Experience

4A Security & Compliance
• United States
• Computer and Network Security
• 1 - 100 Employee
• Senior IT Security & Compliance Auditor

  • Mar 2023 - Present


Adaptimmune

• United Kingdom
• Biotechnology Research
• 300 - 400 Employee

• Information Security Manager

  • Apr 2022 - Feb 2023

  Improve Organizational Security by fostering relationships and understanding business values. Improve Organizational Security by fostering relationships and understanding business values.


Einstein Healthcare Network
• United States
• Hospitals and Health Care
• 700 & Above Employee
• Information Security Leader

  • Jul 2018 - Apr 2022

Salus University
• United States
• Higher Education
• 200 - 300 Employee
• Director of Network Security

  • Oct 2013 - Jul 2018


Advanced Benefit Advisors

• United States
• Insurance
• 1 - 100 Employee

• IT Security Specialist

  • Oct 2008 - Oct 2013

  -• Provided network support and training relating to the Confidentiality, Integrity and Availability of system resources. • Classified information assets and implemented Access Control Strategies to protect those assets in accordance with regulatory initiatives and Senior Management. • Test all Access Controls against the implemented monitoring solution for functionality and auditing capabilities. • Inform management of the understanding of the regulations, laws, and liability issues and assist to ensure that the company fulfills its obligations. • Implemented Defense in Depth strategies to mitigate/reduce internal and external threats via firewalls, Intrusion Detection/Prevention, Antivirus, Malware Scanning, Web Filtering, etc. • Implemented reviews and programs to enforce Information Security best practices and safeguard critical services and systems. • Maintained all aspects of the Disaster Recovery site including security, testing, documentation and recovery. • Ensured the company information technology investments were aligned with its strategic business objectives. • Monitored new technologies that support or enable a company to carry out its ongoing operations while maintaining compliance requirements. • Provided security awareness to employees and senior management via a variety of venues including training presentations, emails and handouts. • Support the monitoring of all computer systems including servers, workstation, firewall, antivirus programs, etc. to help identify any areas of misuse, tampering, access violations, external threats, temperature, etc. • Utilized tools such as Wireshark to identify network issues. • Facilitated the use of Virtualization technologies to reduce the footprint and administrative costs. • Responsible for penetration testing, vulnerability assessments and reporting to senior management. • Maintenance and upgrades of all computer Operating Systems and software Show less



Penn Systems Group Inc.

• United States
• IT Services and IT Consulting
• 1 - 100 Employee

• Director of IT

  • Feb 1998 - Oct 2008

  • Contributed to the growth of the company by retaining current customers, winning new business relationships and was ultimately their trusted advisor. • Built Business Continuity and Disaster Recovery solutions that meets the business objectives. • Worked with SMB customers to help facilitate new or existing networks by utilizing strategies that best fit the company needs. Part of this strategy was to identify operational needs and security requirements. • Trained senior management and employees on the importance of security in the workplace. Mentored the employees and trained them when necessary. • Maintained the security and operations of all network equipment which included upgrades, updates, migrations, disposal, etc. • Helped our customers realize the importance of internal and external threats and how to provide mitigation solutions and work within the customers budget. • Helped identify critical business functions and utilize soft administration controls including separation of duties and principle of least privilege. • Data backup/restore and availability to all customers and provide documents, change control and processes that are to be well written and clear. • Researched and implemented the proper WAN/LAN technologies that fit the business budget and functions for network access, internet access, remote access and connecting site-to-site. Show less