Castle Rock, Colorado, United States
As a seasoned cybersecurity professional, I specialize in protecting digital assets for leading global retail and manufacturing companies. With expertise in virtual CISO and CTO services, information security operations, IT governance, risk and compliance, and cybersecurity threat management. I excel in implementing best-practice frameworks such as NIST CSF, 800-53, 800-171, and ISO 27001. My leadership extends to advising C-suite executives on major security and IT infrastructure projects, digital transformations, and cloud migrations. I have a proven track record in aligning cybersecurity operations with top-tier MSSPs and SOCs, developing robust cybersecurity, governance, risk, and compliance programs that meet PCI-DSS, GDPR, HIPAA, HITRUST, and CPRA standards. Let's connect to explore collaborations and discuss how I can enhance your organization's cybersecurity posture. #CybersecurityLeader #InformationSecurityExpert #ITGovernance #ComplianceExcellence #ClientRelationships #RiskAssessment #CTO #VirtualCISO #MSSPAlignment
Vice President of IT Infrastructure and Cybersecurity managing team across infrastructure cloud platform experts and cybersecurity professionals for private aviation management company.
Deliver fractional and fulltime CISO and CTO services to over 16 global retail and manufacturing companies with diverse risk profiles to ensure cybersecurity measures and strategic technology leadership. Direct information security operations, incident management, IT governance, risk and compliance, and influence executive leadership to onboard best in practice cybertechnologies for their organizations. Lead quarterly and annual PCI-DSS and NIST CSF assessments, data security audits, ensuring robust protections are in place, tested and certified. Developed and tested DR and BCP strategic recovery plans and documented RPO timelines and recovery and incident handling playbooks. Conducted due diligence and NIST security assessments including penetration testing for M&A and IPO readiness. Lead IT security teams to enhance overall cybersecurity and EDR capabilities to strengthen cloud, firewall, and network security posture. Conduct proof of concepts for email security, AI and cloud-based threat management. Help foster customer relationships between top-tier CIO's, and managed EDR and MSSP's partners acting as a field CISO, overseeing the customer's strategic cybersecurity roadmaps. Manage corporate cybersecurity and Website security essentials and NIST CSF maturity assessments. Oversee overall monthly KPI and risk reporting for executive leadership teams
In the role of delivering virtual CISO and CTO services to global retail and manufacturing companies, I lead cybersecurity initiatives, oversee risk assessments and audits, and develop recovery plans with strict timelines. I enhance security operations by implementing frameworks such as NIST CSF and ISO 27001, advise executives on major projects and security enhancements, and ensure compliance with industry regulations like PCI-DSS and GDPR. Additionally, I foster client relationships, support key customers like SVP Worldwide and Platinum Equity, and collaborate with teams to integrate security into software development processes.
Provide fractional CISO and IT strategic project services to SVP Worldwide, doing business through SVP-Singer Holdings, Inc. and its affiliates, is the world’s largest consumer sewing machine company, accounting for approximately one out of every three sewing machines sold annually globally. Manage cybersecurity operations and GRC. Oversee IT security projects and MSSP and EDR onboarding and vendor management. Improve overall security posture. conduct quarterly and annual security and risk assessments.
Managed IT cybersecurity operation team. Enhanced cybersecurity operations by aligning with Managed Security Service Providers (MSSPs) and focusing on effective threat hunting, detection and response making sure robust security measures were in place. Leading the IT and security incident response team, I ensured swift mitigation of threats and data breaches. Additionally, I coached security team members, fostering collaboration and helping them to enhance their skills to improve overall team effectiveness.