Greater Chicago Area
I advise healthcare executives, boards, and CISOs on managing cybersecurity risk and regulatory complexity in large, high-stakes environments. My work centers on strengthening enterprise security posture, aligning cybersecurity with business priorities, and enabling organizations to navigate regulatory requirements and evolving threat landscapes with confidence. With 25+ years across healthcare IT leadership, cybersecurity consulting, and business ownership, I bring a combination of executive advisory experience and hands-on program leadership. I have led large-scale cybersecurity and risk initiatives and supported organizations in making informed, strategic decisions that balance risk, compliance, and operational needs. I’m particularly interested in opportunities where I can operate as a senior advisor while also contributing to client growth and expansion within healthcare-focused cybersecurity practices.
Serve as a trusted cybersecurity advisor to hospital executives and health system leadership, supporting enterprise security and risk initiatives across complex, multi-site healthcare environments. • Advise C-suite executives (CIO, CISO, CFO) on cybersecurity strategy, aligning investments with enterprise risk tolerance and business priorities • Lead enterprise cybersecurity and risk programs for healthcare organizations, spanning governance, risk management, incident response, and business continuity • Translate security assessments into executive-level roadmaps with clear business justification, enabling prioritized, risk-informed decision-making • Guide organizations through cybersecurity maturity and resilience initiatives, including development of executive-sponsored incident response and continuity programs • Support regulatory and compliance initiatives (HIPAA, HITRUST, NIST CSF, ISO 27001), helping organizations operationalize requirements within complex clinical environments • Led Promoting Interoperability assessments for EHR platforms, aligning federal compliance requirements with clinical and operational workflows • Developed proprietary assessment methodologies and tools that enhanced service delivery efficiency and contributed to improved client outcomes and engagement expansion • Contributed to expansion of client relationships through ongoing advisory and delivery leadership across cybersecurity and risk initiatives
Conducted enterprise risk assessments and provided strategic security guidance to healthcare organizations navigating HIPAA compliance and cybersecurity program development. • Led comprehensive cybersecurity assessments using NIST frameworks (CSF, 800-series) and COBIT methodologies • Delivered risk-based recommendations to executive stakeholders, prioritizing controls by business impact • Advised on cybersecurity program maturation and regulatory compliance strategies
Provided strategic security and infrastructure consulting to healthcare organizations, with particular expertise in secure remote access and hybrid work transformations during the COVID-19 pandemic. • Advised healthcare executives on security strategy aligned with NIST best practices and regulatory requirements • Guided organizations through secure remote work transitions, balancing security controls with operational continuity • Conducted network and security assessments that informed capital planning and risk mitigation strategies • Positioned organizations for secure collaboration and telemedicine expansion
Led network assessment following the acquisition of a new hospital system by a large academic medical center. This included assessment of firewalls, physical security controls, datacenters, and network.
Led IT operations for three Chicago-area hospitals (Loyola University Health System) post-acquisition, managing teams across infrastructure, operations, and security while overseeing $5M annual capital budget. • Directed cross-functional IT teams (Identity Management, Help Desk, Desktop, Server, Operations) supporting critical care delivery across three hospital campuses • Managed $5M annual capital program encompassing infrastructure lifecycle, Epic EHR upgrades, and data center security initiatives • Led incident command during unplanned outages, minimizing patient care disruption through coordinated technical response • Implemented enterprise change management processes and chaired weekly CAB meetings, improving system stability • Built strategic relationships with senior clinical and administrative leadership, elevating IT's credibility and aligning technology investments with organizational goals • Drove measurable improvements in customer satisfaction through SLA tracking, KPI reporting, and proactive service delivery