Information security and risk management leader with over 20 years of experience creating and leading enterprise information security programs.

- Policy and standards management

- Data privacy management

- Information security compliance

- Threat and vulnerability management

- Risk management

- Security incident response

- Technology implementation and management

- Business continuity and disaster recovery process integration

- Compliance and Privacy Management: PCI, HIPAA, ISO27001 certification, and GDPR

- Special emphasis on information security and risk management strategy and process development

- Proven success in developing, implementing, sustaining, and enhancing enterprise information security and risk management programs.

Specialties:

- Passion for people: teamwork, collaboration, and leading

- Strategy, efficient processes, automation, metrics, and reporting

- IT security controls and risk management methodologies

- Information Security compliance

- Management of numerous technologies e.g., malware solutions, data leakage protection products, encryption solutions, mobile security, threat mgmt solutions, vulnerability and application scanners, investigative tools, and governance risk compliance tool-sets.

- Even with the above in process - a balanced healthy sense of humor