C|CISO, CISM, GSLC, CDPSE, ISO 27001 Lead Implementer (BSI)
Grow business in today's marketplace balancing business execution with maintaining market trust. I lead market-aligned Security, compliance, privacy programs and communicate those investments to customers.
The mission of security is the mission of the business - critical to achieving business outcomes.
Director leading Digital Risk Management for the Security Service Line, building capabilities and revenue, driving customer outcomes in industry needs for risk management and compliance. Build services revenue by analyzing and aligning to the customer marketplace in specific geographies with high regulatory burdens and/or industry specific compliance obligations. Drive a services portfolio focused on delivering the needs of our industry and our customers by the combined power of Microsoft's products, ecosystem partners, and world-class consulting talent to connect Security to the business, in the languages of business value and marketplace obligations.
Lead Data Protection globally for the Modern Work domain in Industry Solutions at Microsoft, addressing industry specific obligations to customers across the globe. Manage global data protection obligations at the Principal/Director level for deal escalations, review of business performance on Secure by Default program operations, and lead implementation for Microsoft's security, compliance, and privacy programs in Modern Work consulting.
Ignited and accelerated compliance program design and maturity at more than a dozen top tier Sis and GSIs aiding one in achieving 2021 Microsoft Security Partner of the Year. Constructed v-teams across engineering, global partner sales, and product marketing to deliver high impact maturity programs. Delivered millions of dollars in additional revenue to Microsoft and SIs, contributing to double digit percentage growth in the Microsoft Security and Compliance sales across relationships.
Principal architect and architecture leader for North America and South America information security architecture resources. Designed cloud-risk programs and security operations modernization to secure business outcomes for Fortune 500 companies. Acted as a CISO advisor and executive coach in critical accounts, partnering with top financial services, retail, and critical infrastructure customers as well as McAfee's own sales engineering and product executives to build successful security programs. Focused on cloud-only and hybrid cloud transformation with advanced analytics and operational remediation, including on Microsoft Azure and Amazon AWS.
Proposed, budgeted, hired global team and associated information security management system driving client readiness in security investments for $2B+ technology services business. Operated global infosec risk management program to achieve and enable revenue, while reducing client exposure. Successfully designed, operated, and audited against global security and privacy programs such as HIPAA, NYDFS 500, FISMA, and others.
Transformed security into an asset by building a security sales support team to assist consulting teams in aligning and delivering client needs.
Lead the operation of the information security and customer data protection programs for global Unified Communications and Collaboration Managed Services business. Sponsored organization changes and specific customers’ solutions to negotiate and deliver security obligations with Fortune 500 clients. Re-designed security program of Avanade’s global managed services and cloud delivery capability, to accurately identify and significantly reduce risk while unlocking revenue achievement in an aggressive compliance and security industry environment.
Designed, constructed, operated, and led to certification Avanade’s first ISO 27001 certified security management system. Authored company assertions and operated audit readiness programs for SSAE16 SOC1 and SOC2 commitments.
Security supports the customer trust and experience. Every function in security must retain a sense of its business context and direction.
Business growth and future market competitiveness require experience-building with new technology and new concepts. A security organization should be integral with a high-velocity innovation pipeline.
The goal is not to create stop-gates, but rather to reduce excess risk through rapid-access advisors and accelerated release readiness.
Innovation is curiosity applied to achieve a new outcome. Innovation in security and compliance should support a larger enterprise market goal.
Patent application disclosure at McAfee to be made public October 2021.
Thought leadership sponsor and team leader at McAfee and Microsoft.
Updated SaaS and PaaS threat models at McAfee for pass-through data risk.
Compliance narratives at Microsoft redesigned to target ecosystem needs.
Security is a people business. People selling to people, people procuring, people engineering. People need a narrative with a story that ends in a benefit the business - and its people - want.