An award-winning data security and privacy risk management executive with expertise in developing security and privacy programs for both private and public organizations within major critical infrastructure sectors, A security career that began in 1999 as the first command information security officer. A curious leader with proven management and operational expertise to:
-implement leading governance frameworks and GRC controls
-develop cyber risk management policy, process, and standards
-design enterprise security programs and system security plans
-assess and identify both data and privacy risks
-determine enterprise risk management priorities
-coordinate corrective actions and plans
-manage continuous diagnostics; and
-administer vendor relations
A strategic change agent and innovative problem solver in fast-paced and fluid environments. A team builder that mentors and empowers staff through vision, training, guidance, and motivation.