Biographical Info

Experienced Risk Management Professional with business and IT background, known for thought leadership, successful program management and understanding how to deliver value to the business. As an individual with a broad range of experiences ranging from cyber security and regulatory compliance programs to quantifying operational risks, he is always taking on new challenges to help organizations realize their full expectations and value. * 25 years experience in risk assessment and IT Security/Governance strategy (CISSP in 1998) (CGEIT 2009) (CRISC 2010) * 20 years experience in relationship development with key decision makers/stakeholders to better understand key business objectives and issues and align solutions to the delivery of business value. * 30 years experience in IT/Security/Cyber integration * 25 years experience in Program Management running large multi-million dollar programs for Fortune 1000 clients. * 25 years of experience in IT process design/implementation * 20 years experience in providing IT Governance/Risk/Compliance management * Very experienced in the use of industry frameworks and standards including NIST CSF, ISO 27K, COSO ERM, COBIT, ITIL * Experienced in compliance management/remediation for various regulatory issues including GDPR, HIPAA, AML, SoX, 21 CFR Part 11, ITAR, Other international security and privacy laws, etc. * Presented on various security related topics at user groups/practitioner forums, conferences, and professional organizations. * 15 years experience in leadership of teams, formal coaching, and mentoring other managers and staff * 10 years experience in risk quantification of cyber and operational risks using techniques learned from Doug Hubbard (Hubbard Decision Research/HDR) and FAIR methods. Specialties: Information/IT Security, Risk Quantification, Regulatory Compliance, IT Effectiveness, Governance, Risk and Compliance, Systems Integration, Data Management, Data Analysis, Metrics & Reporting, IT Strategy, IT Program and Portfolio Management, IT/Security Vendor alliances