Strategic, certified (CISSP) information cybersecurity expert with of more than 20 years of experienced in application and compliance cybersecurity for complex and diverse enterprises. Focused on development and deployment of long-term security strategies and solutions by dynamically collaborating with clients across a multitude of industries. Establishes long-term relationships allowing for continued support and refinements as organizations grown and adapt to ever-changing conditions.
AREAS OF EXPERTISE
Cybersecurity in large and complex organizations.
Regulatory and audit cybersecurity analysis and compliance (HIPAA, HITECH, NRC, PCI, ISO 27001/2, GLBA, and SOX-404).
Cybersecurity frameworks (NIST 800-xx, NIST Cybersecurity Framework, & COBIT).
Cybersecurity policy and procedure development and integration.
Long-term cybersecurity strategy implementation.
Business continuity and disaster recovery cyber-incident management.
Cybersecurity Role Based Access Control development and implementation.
Risk and Control GAP analysis and mitigation strategies.
Application and data security governance.
IT Security awareness and training programs.
Lead enterprise-wide data classification and critical asset management project for a global industrial manufacturing organization.
Analyzed and implemented corporate IT cybersecurity strategies aligned with corporate strategies with a focus on application security and compliance to industry standards and regulations.
Facilitated the documentation and implementation the NIST Framework for Improving Critical Infrastructure Cybersecurity per Executive Order 13636 for a large energy sector organization.
Facilitated the compliance of HIPAA/HITECH security and application security risk and control assessment for a large southwestern Pennsylvania hospital organization.
Ensured policy and procedure standardization and compliance for several cybersecurity assessment clients.
Managed project and application security expert for an enterprise-wide, 15,000 employee, Role Based Access Control development and implementation.
Mentored Information Security Analytical team.
Developed and maintained corporate HIPAA/HITECH Security policies and procedures.
Developed and implemented HIPAA/HITECH Security requirements and compliance for regional and national health insurance providers.
Ensured SOX-SOD compliance within an enterprise claim processing and management application for a national health insurance provider.
Defined and published training requirements for Information Security staff.
University of Central Oklahoma
1992-1996 – Bachelors in Business Administration – Management of Information Systems.
Pennsylvania State University
2014 – Current – Pursuit of Management of Business Administration master’s degree. Expected graduation – May 2018.
Certified Information Systems Security Professional (CISSP) – 507252, March 2016