legal to form a third party risk assessment program.
· Enabled cloud first strategy for the business and moved the majority of applications to SaaS platforms.
· Created a continuous red teaming program.

The New York Times Company is an American media company which publishes its namesake, The New York Times.
• Responsible for the Information Security program of the organization, reported to the CIO, Audit Committee and Board.
• Enhanced PCI Compliance by sponsoring and facilitating the implementation of client side encryption and tokenization for all ecommerce applications.
• Worked closely with multiple business units to define security strategy and risk tolerance.
• Engaged with external Law Enforcement on a regular basis to share and consume Threat Intelligence.
• Initiated multi-factor authentication initiative across the enterprise for our Google Suite (5000 users) and ~500 core applications with 100% compliance achieved over two years.
• Championed end to end encryption across the organization including the launch of HTTPS everywhere.

Avon was a 10.8 Billion dollar international beauty and personal care company that sells products through representatives in over 140 countries.
Responsible for improving and augmenting the security infrastructure, managing third-party vendor relationships, and performing Incident Response Lead functions
• Maintained PCI Compliance and Web Application testing.
• Spearheaded web environment changes and third party static analysis for enhancements to the Systems Development Life Cycle.
• Implemented Data Loss Prevention and Full Disk Encryption across ~75k employees
• Managed global Firewalls and SSL VPN for all users and contractors (200k).
• Administered SIEM and developed and implemented Host Intrusion Detection System (HIDS) on Production/QA/Development environments as a part of Server Security Enhancement Project.

PokerStars is the world's largest poker site with nearly 50 million registered players and the home of the World Championship of Online Poker.
Supervised and managed six primary offices' infrastructures, operations, and security policies
• Global Implementation of RSA SecurID, and SSL VPN
• Global Firewalls and Switch and VeriSign SSL deployment management
• Built the new IOM data center and completed cross continent migration.
• Implementation of posture checking of clients for Network Access Control
• Management of routers, firewalls, security policies, and critical infrastructure

KYCOS was a Know Your Customer (KYC) company that performed due diligence activities for financial institutions and other regulated companies. Responsible for maintaining system, software and security policies across the enterprise while reporting directly to the Chief Technology Officer
• Oversaw/maintained DNS, web services and email accounts
• Supervised and managed routers, firewalls and security policies
• Relational Database Administrator (IBM Content Manager and Oracle)
• Developed a TSA (Time Stamping Authority) for the authentication of dates and times on documents using the OpenSSL framework.
• Administered IBM AIX, Oracle, FreeBSD and Linux, and Microsoft Server Suite of products