Dec 2021 – Sep 2025 · 3 yrs 9 mos · United States · Hybrid

• Enabling key departments to develop a deep and strategically focused understanding of the line of the threat landscape and systematically reduce risk, while executing against their key security objectives and to drive informed security context into their business decisions.

Oct 2021 – Dec 2021 · 2 mos

• Focused on empower, and enabling the leadership team, to make informed risk based decisions, while executing the organizational vision, goals, and objectives. Working closely with executive management, business leaders, and the user community we securely ensure high availability, and security of our global SaaS offering. Serving as the steward for the organization's total information security needs, the team is responsible for the development and delivery of a comprehensive information security strategy to optimize the security posture of the the enterprise, and product offerings. Through my leadership the team continues to develop, and improve a security program that leverages collaboration to facilitate information security governance, advise executive leadership on security direction and resource investments, and design business aligned methodologies to manage enterprise security risk.

Jul 2017 – Dec 2021 · 4 yrs 5 mos

• My focus is to empower the leadership team, to make informed risk based decisions, while executing the organizational vision, goals, and objectives. Working closely with executive management, business leaders, and the user community we securely ensure high availability, and security of our global SaaS offering. Serving as the steward for the organization's total information security needs, the team is responsible for the development and delivery of a comprehensive information security strategy to optimize the security posture of the the enterprise, and product offerings. Through my leadership the team continues to develop, and improve a security program that leverages collaboration to facilitate information security governance, advise executive leadership on security direction and resource investments, and design business aligned methodologies to manage enterprise security risk.

Jul 2017 – Dec 2021 · 4 yrs 5 mos

• Led 20+ security professionals across information security, privacy, and compliance for mission-critical
• communications SaaS platform serving government and enterprise customers.
• Revenue Growth Driver — Implemented "security-as-sales-enabler" strategy contributing to 35%
• YoY revenue growth and closure of largest enterprise deals
• Compliance-Enabled Expansion — Achieved FedRAMP, ISO 27001, GDPR certifications enabling
• shorter sales cycles and global market expansion across 6 countries
• Technical Excellence — Designed cloud-native security architecture supporting 99.99% SLA
• requirements; built automated monitoring reducing security-related deployment delays 60%
• Team Leadership — Scaled security organization from 8 to 20+ professionals; established security
• engineering culture with measurable KPIs and continuous improvement

May 2016 – Oct 2017 · 1 yr 5 mos

• DatumSec operates under a single premise: offer a scalable, measurable, and repeatable approach to the vendor risk assessment process so that organizations gain the ability to reduce their third-party risk. With a team of dedicated professionals coming from security powerhouses DatumSec specializes in providing third-party vendor risk assessment solutions.

Nov 2015 – Jul 2017 · 1 yr 8 mos · Greater Los Angeles Area

• Accountable for the network of security staff, consultants and vendors who safeguard the company’s assets, intellectual property, trademark and computer systems, as well as the physical safety of employees and visitors
• Identify top level goals and objectives consistent with the corporate strategic plan
• Define and implement initiatives to achieve the security goals and objectives
• Align security as a global entity, including but not limited to global security policy, standards, guidelines and procedures to ensure continuity, efficiency and effectiveness
• Research, define and manage security related projects in order to improve security standards Globally

Sep 2015 – Dec 2017 · 2 yrs 3 mos

• CDSA, the Content Delivery & Security Association (formerly IRMA, the International Recording Media Association), is the international content protection association. For over 40 years, it has served as the worldwide forum advocating the innovative and responsible delivery and storage of entertainment, software and information content.
• Founded in 1970, this global trade association’s membership includes companies involved in every facet along the digital and physical media supply chain.
• Beginning with the audiocassette, through the home video revolution, and into today’s digital delivery era, CDSA has always been the organization companies have turned to for news, networking, market research, information services, and leadership.
• In 2010 CDSA went under the management of the Media & Entertainment Services Alliance (MESA). Due to worldwide acclaim for its anti-piracy and content protection standards, CDSA has focused its activities on protecting entertainment IP throughout the supply chain, both pre-release and post release content.
• Specialties
• Security, Audit, Content, Media, Entertainment

