Functional Skills
Risk Management
Incident Response
Supply Chain Integration
Program Management
Cybersecurity
Vendor Management
Strategic Planning
Regulatory Compliance
Operational Efficiency
AI Risk Management
Software Skills
Active Directory
Android
Azure Active Directory
DNS
Dropbox
Endpoint Security
Firewall
FTP
HTTPS
Microsoft Word
Microsoft OneDrive
Microsoft Office
Microsoft PowerPoint
Microsoft Exchange
Mimecast
Sector Experience
Aerospace & Defense
Business Services
Healthcare
Social & Public Sector
Technology
Languages
English
Experience
Hanwha
Information Technology
CHIEF INFORMATION SECURITY OFFICER (CISO
3/2025 - Present
• Steered IT, cybersecurity, and compliance strategies across the organization, achieving a 25% improvement in risk posture.
• Directed policy development and incident response planning aligning with federal standards, reducing security incidents by 20%.
• Drive compliance for NIST SP and CMMC Level 2, ensuring audit readiness and robust security standards.
• Oversee vendor risk management and secure third-party onboarding to mitigate potential supply chain vulnerabilities.
• Act as the primary liaison with government stakeholders and auditors, enhancing cybersecurity posture by 15% through improved collaborations.
• Implemented a firmwide incident response process, reducing threat resolution time by 30%.
• Directed policy development and incident response planning aligning with federal standards, reducing security incidents by 20%.
• Drive compliance for NIST SP and CMMC Level 2, ensuring audit readiness and robust security standards.
• Oversee vendor risk management and secure third-party onboarding to mitigate potential supply chain vulnerabilities.
• Act as the primary liaison with government stakeholders and auditors, enhancing cybersecurity posture by 15% through improved collaborations.
• Implemented a firmwide incident response process, reducing threat resolution time by 30%.
MIS2
Information Technology
Fractional CISO
2/2025 - Present
At MIS2, I serve as a Fractional CISO, providing executive-level cybersecurity leadership to organizations that require strategic security oversight without the cost of a full-time hire. I lead the development and implementation of security programs aligned with industry frameworks such as NIST 800-171, CMMC, HIPAA, and ISO 27001. My work includes guiding clients through audit readiness, managing risk assessments, overseeing incident response and vendor security, and advising leadership on how to align cybersecurity initiatives with business goals.
WilmerHale LLP
Information Technology
CYBER SECURITY PROGRAM LEAD/DEPUTY DIRECTOR
12/2021 - 2/2025
• Directed ISO 27001 compliance efforts, boosting cybersecurity maturity by 20% via strategic oversight and cross department collaboration.
• Championed policy development for ISO standards, securing ongoing compliance and certification achievements.
• Advised leadership on strategic security initiatives, resulting in a 15% boost to incident response effectiveness.
• Mentored security teams to elevate performance and drive a 25% improvement in overall security posture.
• Streamlined vulnerability assessments, reducing remediation time by 20% using advanced SIEM tools.
• Led the project to move a group of Partners to Microsoft GCC-H, insuring compliance with federal government guidance of CUI data and NIST
● Department of Commerce – US Government Washington, DC INFORMATION SECURITY PROJECT LEAD Jul 2019 - Dec 2021
• Led cybersecurity initiatives across 12 bureaus, achieving 97% FISMA compliance and improving NIST adherence.
• Delivered tailored cybersecurity solutions that boosted operational efficiency by 18% across bureaus.
• Entrusted with mission-critical tasks, leveraging strategic planning to deploy solutions that improved security readiness by 15%.
• Achieved measurable improvements in security operations, recognized for enhancing cyber hygiene and audit performance.
• Managed third-party risk assessments, consistently reducing vendor risks by 10% annually.
• Championed policy development for ISO standards, securing ongoing compliance and certification achievements.
• Advised leadership on strategic security initiatives, resulting in a 15% boost to incident response effectiveness.
• Mentored security teams to elevate performance and drive a 25% improvement in overall security posture.
• Streamlined vulnerability assessments, reducing remediation time by 20% using advanced SIEM tools.
• Led the project to move a group of Partners to Microsoft GCC-H, insuring compliance with federal government guidance of CUI data and NIST
● Department of Commerce – US Government Washington, DC INFORMATION SECURITY PROJECT LEAD Jul 2019 - Dec 2021
• Led cybersecurity initiatives across 12 bureaus, achieving 97% FISMA compliance and improving NIST adherence.
• Delivered tailored cybersecurity solutions that boosted operational efficiency by 18% across bureaus.
• Entrusted with mission-critical tasks, leveraging strategic planning to deploy solutions that improved security readiness by 15%.
• Achieved measurable improvements in security operations, recognized for enhancing cyber hygiene and audit performance.
• Managed third-party risk assessments, consistently reducing vendor risks by 10% annually.
Office of Personnel Management (OPM)
Information Technology
SR. CYBER SECURITY LEAD
9/2018 - 7/2019
• Directed the Authorization to Operate (ATO) process for critical systems, conducting thorough risk assessments and ensuring compliance with federal standards, including NIST SP
● • Delivered actionable insights to stakeholders, resulting in expedited approvals and enhanced system credibility.
• Implemented and continuously refined security controls across multiple systems, ensuring strict adherence to regulatory requirements and internal security policies.
● • Delivered actionable insights to stakeholders, resulting in expedited approvals and enhanced system credibility.
• Implemented and continuously refined security controls across multiple systems, ensuring strict adherence to regulatory requirements and internal security policies.
Arnold & Porter, LLP
Operations
SECURITY OPERATIONS PROGRAM LEAD
7/2013 - 8/2018
• Developed and implemented a comprehensive IT security program that significantly enhanced the firm's risk management framework and regulatory compliance posture.
• Introduced robust security policies and procedures, ensuring alignment with industry standards and legal requirements, mitigating vulnerabilities and safeguarding critical assets.
• Implemented advanced web filtering solutions, effectively optimizing network bandwidth and ensuring secure browsing for all users.
• Introduced robust security policies and procedures, ensuring alignment with industry standards and legal requirements, mitigating vulnerabilities and safeguarding critical assets.
• Implemented advanced web filtering solutions, effectively optimizing network bandwidth and ensuring secure browsing for all users.