Latest Content
Sr. Security executive with broad expertise in establishing operational Governance, Risk and Compliance (GRC) programs ... addressing enterprise information systems governance, security & privacy risk management, and regulatory compliances in both government and public sectors.
Extensive subject matter expertise leading security programs and establishing operational frameworks for IT risk mitigation for information systems and supported business applications. Comprehensive technical and business expertise to assess and determine appropriate controls for securing business operations, protecting data privacy, and incorporating layered security solutions that optimize the return on information system resources investments.
Strong cross-departmental management skills with an aptitude and track record for building, leading and establishing enterprise-wide risk management programs and teams.
Core Competencies:
- Information Systems Security & Privacy Risk Assessment and establishing Risk Management Programs
- International, Federal and State Regulatory Security & Privacy Audit Compliance Management
- Enterprise Information Systems Policies, Procedures and Security best practices
- Governance Program for IT Operations Process/Change Management, Vendor Risk Mgt. and Business Continuity Mgt.
- Security Solutions/Techniques for protecting Sensitive Information and Critical Business Systems/Services
- Specific understanding of FISMA, NIST Cybersecurity, IRS 1075, PCI-DSS, HIPAA/HITECH, GLBA, FFIEC, FERPA, SOX, SSAE16, BITS, SOC1/SOC2/SOC3, ISO/IEC 270001/27002, MA EO 504, MA GL 62C/62E/66A/119A, BSA/AML FDIC compliance, ITIL V3 and COBIT 5 certified.
- Familiar with various Risk Management, Cybersecurity and business continuity tools/solutions for multi-platform (Unix, Red Hat Linux and Windows) systems.