Senior Director, Information Security at CVS Health and Information Security Officer at Omnicare
Started at CVS Health in September of 2014. Named Information Security Officer for Omnicare, a wholly owned subsidiary of CVS Health, in September of 2015.
At Omnicare, responsible for the development and delivery of a comprehensive information security program to ensure information assets and technologies are adequately protected.
Responsible for all security integration efforts between Omnicare and CVS Health. Some of the projects include the following:
- Log collection and subsequent monitoring of the Omnicare environment by the 24x7x365 CVS Health Security Operations Center.
- Deployed a consistent end point security solution to reduce the risk of malware attacks.
- Implemented a 2FA solution.
- Blocked access to internet mail services.
- Deployed Web Security Gateway to control access to internet content.
- Implemented IDS to protect the network from cyber attack.
- Removed Outlook Web Access (OWA).
- Completed advanced malware assessment.
At Fortune 7 CVS, provide 24x7 protection of business operations. Responsible for architecture, engineering and operations for the following security services: network and perimeter defense, endpoint protection, security information and event management (SIEM), security operations center (SOC), threat intelligence, computer security incident response team (CSIRT), electronic discovery, and forensics.
- Instrumental in developing and leading an enterprise wide development and communication of a service owner model across all security services at CVS Health providing a single point of responsibility and accountability for everything about each security service.
- One of a select group of employees recognized by the CVS Health Business Planning Committee for my ability to positively affect the company's future growth and performance.
- 86% reduction in threat containment time by innovating and leveraging already procured technology. A Symantec white paper written about the process implemented at CVS Health.
- Led effort and completed CVS' first ever advanced threat compromise assessment covering 50,000+ computer systems.
- 96% decrease in Mean Initial Work Time and 53% decrease in Standard Deviation for security incidents.
- 83% decrease in Mean Time to Validate threats resulting in a 660% increase in the number of proactive incidents worked by the CVS Health Security Operations Center.
- Implemented an inline advanced threat technology to proactively defend against today's evasive and ever changing attacks.
- Security analytics expert witness for CVS Health.