Professional Experience

Chief Information Security Officer (CISO)
2016–Present

• Achieved PCI-DSS Level I Compliance, ISO27001 Certification, and 90% talent retention.

• Executed cybersecurity cost optimizations saving $1.4M and implemented the Cybersecurity Organization Restructuring Program (CORP).

• Built GRC frameworks for GDPR, CCPA, Privacy Shield, and LGPD compliance.

• Led M&A cybersecurity assessments and performed crypto security audits for blockchain initiatives.

• Deployed advanced Google Cloud security technologies (e.g., BeyondCorp, Chronicle SIEM).

Management Consultant - Advanced Security Solutions
2019–2023

• Managed cybersecurity programs for US Government agencies, including DoD, DHS, and CISA.
  Key Achievements:Implemented Risk Management Frameworks (RMF) for DoD branches.
  Conducted technology risk workshops for federal agencies.
  Executed DLP deployments and assessed cybersecurity risks for M&As, including the Silicon Valley Bank acquisition.
  

Chief Information Security Officer
2016–2020

• Designed GRC portfolios for high-profile clients (e.g., Disney, Paramount).

• Focused on ML algorithms (K-Means and PCA) to detect anomalies in cybersecurity.

• Presented on API breaches and ML cybersecurity at global conferences.

Associate Partner
2015–2016

• Led strategic remediation programs for an international bank and other major financial institutions.

• Focused on Threat Hunting and compliance with Singapore's TRM regulations.

Chief Security Officer
2011–2015

• Delivered a $40M Cyber Security Operations Center.

• Managed compliance with Australian Prudential Regulation Authority (APRA).

• Mitigated risks, including the Heartbleed vulnerability.

Head of Consumer Security and Innovations
2010–2011

• Migrated 1,200 applications to the private cloud and reduced costs by $5M annually.

• Developed cloud trust platforms and digital banking innovations.

Vice President of Content Security
2008–2010

• Protected intellectual property (US$3.2B revenue) using DRM and encryption technologies.

• Partnered with Google for digital forensics and established industry standards for IP protection.

Senior Security Engineer/Director of Information Security
2005–2008

• Created Salesforce’s first GRC program and accredited over 2,000 AppExchange applications (e.g., Workday, DocuSign).

• Achieved ISO27001 certification and led risk assessments for M&A activities.

Chief Security Officer
2002–2005

• Managed HIPAA and SOX compliance for healthcare systems.

• Developed disaster recovery and VPN solutions for non-profit organizations.

IT Advisory Consultant
1998–2002

• Implemented 99.99% uptime eCollaboration engines and B2B eCommerce solutions.

Education

University of Pennsylvania (Wharton)
MS in Management of Technology

Harvard University
Certified in Economics, Policy Analysis, and Risk Management

St. Mary College
BS in Biology, minor in Chemistry

Cybersecurity Leadership & Contributions

• Conference Presentations: Delivered presentations globally on cybersecurity topics, including API breaches, ML in cybersecurity, and IP protection (e.g., RSA Conference, FS-ISAC).

• Publications: Contributed as an editor/reviewer.

Key Skills and Expertise

• Governance, Risk, and Compliance (GRC): Extensive experience across financial, federal, and global industries (SOX, GDPR, PCI DSS).

• Cybersecurity Programs: Expertise in DevSecOps, API security, threat hunting, and vulnerability management.

• Cloud Security: Hands-on deployment of advanced tools in AWS, Google Cloud, and Azure environments.

• Leadership: Proven track record in building security teams with high retention and delivering multimillion-dollar projects.