Qualifications Summary

• Strong leader and highly experienced executive excelling in the creation, execution, and management of comprehensive information security systems for corporations and governmental entities. A rare blend of deep technical skills and business acumen with a deep knowledge of international laws on privacy and the security of information. Able to effectively communicate with audiences ranging from deeply technical system administrators and engineers to the Board of Directors of billion dollar corporations. Policy maker able to originate security standards and procedures in fulfillment of critical federal, state, and industry requirements and in accordance with changing corporate requirements. Experienced in controlling multi-million dollar budgets, both operational and capital. Project of note, in 1998, designed, implemented, and operated the first global commercially successful Voice over Internet Protocol VoIP network.
• Respected professional offering 20 years of national and international technology management.
• Creative thinker and analytical problem-solver with demonstrated ability to manage projects from planning through execution/completion under the pressure of fast-paced, time-sensitive environments.
• Extensive experience managing both domestic and international business and technology programs.
• Experience working as a senior Scientific, Security and Technical Advisor
• Hands-on experience leading all stages of software application development efforts, including requirements definition, design, architecture, testing, and support.
• A published author in technical and business journals, such as the Pacific Telecommunications Council Quarterly Review, and has presented papers and briefings at both national and international conferences.
• Extensive experience as an adjunct professor teaching business classes primarily at the graduate level.

Core Competencies

Strategic Planning and Direction

• Strategic Corporate Security Planning and Operation
• Organizational Planning
• IT Governance
• Client and Vendor Relations
• Team Building and Recruitment
• Performance Management
• Project Management
• Business Agility Policy Development
• Quality Assurance
• Application Agile Development
• Program Budget
• Compliance
• Process Change/Improvement
• Technology integration
• Conflict management
• Acquisition and Mergers
• Risk Management
• Negotiation, persuasion and Communication
• Coaching/mentoring
• Risk Management
• Analysis of business problems/needs
• Cross functional team building and leadership
• Data Center Operation and Hybrid Cloud Modernization

Professional Experience

Confidential

• Advise State Street Bank CISO on compliance, regulatory audit, risk vulnerabilities, cybersecurity threats, corrective action and standards, policy and procedures.
• Prepared and present report findings and next steps for adoption of necessary security and IT actions utilizing Governance, Risk and Compliance GRC systems
• Administer and analysis scanning to locate vulnerabilities within the infrastructure and software deployed
• Provide State Street with proactive vulnerability and corresponding corrective actions
• Lead program, for the study and implementation of Certification and Accreditation C A in accordance with ISO 27000, SANS and NIST.
• Lead the project to determine new software value to increase security situational awareness.
• Utilize Six Sigma and value stream mapping to reduce security process stages and increase controls.

Confidential

• Revised and developed banking system for response and preparation for audits
• Developed a private and community cloud for adoption of extremely large data transactions and necessary analysis and presentation
• Collaborating with corporate C-level management teams and subsidiaries to provide concrete guidance in information security governance risk, compliance and enterprise security management challenges.
• Developing comprehensive policy set aligned with numerous government regulations and international EU Data Protection and Privacy standards through a crosswalk process to ensure complete coverage.
• Orchestrating and managing the corrective action for findings from internal and external audits.
• Ensuring that the overall enterprise security system is in compliance with federal, state, and industry law and regulations.

Confidential

• Catalyst Health Care Solutions - Chief Information Security Officer CISO . Ensured overall system security in compliance with federal, state, and industry law and regulations as the highest-ranking security executive company-wide. Assessed and upgraded all security technology as necessary, continually reviewing firewalls, intrusion detection/prevention systems, monitoring systems, analytical engines, and encryption systems. Directed vulnerability assessments as well as penetration tests and any required remediation. Modified corporate security architecture in real-time response to changing corporate needs, including the astronomical growth of Internet usage. Orchestrated the completion of internal and external audits. Administered a 10M operations and capital budget. Conducted cyber security red team and external and external penetration testing. Investigated security breaches, collaborating with law enforcement agents as necessary.
• Collaborated with senior staff in several mergers and acquisitions due diligence M A and integration of new subsidiaries into the corporation. M A activity ranged from 500M to 16B
• Collaborate with corporate C-level management teams and subsidiaries to provide concrete guidance in information security governance and enterprise security management challenges.
• Primary leadership force of information security, risk and the privacy protection of the electronic protected health information EPHI medical records system operations, providing the overall information security management of information technology assets.
• Developed comprehensive policy set aligned with numerous government regulations and international standards through a crosswalk process to ensure complete coverage.
• Changed corporate view of information security from a regulatory checklist to a business enabler by creating a flexible risk analysis and management process.
• Ensured comprehensive risk management and regulatory compliance for the protection of health records, and delivery of information security services to protect the electronic medical records.
• Manage a team of information security and technology personnel and information security budgets and expenditures while enforcing compliance with patient information privacy goals and health care information technology standards.
• Spearhead strategic planning, employee information security training and awareness for 2,000 employees, and production tracking focused on maintaining superior organizational information security management performance.
• Partnered with business units to understand needs within the organization and provide solutions.
• Brand Protection in Cyber Security Web, Search, Reputation, Scams
• Managed the development and implementation of global security policy, standards, guidelines and procedures to ensure ongoing maintenance of enterprise information security.
• Lead the effort to resolve Identity Access Management Enterprise Security Architecture compliance challenges to address regulatory compliance mandates including HIPPA, HITECH, HITRUST, PCI DSS, ISO 27001/2, BS 25999 Business Continuity, FISMA, NIST, FIPS, Sarbanes Oxley, SOX, SSAE16, EU Data Protection, FTC Safeguards, Safe Haven, Mass 201 CMR 17.00, NVR 603A, and GLBA.
• Established and managed formal certification programs regarding enterprise security standards relating to the planned acquisition and/or procurement of new applications or technologies.
• Lead the corporate Business Continuity Planning BCP and Disaster Recovery DR program.
• Managed the Security, HIPPA, HITECH, Identify Theft Law, and PCI assessment for several major universities and medical centers. Developed a security and regulatory remediation roadmap and suggested investments guidelines.
• Program Manager for Identity Management security assessments at ING, UBS and implementation of ORACLE Identity Management Governance and software implementations at GEICO, UBS, and Nortel.
• Designed IT Global modernization program for Global Financial and Pharmaceutical firm. Total value of contract award was 33 Million.
• Advised on design and implementation of Hybrid Cloud data center computing for an international Pharmaceutical company.
• Directed the design and implementation the City of New York Application and System Development Center.
• Managed and supported ITSM consulting business process and technology delivery for both commercial and public sector customers such as ING, Hydro One, UBS, Roche, Johnson and Johnson, NCC Bank, City of New York.
• Chicago, IL --Launched an integrated Public Safety technical and business process model.
• Managed the New York City ITIL implementation and upgrade of Service Desk 311 911 infrastructure, IVR, EDC process, procedures, and metrics.
• Toronto, Canada --Managed a program implementing the North American Electric Reliability Council NERC Critical Infrastructure Protection CIP compliance for an International power company.
• Oversaw the security and Risk design of a large scale Canada Smart Grid and Smart Metering project.

