Feb 2024 – Feb 2025 · 1 yr · United States · Remote

• As vCISO and On-Call Roving reporter I help support CyberDefense Magazine Business and Initiatives related to Cyber Security and I get assigned to report on unique Tools, Products, Techniques, and People, especially CISO's in Cyber Security.

Sep 2023 – Jun 2025 · 1 yr 9 mos · United States

• Board of Directors Cyber Security Advisor
• Providing strategic cybersecurity advisory services, focusing on secure software development lifecycle and compliance assurance. Improve security posture though deploying best in class tools and processes.
• Leverage risk assessment methodologies to enhance cybersecurity posture, resulting in zero security incidents.
• Guide the organization in achieving compliance with industry standards and regulations, ensuring alignment with business goals.

Aug 2018 – Aug 2023 · 5 yrs

• Heading up Global Information Security and Data Privacy
• Managed global IT security efforts, ensuring the protection of patient data and enabling secure business operations across all units. Effective globally especially in difficult countries such as China, Russia, Ukraine, and Dubai.
• Led the secure carve-out of Lifescan from Johnson & Johnson, contributing to a $2.2 billion valuation through robust risk management strategies, best in class GRC Security Policy and Procedures, and Cyber Risk Register.
• Integrated acquisitions, enhancing product offerings and maintaining high security standards.
• Developed and implemented a holistic enterprise security solution, utilizing risk-based frameworks to protect sensitive information. Ensured continuous FDA compliance for BGM and CGM Development.
• Developed world class cyber security hybrid team of FTE’s and Consultants.
• Operated on extremely thin Cyber Security budget 2.7% Cyber Security Spend to IT Spend resulting in savings of over 30MM dollars in 5 years while achieving Zero Cyber Breaches.
• Optimized and minimized Cyber Alerts to 7 or less true positive alerts to investigate and mitigate weekly from tens of thousands of weekly monitored cyber events.

Apr 2016 – Apr 2017 · 1 yr · Greater Salt Lake City Area and Western US Region

• RESPONSIBILITIES:
• Management Consulting and Trusted Advisor
• Achieve high level of Customer Satisfaction on all consulting engagements by advocating process with project managers and security consultants involved in solution delivery.
• Analyze customer needs and design/develop Security Solutions specific to their needs.
• Support account managers in presales activities and maintain SLA for response times.
• Articulate methodologies to product specialists and delivery consultants for further development.
• Develop strong customer relationships and trust to secure future business.
• Develop Statements of Work, proposals, Level of Effort and work breakdown schedules.
• Lead developments in the security industry through Professional Associations, Research, Presentations, Trade journal articles, Networking.

Oct 2015 – Present · 10 yrs 6 mos · Greater Salt Lake City Area

• Cyber Security Consultancy for vCISO, Penetration testing, Incident Response, Forensics and eDiscovery, Management consulting, Interim C-Level, Security Risk Assessment, Vulnerability Assessment, Security training and end user Security Training and awareness, Security Strategy, and Security Products development and deployment, Business Continuity and Disaster Recovery, Cyber Security law.
• Spearheaded the creation and growth of leading cybersecurity consulting firm, achieving over $1MM in revenue yearly.
• Implemented comprehensive incident response initiatives, managing high-profile security breaches with a risk-based approach, reducing incidents by 100% for customers and partners.
• Developed and deployed advanced security protocols, enhancing overall cyber resilience and reducing client risk exposure by 20% yearly with continuous improvement programs implemented.
• Established a Security Operations Center (SOC) as a managed service, providing continuous monitoring and threat management, achieving 200% reduction in threat response time, improve mean time to detect, mean time to contain.
• vCISO services for multiple companies, achieving best-in-class security posture, improvements in tooling, monitoring, secure software development lifecycle enhancement and assurance.

Jan 2006 – Present · 20 yrs 3 mos · Salt Lake City Metropolitan Area

• Business Development, Security Auditing, Consulting, and Mergers and Acquistions.
• Delivered IT, Software Engineering, Product Development, Program Development, Cybersecurity and Compliance consulting services to leading Healthcare organizations, LifeScience organizations and other verticals, using risk-based approaches to achieve Business Objectives. Resulting in robust Programs and Products to meet stringent demands operationally for Technology. Including specific Cyber aspects such as:GRC Security Policies, Procedures, and Cyber Risk Registers and Cyber Security Controls Catalogue enabling multi-regulatory framework compliance.
• Implemented electronic medical record (EMR) solutions, ensuring secure and compliant systems for multiple institutions.
• Conducted security risk assessments and developed mitigation strategies, significantly reducing vulnerabilities and improving security posture.
• Build and Maintain Networks, Endpoints, Cloud, Applications, Medical Devices, and other Tech business enabling programs.

Aug 2004 – Apr 2016 · 11 yrs 8 mos

Aug 2004 – Oct 2008 · 4 yrs 2 mos

Jan 2003 – Jan 2009 · 6 yrs

• Directed global security, development, support, and QA divisions, fostering a culture of security and risk management.
• Managed relationships with global vendors, negotiating and overseeing software and hardware maintenance support agreements.
• Led an offshore development team of 15, managing a $16M budget and ensuring secure, high-quality deliverables.