Principal Consultant

• 2022 - Present

Senior Director, Governance, Risk & Compliance

• 2021 - 2022

Oversee the design and implementation of Sema4’s governance and compliance practices, enterprise risk processes, and investigatory processes. Develop, test, and maintain big data solutions. Collect data into high-quality formats and optimize for query and analysis. • Installed a risk & internal control framework to respond to evolving risks and strategic priorities. • Received certification in Validation Assessment for HiTRUST. • Restructured the HiTRUST certification to Continuous Compliance, resulting in cost savings for over 5 years. • Established a risk analysis and self-assessment program for business and IT systems. Show less

Head of Governance Risk Compliance

• 2019 - 2021

Built the Governance, Risk & Compliance program within the Information Security department. Assessed Renown Health's compliance and risk posture regarding information assets and implemented new security solutions. Generated training manuals on information security policies, standards, guidelines, processes, and procedures. Established a risk analysis and self-assessment program for business and IT systems. Built the Governance, Risk & Compliance program within the Information Security department. Assessed Renown Health's compliance and risk posture regarding information assets and implemented new security solutions. Generated training manuals on information security policies, standards, guidelines, processes, and procedures. Established a risk analysis and self-assessment program for business and IT systems.

HIPAA Compliance Officer

• 2017 - 2019

Built the university HIPAA compliance program in alignment with federal, state, and local HIPAA regulations. Executed HIPAA audits on university healthcare, testing privacy, security, and breach notification alerts. Coordinated with vendors and IT service providers to ensure proper documentation of HIPAA obligations. Built the university HIPAA compliance program in alignment with federal, state, and local HIPAA regulations. Executed HIPAA audits on university healthcare, testing privacy, security, and breach notification alerts. Coordinated with vendors and IT service providers to ensure proper documentation of HIPAA obligations.

Director of Information Security (CISO)

• 2014 - 2017

Directed annual penetration testing, GLBA risk assessments and control testing, and security control assessments. Any other duties? • Devised an Information Strategy Plan to meet Information Security Framework and Program goals. • Built the 3rd party management program to reduce risk. • Directed a novel FFIEC Cyber Assessment Tool (CAT) assessment. Directed annual penetration testing, GLBA risk assessments and control testing, and security control assessments. Any other duties? • Devised an Information Strategy Plan to meet Information Security Framework and Program goals. • Built the 3rd party management program to reduce risk. • Directed a novel FFIEC Cyber Assessment Tool (CAT) assessment.

Chief of Systems Security/Admin

• 2011 - 2014

Information Management Branch Chief

• 2009 - 2011

Information Security Officer

• 2005 - 2009

Information Technology Specialist (ITCS - Retired)

• 1985 - 2005

Served and retired as an Information System Technician – Senior Chief (ITCS) at various commands worldwide. Served and retired as an Information System Technician – Senior Chief (ITCS) at various commands worldwide.