Spokane-Coeur d'Alene Area
ACCOMPLISHED INFORMATION SECURITY EXECUTIVE with a proven ability and rich expertise in the successful execution of Information Security programs in global organizations. Specialist in building high-performing security teams and fostering a culture of data protection through business enablement, achieving positive, measurable behavioral change through accountability and integrity. Soft/Hard Skills: Technology & Security Leadership, Effective Communication, Public Speaking, C-suite Expertise, SecOps / Threat Intelligence, InfoSec Architecture, Education, & Governance, Incident Detection/Response, Global Privacy Program Mgmt, M/A Oversight, SSAE16/SOC2 Audit Mgmt, Risk Management, Back-office ERP, NG/Web Application Firewalls, MS Active Directory, 2FA/Public Key Crypto (PKI), SoX/PCI Governance, Cloud Computing & Trust Model Design Certified Chief Information Security Officer (C-CISO)
Cybersecurity has never been more prevalent than it is today. The shortage gap of experienced information security professionals continues to widen, even more so for business-minded cyber risk leaders. At Cyber Self-Defense, we help bridge this gap by providing industry experienced cybersecurity leaders and staff with business enablement in mind. Our Enterprise services portfolio include: • CISO-as-a-Service holistic security programs • Small/medium start up packages • Board-serving (directors) cybersecurity expertise • Cyber risk assessments • Policy management • Audit/compliance • Digital forensics & incident response management • Employee engaged security education & awareness training • and so much more… As a proud Mile2 partner, we also provide professional IT and cybersecurity certifications accredited by the NSA and the Department of Homeland security. If you’re in need of short-term cyber security expertise, or looking for something more strategic and industry aligned, we have the information security skills to help your business succeed.
● Responsible for global information security vision, strategy, governance, management, and architecture ● Business relationship manager with key stakeholders ● Developed business-enabled risk assessment program ● Founded global Incident detection and response plan ● Led Cyber Self-Defense education and awareness program ● Led SSAE16/SOC2 service audit programs ● Disaster Recovery and Business Continuity advisory ● Shared responsibility for global Privacy program
● Groomed as successor to CISO ● Hand-selected by CIO as Next Generation Global IT Leader ● Developed enterprise Insider Threat Program using user and machine learning to identify behavioral anomalies ● Author of phishing awareness exercises and “cyber self-defense” education programs ● Responsible for employee information security training programs ● Cyber Threat Intelligence organizational liaison ● Cyber Defense Auditing - Red Team business ambassador ● Architected Cloud/SaaS API development integrating Big Data within SIEM analytic ecosystem ● Built Information Classification add-on for Google Apps for Work ● Designed Insider Threat program using on user behavioral monitoring and analytics methodology centered on privacy ● Reduced OPEX costs over $1M through vendor negotiations, solution consolidation and open-source tool augmentation ● Managed over $4M solution, service and support OPEX budget for cyber defense and incident response ● Primacy business relationship manager (BRM) contact for IT security ● Lead Global IT Intern program four years consecutively
● Responsible for defining strategy and technical implementation of information security architecture, risk management and cyber defense initiatives. ● Owner of cyber defense program; detecting targeted malware (APT), preventing endpoint infection and remediation ● Developed business-partnered information security architecture standards ● Author of computer security incident response and remediation program ● Co-chair of risk management committee; facilitating risk awareness to business and information owners ● Information security governance and policy management ● Designed Secure Development Environment protecting sensitive information within business engineering groups against unauthorized access, theft and data exfiltration ● Recurring security advisory consultation for business government affiliates ● Proven program management, leadership and C-level/executive communication skills
● Responsible for leading the integration of physical and information security architecture teams towards a risk-based approach for asset protection and security management
● Solutions-oriented and business facing, providing scalable and robust risk-based security assessments, designs and solutions for product groups and Information Technology ● Designed and implemented Zero Trust internal DC architecture ● Member of PCI compliance board for Level 2 merchant classification
● Built customer-facing security consulting business for Motorola services organization ● Designing and implementing security reference architectures for carrier-class network operators, LMR radio deployments, local and federal municipalities and Fortune 500 enterprises