Greater Philadelphia
Experienced Cyber Transformation Leader with over 20 years in cybersecurity. Known for delivering business-enabling security programs across diverse industries, including Banking and Financial Services, Insurance, Automotive, and Technology Services serving clients in Manufacturing, Retail, Healthcare, Communications, Energy and Utilities, Real Estate, and Travel sectors. Proven leadership in strategic planning and developing robust technology roadmaps to drive proactive cyber transformation, mitigate industry risks, and protect enterprises. Skilled in enhancing organizational technology capabilities, transforming digital presence, and improving cyber maturity, threat awareness, and counterintelligence capabilities. Experienced in building and managing teams from 2 to 150+ members, leveraging enabling technologies, optimizing costs, and ensuring legal and regulatory compliance. Security Programs: Board Reporting, Infrastructure and Network Security, Application/Product Security, Security Operations, Identity & Access Management, Mergers and Acquisition (M&A), Cloud Security, Threat Intelligence, Zero Trust, Data Loss Prevention, Detection Engineering, Incident Response, Vulnerability Management, GRC, Data Governance, Security Awareness, Enterprise Risk Management, Insider Threat, and Cyber Policy development. Compliance: Security: NIST CSF, ISO27001, SOC2 (Type I & Type II), CIS | Privacy: GDPR, CCPA, HIPAA | Financial: Sarbanes-Oxley (SOX), PCI Technology: On prem, Hybrid, Cloud native | SaaS, PaaS, IaaS
Strategic leadership and guidance to improve Cyber Security functions including Security Incident Response, Security Operations, Security Engineering, Identity and Access Management, Security Architecture, Cloud Security (Azure), Infrastructure Security, Network Security.
Led security transformation initiatives in various areas such as, - Security Incident Response - Security Operations - Security Engineering - Automation - Governance Risk and compliance
Technology management in the area of, - Malware Analysis - Web Security - Intrusion Prevention Systems - Firewalls & VPN Technologies - NetFlow Monitoring - AAA infrastructure - Network Audit - DDoS Mitigation and Prevention - Privileged identity management - Single Sign On
- Implementation of Database Firewall and Audit technology - Engineering, Operations and administration of Web Content Filtering - Engineering, Operations and administration of Privileged Access Management