Kissimmee, Florida, United States
I am a hands-on security and IT leader who believes in turning complex compliance challenges into business wins. My passion lies in building high-performing teams and creating practical security programs that actually work. I'm known for straight talk on risk, engaging cross-functional teams, and making security make sense to everyone from developers to the board room. What drives me? Taking organizations from 'security as a roadblock' to 'security as a business enabler' through practical solutions and strong team development to elevate both resilience and trust, ensuring organizations are prepared for what’s next.
• Led the organization through three SOC 2 Type II audits and achieved GDPR compliance. • Actively guiding the team towards ISO 27001 certification to enhance security posture. • Reduced cyber insurance costs for consecutive years while optimizing operational efficiency.
• Led the Information Security and Infrastructure team, driving strategic initiatives in security, risk, and compliance. • Developed and managed the Information Security Program, ensuring alignment with organizational goals. • Conducted comprehensive risk assessments to identify vulnerabilities and formulate effective security strategies. • Supported project management efforts while ensuring adherence to ITIL principles for improved service delivery.
• Developed and certified critical infrastructure solutions in alignment with corporate information security standards. • Conducted reverse engineering of enterprise solutions to assess vulnerabilities impacting confidentiality and integrity. • Tested various systems, including power and security, to identify vulnerabilities before production integration.
During my 6-month contract at TEKsystems, I focused on enhancing endpoint security and vulnerability management for a financial institution. I implemented an asset management solution, fine-tuned security measures to reduce alert fatigue, and partnered with the risk management team to ensure compliance. My proactive research into emerging cyber threats helped strengthen our defenses against potential attacks.
• Supported all security functions including operations, governance, compliance, and incident response at Inovalon. • Led PCI Compliance efforts for cardholder data, translating security concerns into business risks. • Managed vulnerability and remediation programs, transitioning from Alert Logic to Tenable for enhanced scanning. • Designed and delivered IT training projects for over 300 staff as a corporate IT trainer including security awareness and PCI DSS.