Printing tool Download PDF


Information Security practitioner with more than ten years experience in risk analysis and mitigation. High level of expertise in aligning information security with business goals and objectives. Long history of developing strategic technology based solutions to mitigate risk to business assets.

Work experience

Sep 2006Present

Research Director

Gartner, Inc.
Research analyst in security, risk & privacy group Focus on security strategy, program development, risk management and metrics Mentor senior security executives in fortune 2000 and public sector organizations
Nov 2004Sep 2006

Practice Manager

• Work with executive sales and service delivery team to identify new security opportunities • Cultivate C-level relationships with Fortune 1000 companies to assess and sell technology solutions • Work closely with management team to develop information security practice • Selected strategic business partnerships with external vendors to deliver risk management solutions
Jan 2004Oct 2004

Principal Consultant, Information Security

Thrupoint, Inc.
� Provided pre-sales guidance and expertise for designing large-scale information security solutions � Completed due-diligence of the technology infrastructure for a multi-national information broker to identify viability of business units in preparation for a divestiture � Performed strategic technology risk assessment for financial services with $60BN under management � Executed information security component of global network strategy engagement for multinational financial and publishing corporation � Acted as security subject matter expert for network strategy engagement for a Washington DC university
Mar 2003Feb 2004

Co-founder, Chief Security Officer, Principal Consultant

Brute Force Security
� Conducted market research and developed business plan as precursor for starting up information security consulting company � Managed process for RFP response, contract review and SLA development and compliance � Developed relationships with senior level executives providing pre and post sales support on all security engagements � Operated dedicated laboratory network used to test products and techniques for attacks and countermeasures � Architected and integrated secure e-mail, Public Key Infrastructure, encryption, content filtering and website security
Jan 2000Mar 2003

AVP, Information Security and Network Operations

Martha Stewart Living Omnimedia
� Wrote and implemented corporate security policy in accordance with ISO 17799 � Implemented Intrusion Detection System � Performed extensive penetration testing of all corporate systems � Created Incident Response Team to manage and respond to security events � Managed and allocated resources for a $4MM budget � Managed coporate risk analysis assessment resulting in the development of a business continuity plan � Conducted security audit of web-site
May 1998Jan 2000

Manager, IT Project Services

Entex IT services (now Seimens Business Systems)
� Created and managed information security practice for Northeast region � Developed sales strategy and service delivery infrastructure for Information security � Coordinated and managed Information security projects for various Fortune 1000 clients � Managed project teams ranging in size from three to twenty consultants and technicians � Coordinated and conducted network, host, and application system security audits, resulting in risk assessment, analysis and remediation plans � Created and architected security infrastructure systems




City University of New York-Baruch College - Zicklin School of Business


City University of New York-Queens College

Created withVisualCV