Functional Skills
Cybersecurity
Project Management
Business Continuity
Budgeting
Incident Response
Software Development
Accounting
Vendor Management
Disaster Recovery
Regulatory Compliance
Risk Management
Information Security Management
Good Clinical Practice (GCP)
IT Asset Management
Real Estate Investing
Software Skills
Linux
Microsoft Office
Jira
WireShark
AWS
Penetration Testing
Google Docs
Active Directory
Android
MacOS
Windows
Google Cloud Platform
VPN
Stripe
VMware ESXi
Certifications
CISSPCertified Information Systems Security Professional
Sector Experience
Business Services
Financial Services
Real Estate
Technology
Experience
Picket Homes, Inc.
Start-Up
Chief Information Security Officer (CISO
1/2021 - 2/2025
• Leadership & InfoSec/IT Foundations: Designed and implemented the enterprise InfoSec program for a start-up. Reported directly to the CEO/Co-Founder, with a focus on securely aligning security with business goals.
• Cybersecurity Strategy & Compliance: Defined and executed IT security roadmaps to ensure compliance with industry standards (NIST/ISO 27001) and Confidentiality, Integrity, and Availability (CIA) best practices.
• Enterprise Risk Assessments: Successfully directed the company's third-party attack and penetration testing initiative, covering AWS cloud, web applications, APIs, and source code reviews with no material findings reported.
• Third-Party Risk Management: Managed vendor risk assessments and third-party due diligence security evaluations, enforced rigorous standards across all business partnerships and vendors.
• Cybersecurity Strategy & Compliance: Defined and executed IT security roadmaps to ensure compliance with industry standards (NIST/ISO 27001) and Confidentiality, Integrity, and Availability (CIA) best practices.
• Enterprise Risk Assessments: Successfully directed the company's third-party attack and penetration testing initiative, covering AWS cloud, web applications, APIs, and source code reviews with no material findings reported.
• Third-Party Risk Management: Managed vendor risk assessments and third-party due diligence security evaluations, enforced rigorous standards across all business partnerships and vendors.
The Carrington Companies
Corporate Strategy & Development
Chief Information Security Officer (CISO
1/2011 - 9/2020
• Enterprise Security Program Development: Promoted to CISO to lead the maturation of a nascent InfoSec program for a 3000 employee US enterprise. Designed and implemented a comprehensive framework, establishing key policies, procedures and governance systems.
• Security Governance & Compliance Leadership: Chaired the Enterprise Information Systems Steering Committee, governing corporate InfoSec posture, risk identification, remediation, and compliance. Partnered with the CIO to lead the organization through the successful attainment of SOC 2, NIST CSF, GDPR and ISO 27001 compliance.
• Executive Reporting & Security Metrics Development: Regularly briefed C-suite executives on security posture, emerging risks, and progress on key initiatives. Developed tailored reporting and metrics dashboards that communicated security risks and aligned security initiatives with business objectives.
• Security Governance & Compliance Leadership: Chaired the Enterprise Information Systems Steering Committee, governing corporate InfoSec posture, risk identification, remediation, and compliance. Partnered with the CIO to lead the organization through the successful attainment of SOC 2, NIST CSF, GDPR and ISO 27001 compliance.
• Executive Reporting & Security Metrics Development: Regularly briefed C-suite executives on security posture, emerging risks, and progress on key initiatives. Developed tailored reporting and metrics dashboards that communicated security risks and aligned security initiatives with business objectives.