VP Information Security

• Aug 2021 - Present

Chief Information Security Officer

• Sep 2018 - May 2021

With a team of cyber security professionals, I work tirelessly to galvanize the security infrastructure with a comprehensive information and cyber security program that considers every stakeholder. The programs I deploy bring industry best practices for ensuring regulatory compliance while aligning with the overarching corporate strategy. I am also a trusted advisor by senior executives for leading the company’s technical responses to crisis. With a team of cyber security professionals, I work tirelessly to galvanize the security infrastructure with a comprehensive information and cyber security program that considers every stakeholder. The programs I deploy bring industry best practices for ensuring regulatory compliance while aligning with the overarching corporate strategy. I am also a trusted advisor by senior executives for leading the company’s technical responses to crisis.

Chief Information Security Officer

• Nov 2011 - Sep 2018

Drawing on my extensive experience in network engineering and cyber security, I partnered with the senior executive team at Intesa Sanpaolo to strategize, develop, and implement a comprehensive information security program to effectively safeguard the bank’s key assets. The program spans everything from data leak protection to privilege access management. Additionally, chairing and participating in numerous security committees enabled me to work with different functional groups to foster an… Show more Drawing on my extensive experience in network engineering and cyber security, I partnered with the senior executive team at Intesa Sanpaolo to strategize, develop, and implement a comprehensive information security program to effectively safeguard the bank’s key assets. The program spans everything from data leak protection to privilege access management. Additionally, chairing and participating in numerous security committees enabled me to work with different functional groups to foster an awareness and culture around cyber security. Show less Drawing on my extensive experience in network engineering and cyber security, I partnered with the senior executive team at Intesa Sanpaolo to strategize, develop, and implement a comprehensive information security program to effectively safeguard the bank’s key assets. The program spans everything from data leak protection to privilege access management. Additionally, chairing and participating in numerous security committees enabled me to work with different functional groups to foster an… Show more Drawing on my extensive experience in network engineering and cyber security, I partnered with the senior executive team at Intesa Sanpaolo to strategize, develop, and implement a comprehensive information security program to effectively safeguard the bank’s key assets. The program spans everything from data leak protection to privilege access management. Additionally, chairing and participating in numerous security committees enabled me to work with different functional groups to foster an awareness and culture around cyber security. Show less

Business Information Security Risk Analyst - Consultant

• Mar 2011 - Nov 2011

During my time as a Business Information Security Risk Analyst, I performed a thorough assessment of RBS’s existing information and cyber security programs to validate the strength and compliance of existing programs. Working alongside RBS business users, I performed a business impact analysis on business critical applications and formulated series recommendations for improving the program. During my time as a Business Information Security Risk Analyst, I performed a thorough assessment of RBS’s existing information and cyber security programs to validate the strength and compliance of existing programs. Working alongside RBS business users, I performed a business impact analysis on business critical applications and formulated series recommendations for improving the program.

Security Consultant / Project Manager

• Nov 2008 - Feb 2011

As a Security Consultant, I directed the project team along with IT to execute a series of activities focused on assessing the strength of MK Solution’s existing security infrastructure. This included application security assessments, risk assessments, network penetration testing, and 3rd party external penetration testing. I synthesized results from the various assessments into actionable recommendations and a company wide security policy. As a Security Consultant, I directed the project team along with IT to execute a series of activities focused on assessing the strength of MK Solution’s existing security infrastructure. This included application security assessments, risk assessments, network penetration testing, and 3rd party external penetration testing. I synthesized results from the various assessments into actionable recommendations and a company wide security policy.

Senior Security Analyst / Team Lead

• Apr 2004 - Oct 2008

My primary role as a Senior Security Analyst and Team Lead was to ensure the company’s applications had sufficient controls for meeting various compliance regulations, including Sarbanes Oxley (SOX), SAS70, HIPAA, and GLBA. This encompassed a wide span of security assessments and tasks, such as monitoring activities reported by the intrusion detection system, running monthly penetration tests, managing and maintaining firewall change requests, and assessing desktop compliance. I also led… Show more My primary role as a Senior Security Analyst and Team Lead was to ensure the company’s applications had sufficient controls for meeting various compliance regulations, including Sarbanes Oxley (SOX), SAS70, HIPAA, and GLBA. This encompassed a wide span of security assessments and tasks, such as monitoring activities reported by the intrusion detection system, running monthly penetration tests, managing and maintaining firewall change requests, and assessing desktop compliance. I also led initiatives to foster a culture of security and participated in committees, offering a cyber security lens to various functions of business. Show less My primary role as a Senior Security Analyst and Team Lead was to ensure the company’s applications had sufficient controls for meeting various compliance regulations, including Sarbanes Oxley (SOX), SAS70, HIPAA, and GLBA. This encompassed a wide span of security assessments and tasks, such as monitoring activities reported by the intrusion detection system, running monthly penetration tests, managing and maintaining firewall change requests, and assessing desktop compliance. I also led… Show more My primary role as a Senior Security Analyst and Team Lead was to ensure the company’s applications had sufficient controls for meeting various compliance regulations, including Sarbanes Oxley (SOX), SAS70, HIPAA, and GLBA. This encompassed a wide span of security assessments and tasks, such as monitoring activities reported by the intrusion detection system, running monthly penetration tests, managing and maintaining firewall change requests, and assessing desktop compliance. I also led initiatives to foster a culture of security and participated in committees, offering a cyber security lens to various functions of business. Show less

Sr. Security Engineer

• Nov 2000 - Mar 2004

Worked on various security tools, such as firewalls and IDS. Worked on various security tools, such as firewalls and IDS.

Sr Consultant

• Oct 1999 - Nov 2000

Consultant - Sr. Network Anylyst

• Jun 1998 - Oct 1999