Summary

Information Security Executive<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /><o:p></o:p>

<o:p></o:p>

Innovative & passionate thinker with broad-based information security expertise in financial services, consumer products, retail operations, technology services and government industries. Over 15 years of demonstrable ability to quickly analyze key information security threats and execute strategies to eliminate, mitigate or accept these risks.<o:p></o:p>

<o:p></o:p>

High-integrity and energetic leader known for the ability to envision and create successful outcomes in complex situations. Deep industry and functional expertise, with tenacious commitments to increasing organizational security to match organizational requirements.Areas of excellence include:<o:p></o:p>

<o:p></o:p>

·  Information Security Program Management <o:p></o:p>

·  Vulnerability & Patch Management<o:p></o:p>

·  Enterprise Log Management & Analysis<o:p></o:p>

·  Business Resiliency Programs<o:p></o:p>

·  Application-Level Security <o:p></o:p>

·  DDoS & Attack Mitigation Expert<o:p></o:p>

·  Social Engineering Testing Services<o:p></o:p>

·  Computer Investigations & Forensic Analysis<o:p></o:p>

·  Recruiting, Leading & Developing Teams <o:p></o:p>

·  Malware Mitigation Strategies<o:p></o:p>

·  Security-Event-Management (SEM) Services<o:p></o:p>

·  Data Loss Prevention Deployments<o:p></o:p>

·  Security Content Public Relations <o:p></o:p>

·  Public Speaking<o:p></o:p>

<o:p></o:p>

<o:p></o:p>

Core Competency & Education Highlights<o:p></o:p>

Built impressive track record of developing, building, selling and executing technical threat mitigation programs and systems within organizations of all sizes.<o:p></o:p>

·  Information Security Program Planning – Keen ability to analyze organizational needs and consistently develop & establish institutional adoption of high quality strategic plans / solutions. <o:p></o:p>

·  Secure Technical Architecture Deployments – Established new gateway architectures for over 48 complex businesses resulting in no known intrusion events.<o:p></o:p>

·  Web & Application-level Security Including WAFs – Initiated and launched an industry-leading testing and assessing capability for three separate organizations, which led to over $2M in sales.Also, assisted in development of an industry leading Application Firewall which lead to $10M+ sales.<o:p></o:p>

·  Denial-of-Service Technology – One of the leading executives in charge of the most recognized DoS & DDoS tool in the marketplace.Lead information security practitioner in charge for a major payment card company during Operation Payback Wikileak’s oriented attacks which results in no downtime or disrupted services.<o:p></o:p>

·  Compliance & Industry Standards – Recognized expert on information security compliance issues including inclusion into whitepapers, panel discussions, and drafting considerations.Deep knowledge in FISMA, HIPAA, GLBA, PCI, PIPEDA, DIBCSI, ITIL, and ISO27001/2.<o:p></o:p>

·  Investigatory, Technical Testing & Diagnostic Expertise – Conducted over 600 investigations, forensic or technical security tests over the past 10 years. Deep knowledge of litigation hold procedures, proper tools and limitations and techniques.<o:p></o:p>

·  Business Resiliency – Lead, developed, executed on all aspects of business continuity operations which included repeated industry recognition with awards and special invitations to speak & instruct. <o:p></o:p>

·  Customer Service & Quality Service Delivery – Consistently demonstrated skill of relentless pursuit of high-quality service / deliverables, satisfaction levels and sustainable relationships.<o:p></o:p>

EDUCATION:<o:p></o:p>

·  MBA Finance 1998, Auburn University, Auburn, Alabama <o:p></o:p>

·  BS Aeronautical Studies 1991, Management Concentration, Embry-Riddle Aeronautical University, <?xml:namespace prefix = st1 ns = "urn:schemas-microsoft-com:office:smarttags" /><st1:place><st1:city>Daytona Beach</st1:city>, <st1:state>Florida</st1:state></st1:place>. Graduated with Honors (Cum Laude).<o:p></o:p>

·  Certified Information Systems Security Professional (CISSP) 2002 (updated 2011)<o:p></o:p>

·Certified Information Security Manager (CISM) 2003 (updated 2010)<o:p></o:p>

Work History

Work History
Jun 2006 - Apr 2009

President & CEO

Allied InfoSecurity
Started a company specializing in information security professional services and staffed by certified security professionals.Allied InfoSecurity operated in five geographies (NYC, Philadelphia, Atlanta, Nashville & Vancouver) and serves as a consulting and outsourcing provider to companies within the financial, healthcare, retail and information technology services.Services included technical assessments, diagnostics and investigations, compliance and certification services, employee awareness and training programs, and comprehensive security program development and comprehensive management.Hired, trained and lead a team of twelve professionals and a team of eight outsourced back-office service providers.

