C|CISO, CISM, GSLC, CDPSE, ISO 27001 Lead Implementer (BSI)
Growing in today's marketplace requires balanced business execution with developing and maintaining market trust. Security, compliance, privacy and the ability to communicate those investments to customers - are all critical to achieving business outcomes.
Global security leader for Modern Work domain's Secure by Default program under the Chief Technology Officer for Microsoft Consulting Services' Modern Work delivery. Designed and constructed global security awareness and training, integrating security risk assessment, threat modeling, and secure delivery practices into intellectual property, estimation, and delivery practice uplift.
Ignited and accelerated compliance program design and maturity at more than a dozen top tier Sis and GSIs aiding one in achieving 2021 Microsoft Security Partner of the Year. Constructed v-teams across engineering, global partner sales, and product marketing to deliver high impact maturity programs. Delivered millions of dollars in additional revenue to Microsoft and SIs, contributing to double digit percentage growth in the Microsoft Security and Compliance sales across relationships.
Principal architect and architecture leader for North America and South America information security architecture resources. Designed cloud-risk programs and security operations modernization to secure business outcomes for Fortune 500 companies. Acted as a CISO advisor and executive coach in critical accounts, partnering with top financial services, retail, and critical infrastructure customers as well as McAfee's own sales engineering and product executives to build successful security programs. Focused on cloud-only and hybrid cloud transformation with advanced analytics and operational remediation, including on Microsoft Azure and Amazon AWS.
Proposed, budgeted, hired global team and associated information security management system driving client readiness in security investments for $2B+ technology services business. Operated global infosec risk management program to achieve and enable revenue, while reducing client exposure. Successfully designed, operated, and audited against global security and privacy programs such as HIPAA, NYDFS 500, FISMA, and others.
Transformed security into an asset by building a security sales support team to assist consulting teams in aligning and delivering client needs.
Lead the operation of the information security and customer data protection programs for global Unified Communications and Collaboration Managed Services business. Sponsored organization changes and specific customers’ solutions to negotiate and deliver security obligations with Fortune 500 clients. Re-designed security program of Avanade’s global managed services and cloud delivery capability, to accurately identify and significantly reduce risk while unlocking revenue achievement in an aggressive compliance and security industry environment.
Designed, constructed, operated, and led to certification Avanade’s first ISO 27001 certified security management system. Authored company assertions and operated audit readiness programs for SSAE16 SOC1 and SOC2 commitments.
Security supports the customer trust and experience. Every function in security must retain a sense of its business context and direction.
Business growth and future market competitiveness require experience-building with new technology and new concepts. A security organization should be integral with a high-velocity innovation pipeline.
The goal is not to create stop-gates, but rather to reduce excess risk through rapid-access advisors and accelerated release readiness.
Innovation is curiosity applied to achieve a new outcome. Innovation in security and compliance should support a larger enterprise market goal.
Patent application disclosure at McAfee to be made public October 2021.
Thought leadership sponsor and team leader at McAfee and Microsoft.
Updated SaaS and PaaS threat models at McAfee for pass-through data risk.
Compliance narratives at Microsoft redesigned to target ecosystem needs.
Security is a people business. People selling to people, people procuring, people engineering. People need a narrative with a story that ends in a benefit the business - and its people - want.