Chief Compliance Officer

• Jan 2020 - Present

Information Security Vendor Risk Assessment

• Jan 2019 - Dec 2019

Conduct information security vendor risk assessments for the hospital. Conduct information security vendor risk assessments for the hospital.

Information Security Manager

• Oct 2016 - Aug 2018

Manage global information security operations for 15,000 users located in over 100 countries for the global medical equipment manufacturer. Manage daily security incident events while being an active member of the corporation’s Architecture Review Board (ARB), Change Advisor Board (CAB), and Vendor Management Review Board. Manage global information security operations for 15,000 users located in over 100 countries for the global medical equipment manufacturer. Manage daily security incident events while being an active member of the corporation’s Architecture Review Board (ARB), Change Advisor Board (CAB), and Vendor Management Review Board.

Sr. Risk & Compliance Consultant

• Nov 2004 - Feb 2016

Provide professional consulting services to banks and credit unions for information technology and cyber security risk assessment to verify and test the appropriateness of controls and related computer security measures to prevent degradation of sensitive information. Currently managing and maintaining 10 Business Continuity Programs (BCP) inclusive of threat assessments; business impact analyses; program development of policies, procedures, and manuals; and development of BCP plan documents. Process Improvements: • Authored 37 policies and procedures for clients creating an additional revenue stream for the business by creating a library of IT Security policies and procedure that were later sold to other clients that needed addition policies or procedure for their organization. • Streamlined the BCP program by grouping boilerplate actions into standalone sections and customizable information into other sections generating a nearly complete BCP program (80%) for a client within 1 month. Established process for the completion of the BCP program within 2 months. Regulatory Adherence • Partner closely with financial organizations' senior leadership to achieve necessary goals and to mitigate organizational weaknesses in processes or procedures. Strong knowledge of regulatory organizations' guidelines and regulations that oversees banks and credit unions such as FDIC, FFIEC, and NCUA. • Lead IT audits for banks and credit unions to verify compliance with FFIEC, NCUA, GLBA and Red Flags. Familiar with computer investigation, data breach evidence controls, and computer forensics methods. • Chair committee meetings to ensure BCP documents and plans are current and updated regularly. Deliver BCP training and testing to ensure clients’ plans meet the FFIEC, NCUA, FDIC standards, and best practices to ensure quick recovery from unplanned disruptions. Show less

Senior IT Auditor

• 2004 - 2004

Led IT audit to verify compliance with SOX, Section 404. Managed team of 2 for the one-year SOX audit project of a Fortune 100 energy company that was located remotely from home office. Developed IT audit methods and trained the client’s employees in SOX audit evidence gathering requirements and mitigation processes for all SOX IT controls shortcomings to improve risk ratings. Completed SOX project on budget and on time and recognized for successfully operating with a high level of independence at client site. Show less

Quality Assurance Specialist

• 2000 - 2004

Supervised 9 Quality Assurance team members in the inspection and auditing of quality of repair for computer laptops. Ensured that computer repairs met or exceeded ISO (International Organization of Standards) standards. Performed daily and weekly analysis of quality assurance data. Reported findings to management, engineering, users, and other clients/customers in meetings and presentations. Improved the Laptop Inspection Procedures accuracy by 95% and decreased learning curve by 60%. Led a project to combine three databases into one QA database with standardized data entry format. Created, maintained, and designed databases for the Quality Assurance Department and numerous other organizations within the company that allowed QA members to move freely between QA teams as needed and allowed for the expansion of new QA programs. Show less

Attorney

• 1994 - 2000

Practiced Immigration and Naturalization Law in Mid-South area exclusively. Conducted client interviews and fact gathering to facilitate foreign-born nationals’ immigration into the United States via political asylums, family, or employment based applications. I created a database system that required a onetime data entry of applicant information to print onto the INS specialized forms. The database system reduced the amount of time to manually type information into the INS forms from 5 minutes to 30 seconds. Designed and implemented computer network for entire law firm from scratch. Purchased all equipment. Designed, programmed, and built computer applications for client management and file/content maintenance within the office. Achieved 98% success rate of obtaining political asylum status for my clients in immigration trails. Show less