Senior Information Security SME with a strong GRC, Compliance and Audit background.
● Action-driven and result-oriented professional with 25+ years of experience leading information technology teams in various capacities such as Governance Risk and Compliance; IT Internal Audit functions; Risk Assessments/Penetration Testing and providing hands-on guidance to security operation center teams.
● Developing and maintaining information security policies, standards, and procedures to ensure strict compliance with military; federal & state government; health, and private sector regulations such as HITRUST, OIG, PCI DSS, SOX, FFIEC, SCSEM, COBIT, ICS-CERT, FISMA, NIST 800.x, CMMC, SANS CSC, ISO 13485, ISO 2700x series, and many others.
● Managing multiple projects simultaneously with strict timelines and budget constraints in a diverse team environment with multiple locations across the globe.
● Multi-lingual (English, Spanish, and Italian) decorated US Army combat veteran of 16 years.
Work Terms
I tend to work Pacific Time Zone but I am open and accomodating to clients' time zone.