Over 14 years of proven leadership in designing and implementing comprehensive information security solutions for large corporations
Managed several strategic multi-million dollar projects focused on reducing risk, elevating organizational productivity and increasing operational efficiency of IT-enabled processes and meeting compliance needs
• Accomplished with executing enterprise wide IT risk mitigation strategies/programs that are monitored and measured, against client baselines.
• Evaluated corporate IT risk assessed alternatives and implemented risk mitigation strategies based on client culture and resources.
• Designed security practices/toolsets to meet client baseline requirements while enhancing security posture to ensure the highest level of readiness.
• Directed enterprise identity and access management client initiative(s) from vendor selection to implementation.
• Collaborated with executive management to develop security strategies/metrics that properly balanced requirements, attainable solutions, and strategic business objectives.
• Designed SIEM (Security Information and Event Management) center(s) to address devices, hybrid cloud infrastructures, systems, account management, application threats and vulnerabilities.
• Established global IT enterprise control frameworks, testing strategies, policies, procedures, programs.
• Skilled with negotiating residual risk as well as articulating cost/consequence and threat/risk relationship to committees/management.
• Reduced compliance costs by consolidating enterprise controls, account management, logging, and audit/testing.
• Successfully deployed secure i-SDLC, standardizing approach, reducing post production costs and aligning core business processes.
• Promoted security awareness by reinforcing roles, responsibilities, polices and the enterprise relationship to compliance.
• Demonstrated ability managing cross functional teams comprised of internal/external auditors, assessors, regulators, and security vendors.