United States
As a Senior Manager in Cybersecurity and GRC, I focus on bridging the gap between technical security operations and executive business strategy. With over a decade of experience across fintech, manufacturing, and HR technology sectors, I have built and matured security programs that not only protect organizational assets but also enable business growth. My background spans the full spectrum of the security lifecycle—from hands-on engineering with firewalls and SIEMs to architecting enterprise-grade GRC frameworks and leading high-performing teams. Driven by a strategic vision for organizational resilience, I am dedicated to evolving security functions into business enablers, laying the groundwork for executive security leadership. Currently, I lead Cyber Risk Management at UKG, where I recently rebuilt the enterprise GRC program and pioneered an AI risk management initiative to address adversarial threats and systemic vulnerabilities in emerging technologies. My expertise lies in translating complex risks into actionable intelligence for the C-suite; I have successfully directed security integrations for multiple mergers and acquisitions, engineered weighted risk calculation models to quantify exposure, and consistently delivered data-driven insights to executive boards. Whether implementing ISO 27001 compliance or streamlining exception management to reduce processing time by 40%, I prioritize scalable, measurable processes that align with regulatory standards like NIST CSF, GDPR, and FedRAMP. I am a lifelong learner committed to staying ahead of the curve, holding a Master of Science in Information Technology and actively pursuing advanced certifications. Beyond the technical, I am passionate about mentorship and professional development, having guided numerous analysts toward career milestones and promotions. I thrive in dynamic environments where I can leverage my diverse background—from "Head of Security" roles to technical engineering—to solve critical business challenges and drive a culture of security awareness.
Senior cybersecurity leader responsible for enterprise-wide governance, risk, and compliance at a global HCM SaaS company serving 70,000+ customers. Rebuilt the GRC program from the ground up, leading a team of 7 analysts across risk management, controls compliance, audit readiness, and exception management. Achieved unqualified SOC 1, SOC 2, and ISO 27001 opinions across multiple products and M&A integrations. Pioneered the organization's AI risk management program and developed AI-powered automation tools for compliance workflows and continuous control monitoring. Delivered regular security reporting to CISO and board-level stakeholders, driving executive alignment on cybersecurity priorities and remediation accountability
Built and led the security function for a publicly traded, multi-jurisdictional financial services organization operating under US and Canadian regulatory frameworks including OSFI and SWIFT CSP. Owned all aspects of cybersecurity strategy, operations, compliance, team leadership, and budget. Developed and presented multi-year strategic roadmaps to board and executive leadership. Independently managed SOC 1 and SOC 2 audit cycles, achieving unqualified opinions. Established a centralized cyber risk register in partnership with Enterprise Risk Management and drove enterprise-wide alignment on financial regulatory compliance obligations.
Built and led the security function for a publicly traded, multi-jurisdictional financial services organization operating under US and Canadian regulatory frameworks including OSFI and SWIFT CSP. Owned all aspects of cybersecurity strategy, operations, compliance, team leadership, and budget. Developed and presented multi-year strategic roadmaps to board and executive leadership. Independently managed SOC 1 and SOC 2 audit cycles, achieving unqualified opinions. Established a centralized cyber risk register in partnership with Enterprise Risk Management and drove enterprise-wide alignment on financial regulatory compliance obligations.
Served as the security engineer for a global manufacturing organization with operations across 3 international locations and 6,000+ endpoints. Owned the full security technology stack and led cross-functional security initiatives spanning networking, IT, legal, and external vendor relationships. Conducted risk assessments across IT and operational technology (OT/ICS) environments — a relatively rare capability in enterprise security — translating findings into executive-ready remediation roadmaps. Reduced organizational risk exposure by 40% within 90 days and delivered monthly security metrics to the CISO and executive risk committee.