Washington DC-Baltimore Area
• Seasoned information security manager with professional experience specialized in information security, enterprise risk management, policy development and systems architecture. • Subject matter expert in areas associated with threats against the domestic financial service institutions including phishing, malware and account credential compromises with technical certifications including CISSP, CISA, CISM, and CIPT. • Known for demonstrating superb management, leadership, problem solving, communication and decision making skills. Specialties: • CISSP, CISA, CISM, CIPT
CISO work... just as you would imagine.
Client: Government Contracting Solutions Provider o FISMA controls evaluation for Government contractor in line with NIST 800-171 o Ownership of compliance of controls to meet FISMA ATO guidelines Client: Government Sponsored Enterprise o Working to establish a refined controls enterprise level framework against standards and guidelines including: SOX, COSO, and COBIT o Provided guidance concerning technology risk Client: Credit Union o Evaluated newly created information security policies and evaluated against their basis, ISO 27001/2 o Coordinated business and IT departments to communicate and education on the policies while determining compliance ability o Created a gap assessment of the ability of the business to comply with the ISO 27001/2 security policies Client: Electrical Utility o Development an internal security program (where none previously existed) with primary focus on securing the underlying SCADA infrastructure and the company’s electronic security perimeter (ESP) and physical security perimeter (PSP) o Managed security compliance of NERC CIP standards (with a heavy focus on CIP-007) o Project managed security efforts including annual cyber vulnerability assessments (NERC CIP requirement) and implementation of security tools to mitigate threats including Flexera / Secunia, Tripwire, Wombat, McAfee vulnerability scanner and McAfee security information and event management (SIEM) appliance (greenfield implementations)