Confidential

Chief Security Officer Principal Head of IT Security Accomplished IT executive focused on portfolio management, go-to-market strategy, and solution development in depth expertise in enterprise security technologies, governance, risk management, compliance, and high-profile consulting highly adept at managing and resolving complex issues and corporate security challenges proven ability to develop security programs, manage assessments, audits, and remediation, and governance over design and implementation of security architectures. Additionally holds the ISACA CISA certification formerly held PCI QSA certification. Seeking an exciting and thrilling opportunity in an international setting for a Global company. Willingness to travel and learn new languages, customs, and cultures. Cloud Security Product Management Threat Management Project Management Budget/Cost Contract Negotiations Forecasting Analysis Service Delivery Security Architecture GRC ISO 27000 / PCI / HIPAA Framework and Policy Development Security Assessments/Audits Incident Response Analysis Identity Management IT Security Governance

PROFESSIONAL EXPERIENCE

Confidential Sr. Engagement Manager Focus in providing excellent implementation and deployment services to CipherCloud's customers. In this role, I am own between 5 -7 client relationships at any given point in time, with ultimate responsible for all services required for a successful and on-schedule implementation of CipherCloud products. As part of the client relationship management, project scoping, oversight, and day-to-day guidance includes: Develop and maintain long term, trusted relationships with CipherCloud clients Escalate relationships within client to C-level executives Broaden relationships within client to include multiple business and technology areas Establish and drive project and customer based Steering Committees Ensure long term client satisfaction and succession Craft creative solutions to client business and technology problem Work side by side with the sales team to develop level of effort estimate for client projects Work with Services leadership to determine optimal project staffing Develop detailed project plans and milestones in order to ensure successful completion of the project within constraints such as time, cost and agreed quality standards Ensure project team utilizes best practices and methodologies Anticipate and catch deviations from a plan or schedule early. Maintain overall responsibility for scope and budget of projects, including the development and processing of change orders Identify, log, analyze and manage potential and actual issues and risks, taking corrective action by tackling day-to-day issues head on and reviewing how more serious issues and risks might impact on scope, schedule, quality and cost. Confidential Principal Consultant / Managing Partner Focus in enterprise security architecture development and management, security program design, security governance, IT risk and compliance, and regulatory assessments eGRC . Areas of expertise include PCI, DIACAP, HIPAA, and ISO 27000. Notable projects include: Oversaw development of the electronic health record system eUHR for largest US Corrections Department as the lead HIPAA architect. Designed and implemented the Adobe Rights Management Single Sign On Kerberos Authentication solution for eUHR users. Performed Merger Acquisition's Network and Security ISO 27000 assessments for Global Technology Company. Led enterprise database inventory and analysis of security attributes for largest world Payroll Company. Managed PCI International Remediation project Argentina Brazil for largest world retailer. Developed and provided expert review of technical and business solutions meeting PCI compliance. Built Secure Baseline for SUN Solaris 10 and Windows 2003 VMware templates for a medium size NY industrial manufacturer company. Conducted DIACAP readiness assessment for large healthcare insurance company in Northeast US. Assessed over 12,000 Cisco routers and switches, 150 Cisco PIX and ASA firewalls and 12 Secure Computing Sidewinder Firewalls. Developed remediation plan for open vulnerabilities. Reviewed banking applications for medium sized New England financial organization. Analysis included platform OS, databases, webservers, and client interfaces. Orange Business Services, Confidential Head of Security Solutions - Americas Focus in Go-To-Market strategy, Security Solutions positioning, Partners and Channels, and security governance, IT risk and compliance. Areas of expertise include ITIL, PCI, DIACAP, HIPAA, and ISO 27000. Notable achievements include: Development and execution of the Security Solutions strategy for the Americas with Global footprint. Building of strategic partnerships and alliances. Portfolio refinement and enablement. Responsible for growing revenue targets 20 YOY. Leadership and mentorship of AME Security practice. Expansion to new market verticals. Quadrupled existing Security pipeline to 8M euros.

Confidential Security Solutions Architect Carry out security architecture development and management, security policy design, and security management system implementation for clients of this global technology firm. Facilitate business development by penetrating accounts and opening business opportunities. Conducted risk and gap assessments of NYC e911 system, to ensure compliance with ISO27001 Security Policy and Information Management Systems requirements. Conducted security assessment for software development environment. Provided recommendations to secure intellectual property IP and meet regulatory compliance. Evaluated IT and virtual security architecture VMware to facilitate Development Maturity Environment for world's largest records management company. Contributed proof of concept and final implementation plan, as well as risk remediation recommendations. Facilitated in sales efforts. Assisted with >15 systems integration and security RFP responses. Developed intellectual property for Data Loss Protection program, including presentations and use cases, test cases, and customer check list. Confidential Senior Security Consultant Conduct IT security consulting for clients of this 20B telecom and IT services consulting firm. Support financial, healthcare, insurance, manufacturing, aerospace, military, IT storage, and records management sectors. Specialties included ISO 27000 assessments planning, PCI and IT auditing, IT security program design, and identity management. Develop white papers, sales collateral, and presentations. Manage projects. Prepare RFP responses and SOWs. Served as Northeast Security Practice Lead. Performed >100 IT security assessments, PCI audits, compliance validations, and more. Architected and implemented several firewall designs for financial, retail, and government clients. Carried out identity management architectural design for military branch. Created solution, led installation and configuration. Conducted firewall and proxy infrastructure audits for multiple Fortune 500 companies. Served as PCI Trusted Advisor for major weapons manufacturer and large retailer. Designed and integrated DMZs, LANs, and card holder networks. Performed email and file encryption transition for global financial/insurance company. Developed and implemented Intrusion Prevention strategy for large medical insurance firm. Created network forensics and ISO 27001 ISMS plan for Northeast Healthcare System.

PREVIOUS EXPERIENCE

Network Security Architect, Confidential IS Security Officer, Confidential Lead Network Engineer, Confidential Network Systems Administrator, Confidential PROFESSIONAL CERTIFICATIONS Certified Information Systems Security Professional CISSP Certified Information Security Auditor CISA Training / Past Certifications: PCI QSA , Cisco, Nortel Networks, Checkpoint, Microsoft, Symantec, McAfee, BlueCoat, Palo Alto, CipherCloud TECHNICAL EXPERTISE Security: Identity and Access Management. Security Audit, Web/Content Filtering, Data Classification and Protection, Cloud Hardware: Firewalls, IDS / IPS, SSL Accelerator/Reverse Proxy, VPN Applications / DB: VMware, Adobe Rights Management, Word, Excel, MS Project, Visio Networking: LAN/WAN, wireless systems, Enterprise infrastructure Platforms: Windows, UNIX, Linux, Mainframe