A committed security executive, I have 20 years of experience in information security, including security processes, procedures, policies, and compliance. I’m a passionate Security Officer with expertise in identifying security gaps and working with companies to develop the safe and effective policies and procedures to mitigate those risks. My expertise has driven proven success in building effective security teams through strategic hiring, leadership through example, and excellent communication skills.
Successfully helped guide and manage two companies through acquisition, transition, and IPO.
Expertise in developing, implementing and managing IT security strategy and policy, risk management, intrusion detection, vulnerability assessment, network security design, application security and incident response
Strong project management and product strategy skills. Expertise in technology research and effective application of emerging technologies. Strong communication skills – effective in presentations to both technical and non-technical audiences.
Certifications:Cisco Certified Network Associate (exp.); Microsoft Certified Systems Engineer (exp.); Certified Novell Netware Administrator (exp.); A+ Certified (exp)
Regulatory/Audit: SOX; SOC2; PCI; Webtrust
Concepts: Threat & Vulnerability Assessment & Management; Risk Assessment & Management; Security Policies & Procedures; Risk Mitigation; Disaster Recovery Procedures; Business Continuity Management; ITSec Principles & Practices; Authentication & Authorization; Validation; Security Awareness; ID & Identity Management; Patch Management; Forensics; Pen-testing; Web Application Security; Secure Coding Principles
Specialties: IT Security, Risk Assessments and Management, Security Architecture, Governance and Audit, Product Security, Vulnerability Assessments