Grew business from start-up to over $2.5M annual sales & 125 customers in four different countries by introducing and validating an innovative approach to professional services delivery.

Some of the accomplishments include:

·Successfully financed ($1.5M) and launched Allied InfoSecurity, Inc., a professional services business in the IT Security marketplace.Established at least 100% sales growth rate for three years and operational break-even one-year ahead of original plan (2 years vs. 3 years).

·Established flawless & industry-leading 100% customer satisfaction for three years running.

·Created a unique & very distinct set of services focusing on fixed-priced or ongoing retained relationships with client’s security assessments and testing, compliance, forensics, and benchmarking.

·Established a Board of Advisors group of seven C-Level executives including many from Fortune 1000 companies.

·Deep expertise in securing the world’s leading information security technologies such as Data Leakage Protection (DLP), advanced encryption deployments, Payment Card Industry (PCI) standards, web application (OWASP) protection strategies, litigation and investigation tools & techniques, and keen strategies to protect against social engineering threats, among others.

·Established strategic alliances in all geographies we operated and world-wide with Symantec.

·Invited to speak monthly at various industry trade shows, partner events, customer meetings, client Board of Director awareness meetings, etc.

Whitepapers & Webinar Thought Pieces

Information Security Program Certifications (ISPC), 2006

Cryptographic Controls and the Emerging Management Challenges, 2007

Social Engineering Threats: The Perils of Human Behavior, 2008

Top Ten Do’s & Don’ts of Social Engineering Assessments, 2008

How to Decipher Web Application Assessments: OWASP, 2008

Annual Update of World-Wide Regulatory and Industry Requirements, 2008

How to Prepare for a Litigation, Investigation or Forensics Event, 2009

Mar 2006 - Jun 2006

Director of Information Security

Barclay Card US

Served as the information security officer for BarclayCard US, the fifth-largest credit-card issuer in the United States. Responsible for the entire information security program—including regulatory compliance, privacy controls, security designs supporting financial fraud and risk programs, and technical responses to all incidents. Additional responsibilities included protecting the company’s data-processing environment and also served as the process owner for providing appropriate access to and protecting the confidentiality and integrity of customer, employee, and business information.

Jan 2002 - Mar 2006

Sr. Director, Information Security Professional Services

SunGard Availability Services

Responsible for all IT Security Professional Service products and services worldwide.Report directly to the Senior Vice President of Professional Services.Solely accountable for business model, profit & loss, market strategy, product development, pricing, market positioning, business alliances, margin structure, delivery and overall quality. Supervise a staff of 22 directors, managers and consultants. Operational expert in all products offered.

·Acted as SunGard’s primary authority on all matters relating to Information Security. Interfaced with internal senior directors daily, and acted as the SunGard’s spokesman for all matters concerning information security for its clientele and business partners.

·Established and led SunGard Professional Services business in the IT Security marketplace and Achieved “Top Ten” status in just four short years. Over $10MM in sales in 2006 and over 450 cumulative clients.

·Invited to join SunGard’s prestigious “Founding Management Team” of 100 worldwide executives by new equity owners during a leveraged-buyout (LBO) in August, 2005.

·Published in, or contributed to the following articles or curricula:

Newspapers/PeriodicalsUniversities

Wall Street Journal (Front Page), Dec 2004University of Boston, Coursework, 2005

CSO Magazine, 2004 & 2005Villanova University, Coursework, 2004 & 2005

Orlando Sentinel, 2004University of Minnesota, Coursework, 2005

Communication News Magazine, 2005

Disaster Recovery Journal, 2003

Contingency Planning & Mgmt Magazine, 2002 & 2003

Information Security Magazine, 2004

Whitepapers

Integrating Business Continuity and Information Security, 2005

Stop Spoofing, Foil Phishing and Squelch Spamming: Protecting Email, 2005

Security, Continuity and Recovery for Internet Disruptions and Disasters, 2003

Reading the Fine Print: Availability, Security, and Continuity for Emerging Technologies, 2005

Awards & Recognitions

·Received corporate “Outstanding Performance Award – 2003” by Chief Executive Officer.

·Invited to participate in a two-day Microsoft forum to validate future security strategy.

·Authored a proprietary IT Security Program Methodology for SunGard Professional Services that is pending a U.S. Trademark award. Methodology is located at www.sungard.com.

Sep 1998 - Sep 2001

Global Manager Information Security

Campbell Soup Company

Selected for the Information Technology Leadership Development Program (ITLDP), designed to develop Campbell’s future business leaders. Two roles were assigned, first to lead the Global IT Security functions and second as a business liaison within core operational business units.

