I grew up around computers and built my first one upgrading an IBM XT system to a 386. Years later I discovered a passion for data security after graduating from Syracuse University in 2005 and landing my first job at Citi supporting their retail environment. I've built my profession by helping companies develop their information security posture - sometimes with a little bit of hand holding, other times with a big stick.
Bachelor of Arts • May 2005
Lead IT Compliance/Security Analyst • 2011 - Present
My present role. Helping a budding young startup navigate the murky regulatory challenges (SOX) of going IPO and securing technical improves to align with industry standards and best practices.
Senior IT Security Analyst • 2011 - Present
By leveraging various technologies and a wide array of global security expertise, I kept my finger on the security pulse by reviewing signs of cyber attack, malware, and data leakage across our threat management program.
Information Security Program Manager• 2011
I assisted the overarching Security strategies that were proposed by our top brass. I designed strategies for identifying, assessing, monitoring, and reporting security and operational risks. Measured the reported efficiency of security & risk programs, and documented exceptions.
Information Security Analyst • 2007 - 2011
I worked alongside a dedicated (and incredibly talented) team of information security officers aligned to our business units, and advised on security matters in day-to-day business operations. My particular focus was to drive the patch management program across our infrastructure - 200,000+ Windows/Unix systems - and to ensure that IT challenges were swiftly resolved. The program reduced non-patched populations to less than 1/10th of mandated tolerance levels while facing severe resource constraints, an unprecedented volume of announced vulnerabilities, and significant population increases (+60%) due to business reorganizations.
Technical Specialist• 2005 - 2007
Ah, my introduction to the corporate world. I was hired to support the infrastructure of the retail branch environment - workstations, servers, ATM systems, routers, etc... I was also responsible for drating technical schematics and product diagrams. Beyond this, I suppose you could say I had an "aggressive curiosity" in exploring the various groups that supported the technology of such an enormous financial system - which led to my involvement in various compliance efforts (such as the infamous "clean desk" policy) and project management efforts.
Teaching Assistant• 2004 - 2005
• Conducted weekly classes reviewing lectures, assignments, and textbook material.
CISSP - Certified Information Systems Security Professional• (Active)
GSLC - Cyber Security Leadership• (Active)
GLEG - Law of Data Security and Investigations• (Active)
CIPP - Certified Information Privacy Professional• (Active)