United States
Information protection focused professional with a wide range of information security, risk, compliance and technical expertise. A solutions oriented team leader with extensive experience providing forward thinking data protection solutions in the financial services industry. Security Architecture - Amazon Web Services (AWS), Vulnerability Management & Remediation, Incident Response & Crisis Management, Identity and Access Management (IAM), Access Control, BCP/DRP, DLP, Encryption, Mobile Devices (incl. BYOD Strategy), Virtualization, Cloud Strategy & Security, Forensics, Investigations & E-Discovery; Emerging Technologies. Information Security & Risk - Control Frameworks (COBIT, ISO 27001/2, Cloud Security Alliance, AICPA [SOC - SSAE16/ISAE-3402], etc..), GRC Methodologies and Toolsets, Third Party Security/Risk Assessments, Contract Reviews, Internal Technical Assessments, Policy Design and Implementation. Compliance - Security Awareness training program design & implementation; SOX, HIPAA, HITECH, GLBA, EU Data Protection Directive, Canadian Data Privacy (PIPEDA), PCI-DSS, State (U.S.) Regulations et al. Application Vulnerability Assessments (OWASP) & Remediation.