Relationship Manager, Brand Marketing Systems, 10/00-8/01:

Integrated into the General Manager’s staffs of the North American Soup, Sauces/Pasta, and Beverages businesses. Responsible for all aspects of technology ($30MM) within Campbell Soup Company’s core branded-businesses, including integration of IS strategy with business plans, opportunity assessment, technology financial management, support and execution oversight of all IS projects, as well as coordination of hardware, software, and communications acquisitions.

·Initiated, developed and led a 50-person cross-functional team in automating a $920MM Brand Marketing spending process.When fully implemented this project will reengineer over 50% of corporate financial processes resulting in a 70% increase in productivity, tighter controls, increased business decision making and avoid $2MM/yr in costs.

·Introduced Enterprise Marketing Management tool (Marketer’s Desktop) to Campbell’s North American businesses, eliminating up to 40% of non-value added Marketing activities.

·Member of Campbell Soup’s Prestigious Corporate Diversity Board.

Manager, Global Information Systems Security and Disaster Recovery , 10/98-10/00:

Managed a staff of five and budget of $2.5 million.Maintained corporate IT Security & Disaster Recovery strategy, supervised intrusion detection (IDS) and incident handling, global policies and procedures, and administration of a complex $50MM+ multi-platformIT environment.Duties included interfacing with CIO, CFO, Comptroller, Board of Directors, and Internal Audit.Recognized expert in network/internet and commerce/EDI security. Responsible for the planning, execution, and maintenance activities of annual disaster recovery tests for all computing platforms.Y2K responsibilities included business contingency and December 31st transition plans.

·Reduced network costs by $2.3+ million while increasing security, access speed and significantly improving productivity through introduction of a first ever VPN and Strong Authentication (RSA).

·Established first global IT Security Council to provide governance across multiple businesses.

·Improved customer service by 50+% and reduced paper transactions 100% through introduction of automated process for requesting system access

·Resolved 35 inherited Internal Audit issues and kept commitments to the Board of Directors.

·400% productivity gains achieved over an 18 month time period by cross training internal staff.

·Solidified Board of Directors’ funding of $1.2 M enterprise-wide Disaster Recovery program.

·Developed first Campbell’s disaster recovery plans for the mainframe, SP2 and AS/400.

·Designed, coordinated, staffed and built Y2K Global Command Center, 250+ participants.

·Received Proud Performance Award from the CEO for Y2K-related efforts.

Apr 1991 - Sep 1998

Electronic Warefare Officer, Captain

Chief, Electronic Warfare Support, Pentagon, 9/96-10/98:

Evaluated international events impacting daily Air Force operations including computer security issues. Managed critical operational intelligence for computer network attack programs to aid National Security Council and Secretary of the Air Force with policy and budgetary decisions. Supported Headquarters technical planners in preparation for and during crisis/contingency operations. Provided tailored analytical inputs of emerging threats to acquisition decision-makers.

·Received Officer Intelligence Contributor of the Year award for the ground-breaking analyses titled "Industrial Espionage" and "Sensing the Battlefield" which were presented to highest levels of DoD.

·Led 12-person self-directed work team that prepared answer for US President on likelihood of aircraft attrition related to striking Iraq during Persian Gulf tensions.

·Eliminated significant national security vulnerability within DoD network security architecture resulting in changes in DoD procurement, network topology and intrusion reporting.

·Recognized by Secretary of Defense and Air Force as an IT Security expert in network architecture, firewalls, industrial espionage, and electronic warfare.

·Identified a critical communication vulnerability that changed Air Force aircrew standards.

·Selected twice from 300+ officers as Junior Officer of Quarter for National Air Intelligence Center.

·Received Meritorious Service Medal for contributions made to national defense.

Electronic Warfare Officer, B-52H Bomber, Various locations, 4/91 -9/96:

Commissioned as an officer; gained increasing responsibility as a flight crew member through the rank of Captain (2 promotions). As a Captain, supervised a 5-officer bomber crew responsible for a $100 million strategic bomber.Employed deceptive, pyrotechnic and electronic countermeasures to defeat all enemy threats and enable aircraft to reach assigned targets. Managed Flight Safety Office.

·First Electronic Warfare Officer to be selected Program Manager of the Squadron Flying Safety Office. No flying mishaps during management tenure.

·Ranked by Commander to be in the top 5% of all Electronic Warfare Officers for 1994.

·Achieved “Exceptionally Qualified” status, the highest possible rating, during first flight evaluation.

·Wrote 2 office "Self Assessments" using Malcolm Baldrige Criteria.

Education

Education
Jan 1996 - Jun 1998

MBA

Auburn Univeristy
1987 - 1991

BS

Embry-Riddle Aeronautical University

Certifications

Certifications
Jan 2001 - Present

CISSP

ISC2