Senior Information Security, Trust, and Privacy Executive
• Expertise in information security, data protection, risk management and privacy to set clear security strategies, lay out roadmaps with solid business and financial foundations, and deliver results.
• Contributed to the current worldwide standard in security, ISO 27001, to NIST Smart Grid Security Guidelines and to the Cloud Security standards
• Nominated to Computerworld’s Premier 100 Leaders in IT & Information Security Executive of The Year.
• Wrote and contributed to over 20 books and many articles on business risk and information security.
• Expertise with regulatory frameworks such as Sarbanes-Oxley (SoX), PCI, CoBIT, EU directives and ITIL.
• Soft skills include people development, team management, and client relationships, which I use to deliver effective security programs. Outstanding communications skills.
• A frequent industry writer and a requested speaker for conferences in the US, Europe and South America.
• Created enterprise-wide information security programs, office and strategy for diverse set of companies, including Expedia, Bell Canada’s US Subsidiary, Temple University and others.
• Have consulted at numerous firms, including BP, Conoco, Johnson & Johnson, Citigroup, GM, and others.
• Consulting on creation, design and strategic direction of business security and risk frameworks for Fortune 100 customers, including technology, physical, and actuarial risk.
• Designs and leads security risk assessment programs at major energy, travel, telecommunications, finance, healthcare, utility, transportation and government organizations.
• Analyze privacy legislation requirements which drives compliance programs
• Drives creation of incident response teams that include technical, as well as business unit, membership.
• Reports and presents to boards detailed metrics and advance compliance with requirements.
• Interfaces with regulatory and standards bodies on a regular basis.