Capabilities: A 24 year Cybersecurity professional with over 34 years of IT experience. His areas of expertise include executive security program management, strategic and tactical security project management and operations, IT and ICS governance, full secure life cycle application development, internal and external audit, regulatory compliance, and controls assurance. He has served as CISO for major multinational corporations. He has amassed and lead broadly skilled technical teams to build out and sustain comprehensive security programs for numerous companies in a wide range of industry verticals with a keen focus on Critical Infrastructure to include Chemical, Energy and Natural Resources, Manufacturing, Financial Services, Retail, Telecommunications and Health Care. Role at CSC: Global Strategy Lead/CTO, Cybersecurity Consulting, – Serve as Industry cyber security expert on ICS and Information security program management while managing an elite team of consultants and the delivery capabilities for global consulting support for all cyber security and privacy related opportunities across CSC. Assist clients with strategic direction and executive program management. risk management and security guidance for IT products and operations. Design, plan, and implement business continuity planning programs, secure development practices and security testing methodology. Manage vendor alliances to augment capabilities and create synergy between CSC and leading security industry firms. Major Achievements:
Led numerous cyber security and risk consulting engagements for Fortune 500 clients in the area of strategic road mapping, policies, procedures, controls, and operations.
Perform assessment and gap analysis to industry standards such as ISO27001/2, COBIT, PCI, and ITIL
Lead a consulting effort for a $9 billion apparel and footwear corporation in developing their IT transformation security strategy.
Developed/delivered a comprehensive CFATS assessment process leveraging CSC methodology and the CSET tool to address cyber security in the ICS and business systems for critical infrastructure and CENR.