Feb 2012 – Nov 2015 · 3 yrs 9 mos · Greater Los Angeles Area

• Accountable for the network of security staff, consultants and vendors who safeguard the company’s assets, intellectual property, trademark and computer systems, as well as the physical safety of employees and visitors
• Identify top level goals and objectives consistent with the corporate strategic plan
• Define and implement initiatives to achieve the security goals and objectives
• Align security as a global entity, including but not limited to global security policy, standards, guidelines and procedures to ensure continuity, efficiency and effectiveness
• Research, define and manage security related projects in order to improve security standards Globally

Mar 2011 – Jan 2012 · 10 mos

• Consulting practice lead leading development and consulting offerings for various enterprise client seeking to implement, improve or rationalize their capabilities in Security Incident and Event Management. Consulted in various industries helping client realize maximum value and return on IT and security investments.

Mar 2011 – Jan 2012 · 10 mos

Jul 2010 – Mar 2011 · 8 mos

• Participate in the development and operational functioning of an active security monitoring program.
• Assist in the development of uniform data security policies and procedures. Perform periodic security reviews of existing information systems for compliance with security policies and procedures and security architecture.
• Develop requirements and solution definition process for new information systems.
• Performs security monitoring of SIEM, host integrity, and other aggregate sources of security events.
• Performs scheduled and/or ad-hoc vulnerability scans or penetration tests, as needed, and research and recommend remediation. Maintains state of readiness by conducting preparatory phase incident response

Jan 2010 – Jul 2010 · 6 mos

• Develops and coordinates the development of security policies, standards, and procedures; collaborates with other ECMC divisions, data owners and managers in the development of policies to ensure proper security safeguards are achieved.
• Develops and implements an ongoing risk assessment program, including recommending methods and overseeing vulnerability detection and testing.
• Reviews security legislation, regulations, advisories, alert and vulnerabilities, and communicates accordingly with division, data owner and managers; reviews agency information systems and provides written reports of potential security risks and recommended solutions.
• Conducts security awareness training and training materials on information security for employees and other authorized users; collaborates with Service Desk to establish a standardized information security awareness and training program

Apr 2009 – Feb 2010 · 10 mos

• Information security implementation, security architecture, incident response and forensics, security management, security assessments

Apr 2009 – Feb 2010 · 10 mos

Feb 2008 – Feb 2009 · 1 yr

• Conduct incident response and examinations of computers, and media generated by computers to develop evidence.
• Plan, organize and devise approaches necessary to respond to incidents and obtain useful forensic information from the evidence submitted, taking into consideration the requirements by agency regulations, federal and state laws - and company policies as they apply.
• Prepare formal written reports suitable for legal matters
• Responsible for the accuracy and adequacy of their forensic examinations performed.

Jan 2005 – Jan 2009 · 4 yrs

Jan 2003 – Jan 2005 · 2 yrs

• Remote and desk side support of hardware, software and network issues among 5000+ users in a windows environment NT, 2000 and XP
• Exchange account support and setup
• Oracle Database Support
• Network and local printer Support
• Network account setup and administration
• Migrated environment to Active Directory, Windows XP and Office XP

Jan 2005 – Jan 2008 · 3 yrs

• Work with the customer and end users to define technical and functional requirements.
• Define the security architecture, ensuring that it meets the business requirements and performance goals as defined by the client’s long-term direction.
• Work with other architects and leads to ensure that the security components (security technology, operations, and management) are integrated as defined in the requirements.
• Fully understand the capabilities and limitations of the security components (security technology, operations, and management).
• Review and integrate the security architecture requirements for production and sub-production environments.

Jan 2002 – Jan 2003 · 1 yr

• Troubleshot computer hardware, software, accessories and network solutions
• Supervised team of 10 level II support technicians
• Managed ticket escalations
• Assisted in training and supervising staff in all operations.