A results-driven Fortune 500 Cybersecurity and Risk Executive with 30 years of experience leading high-performing teams and delivering enterprise-wide security transformation. Trusted by boards and executive teams to develop and execute security programs that mitigate risk—especially during and after ransomware breaches.

Proven ability to build resilient, business-enabling security strategies across complex regulatory environments, with impact across Healthcare, Artificial Intelligence, Financial Services, Automotive, Retail, Warehousing, Publishing, Real Estate, and Oil & Gas sectors.

Core Domains: Cybersecurity Strategy, Board Reporting, Enterprise Risk Management (ERM), IT Governance, GRC, SOC Leadership, Incident Response, Threat Intelligence, Detection Engineering, Zero Trust, DLP, IAM, Cloud Security, Application Security, BISO Programs, Business Continuity, Physical Security, Vendor & Third-Party Risk, and AI Security Enablement.

Compliance Expertise: NIST (800-53, 800-171, CSF), DFARS, FEDRAMP, FIPS, FISMA, CMMC, ISO 27001, SOC 2 (Type I & II), COBIT
Privacy: GDPR, CCPA, CPRA, HIPAA, HITRUST
Finance & Risk: SOX, GLBA, PCI-DSS

Technical Coverage: On-prem to Cloud-native | SaaS, PaaS, IaaS | AWS, Azure, GCP, OCI | MITRE ATT&CK | SIEM, SOAR, CSPM, EDR, IAM, DLP, CASB, PAM, FIDO2, ZTNA | Generative AI Risk & Defense

Certifications: CISSP, CISM, CEH, CHFI
Boards & Affiliations: HiTrust Health 3PT Advisory Council, CyberGRX, Evanta Governing Body