I am seasoned IT Security professional with over 14 years of experience. I have spoken at both national and regional conferences regarding information security topics.
Recent SuccessesFostered a paradigm shift at a major university by raising security awareness and requirements within the IT division. Recent Experience Highlights:• Risk Management: Developed and implemented an IT risk management program based on the NIST 800-53 risk management framework. Developed and documented policies, processes, and procedures supporting the program. System categorization, data classification, risk assessment, POA&M’s, remediation, residual risk reporting, and authorization recommendations. Currently guiding cross-functional teams in the design, and implementation of secure, enterprise application systems. • Policy: Drafted, reviewed, or edited multiple university policies to include: Application Security Programs, Financial Information, Privacy, and Online Privacy.̶