I'm an enthusiastic San Francisco-based information security guru. I dabble in all things security-related and have recently expanded my expertise into data privacy and digital forensics.
A little more information about me...
This is a rough assessment of where I am in my career development, taking into account the skill sets I am still seeking to further develop.
2017 - Present
Responsible for development and execution of IT security strategy initiatives. Leveraging CIS Top 20 Critical Security controls to isolate high-profile security risks and design/execute security strategies to mitigate. Developing/executing corporate security training. Driving Security risk assessments across IT & Infrastructure and developing program strategies to address key risk areas and vulnerable environments.
Built and Managed a team of four in the development and execution of compliance strategy initiatives. Drove initial assessments of compliance/audit impact from Public Offering state. Developed and Maintained the IT components of annual SOX assessments (policy/process ownership and collection, organization, and distribution of audit material). Reduced budgetary costs by 20% by developing reliance strategies and streamlining internal/external audit processes.
2011 - 2015
Responsible for driving Security/Data Privacy and Regulatory compliance across IT programs. Developed and supported ongoing security risk reduction strategies through organizational procedural changes.
2007 - 2011
Responsible for driving operational security for Citi North America, with a focus on managing operating system vulnerabilities across 200,000+ systems. Reduced IT risk by nearly 90% by streamlining patch management efforts and coordinating processes among system owners.
San Francisco, CA
New York, NY
Phone: [redacted due to spam]