Who I am
Ambassador for GRC, Privacy, and Security. Educated, experienced, and certified professional that is able to develop processes and implement change, which includes solutions and processes, in order to achieve success.
Recognized leader, manager, and Subject Matter Expert (SME) for IT Security and Privacy with Federal and State government information systems. Program and project management, risk management, strategic and tactical planning, coordinating and integrating multiple large and complete projects into a comprehensive program. Focused for over 25 years in helping organizations with my expert knowledge and experience in Information Technology (IT) security and privacy programs, development, and management. Highly successful in managing remote projects with virtual teams.
What I do
GRC/Security/Privacy Professional that develops GRC/Security/Privacy solutions for implementation, monitoring, and execution of assessments of systems against multiple frameworks as well as overall risk management. I help the organization in meeting compliance requirements by developing Compliance as Code for cloud environments to automate compliance enforcement through prevention (automatically enforce compliance), detection (alerting when non-compliance occurs), and remediation (making immediate changes when non-compliance occurs). I also help in integrating GRC tools, such as ServiceNow, to automated compliance monitoring and assessment.
Project Portfolio Management (PPM) and Tactical Operations
Over 20 years of managing programs, projects and tactical operations in a wide variety of industries and environments. Expertise in with various project management approaches which include the guides and standards of Project Management Body of Knowledge (PMBOK), Software Development Life Cycle (SDLC) Waterfall, and Agile.
I initially got involved with project management as a Tool Design Engineer in 1986 for Square D Company in Lincoln Nebraska. Since that time I have held various positions: , Chief Executive Officer (CEO), Chief Information Officer (CIO), Chief Information Security Officer (CISO), Program Manager, Project Manager, Board Member, Vice President, Security Compliance Coordinator, Audit Liaison, Task Lead, Team Lead, IT Security Subject Matter Expert (SME), Federal Information Systems (OMB, NIST, and FISMA) SME, Senior IT Security Analyst, Project Engineer, Application Engineer, and Design Engineer.
Information Security, Compliance, and Privacy Management
Over 20 years of experience working with information technology and security. This experience includes not only cyber security, which defends and protects cyberspace from cyber attacks, but encompasses the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability.
I am currently the Associate Director, Global Information Security Group (GISG) for KPMG International.