Confidential

• Directed security software application development projects.
• Directed application development for data center mainframe Single Sign-On, Highly Privileged DB2 IR ID Generic Accounts, and Physical Audit Tracking and control System PATS .
• Launched a Six Sigma Leanings and Value Stream Mapping process improvement program.

Confidential

• Directed the revision of the enterprise Command and Control platform and situational awareness process and platform.
• Directed the design for placement of NYC surveillance cameras.

Confidential

• Managed business development responded to DoD and Federal agencies Request for Proposal and technical process improvement consulting and auditing.
• Implementation of ITIL, Six Sigma, CMMI, and standardized technical architecture process and principles.
• Directed restructuring of internal and external Data Centers business process development, governance, budget and control metrics.
• Directed numerous Six Sigma Leaning projects to reduce unnecessary waste.
• o Reduced staffing and software development life-cycle release error rate by 35 .
• Directed restructuring of organizational compliance governance program.
• Directed implementation of Process Control Service Management ITIL .

Confidential

• Managed the development, design, implementation, and operation of the CDC Global Disease Detection network, statistical analysis and classification.
• Directed CDC Bio-Medical Informatics software application development and field testing.
• Research member of CMS and CDC electronic health records study.
• Managed CMS data center operations, and implemented a three tier architecture and increased DASD storage
• Oversaw the CMS modernization architectural blueprint tactical and five-year strategic plans.
• Directed the operation of the CMS data center, application development including finance payment systems.
• Directed the response to proposal RFP design and implementing of technical solutions for both commercial and public sector customers such as Nike, Bellsouth, Port Authority of NY and NJ, NYC MTA, Housing and Urban Development, Centers for Disease Control, White House, and Center for Medicare and Medicaid.
• Redesigned the USPS ERP financial EDI and lock box and payment infrastructure and process.
• Managed the design and implementation of an integrated Critical Infrastructure, Command and Control Systems, Communications, Cyber and Physical Security infrastructure for NYC MTA
• Appointed as the LM advisor for the joint NY/NJ Port Authority, DoD research program developing a real time decision support system and cross platform communications for the Regional Information Joint Awareness Network.
• Managed the implementation of several ITIL and Six Sigma process improvement programs.

Confidential

• Directed application development of software and applications for Mobile Business, Telecommunications and Security.
• Managed the designed and implementation of Public Safety radio systems and software applications for New York State Georgia, and Florida State Police.
• Trusted business process Advisor for several major customers OKI, NTT .

Confidential

• Directed the design, implementation of the infrastructure architecture and operation of the first commercial global ISP and Voice over Internet Protocol VoIP and Fax over IP service offering.
• Managed the software applications ERP OSS BSS and VoIP development.
• Within a year, the value of the company increased from 10M to more than 100M.
• Received Frost Sullivan's 1999 Market Engineering Customer Focus Award for the Global IP Telephony Service.

Confidential

• Managed a 50M budget and geographically dispersed staff of seven Senior Managers and 200 technical staff.
• Directed the implementation of a corporate national field IT support organization supporting new new installations and RF message switching offices MSO .
• Oversaw the implementation of Service Desks and order processing centers.

Confidential

• Directed Unum and affiliate companies' global information, telecommunications, and data center operations.
• Managed mainframe operations and software application development.
• Managed a 14M budget and geographically dispersed staff.