Experience

Bank of America Merrill Lynch

• United States
• Financial Services
• 700 & Above Employee

• Director, Global Information Security

  • 2015 - Present

  Jacksonville, Florida Area Directs multiple / major technology teams within Information Security that research, engineer, develop, implement, communicate, monitor and maintain the information security (authentication, perimeter security, security & compliance tools, etc.), & directory technology systems (hardware and software) and security policies / procedures. Utilizes in-depth technical / project knowledge and business requirements to design / direct secure solutions to meet customer / client needs while protecting… Show more Directs multiple / major technology teams within Information Security that research, engineer, develop, implement, communicate, monitor and maintain the information security (authentication, perimeter security, security & compliance tools, etc.), & directory technology systems (hardware and software) and security policies / procedures. Utilizes in-depth technical / project knowledge and business requirements to design / direct secure solutions to meet customer / client needs while protecting the Bank's assets. Serves as organization spokesperson with other technology or business groups. Exercises independent judgement in directing staff to achieve results. Works independently with goals provided by the Senior Information Security Technology Executive. Show less



Merrill Lynch

• United States
• Financial Services
• 700 & Above Employee

• Director, Global Welath Management Risk & Control

  • 2008 - Present

  Jacksonville, Florida Area Manage a team in the information security, business continuity, audit, compliance and privacy spaces to align a large global software development organization (Global Wealth and Investment Management Technology) with enterprise control functions, standards, policies and related initiatives. Responsibilities include developing secure solutions to business issues, incident response, control gap analysis, coordinating execution of penetration tests, social engineering testing, quality assurance… Show more Manage a team in the information security, business continuity, audit, compliance and privacy spaces to align a large global software development organization (Global Wealth and Investment Management Technology) with enterprise control functions, standards, policies and related initiatives. Responsibilities include developing secure solutions to business issues, incident response, control gap analysis, coordinating execution of penetration tests, social engineering testing, quality assurance, resolution/problem solving of a broad spectrum of issues, identification and interpretation of policy, enhancing and promoting information security awareness and developing a robust risk culture. Liaise with regulatory agencies (OCC, FDIC, MAS) for audit oversight purposes. Responsible for completeness of technology recovery plans and related cross-regional recovery readiness testing for a portfolio of ~700 applications. Responsible for keeping all related metrics and scorecards within prescribed service level agreements.

• VP, ISO for MLB&T, MLBUSA, Jacksonville Corp. Campus

  • 2004 - 2008

  Jacksonville, Florida Area As Information Security Officer for MLB&T and MLBUSA, responsibilities included but were not limited to acting as liaison with technical, business, and vendor constituents to produce and provide elaboration and clarification of information security policy to improve the overall Global Wealth Management (GWM) and Bank risk disposition. Collaboration with information risk leaders to institutionalize best practices and policy. Creation of BOD reporting. Provisioning of effective information risk… Show more As Information Security Officer for MLB&T and MLBUSA, responsibilities included but were not limited to acting as liaison with technical, business, and vendor constituents to produce and provide elaboration and clarification of information security policy to improve the overall Global Wealth Management (GWM) and Bank risk disposition. Collaboration with information risk leaders to institutionalize best practices and policy. Creation of BOD reporting. Provisioning of effective information risk oversight relative to vendor, application, and contractual due diligence. Audit coordination and implementation. Coordinated and implemented information security & privacy initiatives to enhance to enhance the overall risk appetite of the Bank. These initiatives included implementing data leakage controls, encryption, desktop lockdown, secure coding SDLC, and policy write/re-write Implemented a first-ever scoring of information security related controls in order to measure and promote transparency of control effectiveness Oversaw development of e-Safe, a secure tool used to properly encrypt files prior to external transmission. Pursued patent opportunity.

• Various Supervisory/Managerial

  • 1983 - 2004

  Greater Denver and Jacksonville Florida area 2002 - 2004 Direct the architecture, integration, and operation of the Jacksonville, Florida campus server and storage infrastructure. Manage the Information Security function, to include ISO, anti-virus, patch management, and policy development and implementation. Direct the Project Management and Business Resumption Planning teams. 1983 - 2002 Various positions. Aggregate scope of position is expansive and includes departmental direction and full design, installation… Show more 2002 - 2004 Direct the architecture, integration, and operation of the Jacksonville, Florida campus server and storage infrastructure. Manage the Information Security function, to include ISO, anti-virus, patch management, and policy development and implementation. Direct the Project Management and Business Resumption Planning teams. 1983 - 2002 Various positions. Aggregate scope of position is expansive and includes departmental direction and full design, installation, engineering, implementation, support, training, administration, and management authority for: LAN/WAN Network Services 24 x 7 Data Center Operations Application Support Desktop Support Business Continuity UNIX Systems Administration PBX, ACD, VRU Administration NT Server Infrastructure Data Storage Networks Spearheaded transition from outdated technologies to highly functional, streamlined, and cost-effective client-server technologies and business solutions that dramatically improved efficiency, decreased expenses, and optimized data integrity and security Directed the move of all network and distributed technology and ~2,000 users during relocation to a new facility. Project was on time, under budget, and the clients experienced no interruption of service Spearheaded the technology portion of a bid team (RFI and RFP) that out-sourced portions of a business technology. Initiative saved a core business ~$2M p/year Managed $2M project to rid the organization of legacy technology. Project was on time and under budget by ~$379K Maintained an aggregate technology up time of 99.9% by developing a risk assessment plan, then implementing redundant architecture as the plan revealed/suggested