* Implemented and rolled out advanced information security products * Created Information Security Policies and revisions * Conducted Information Security training * Interim CISO Jun 2021- Aug 2021 * Director of IT Feb 2021 - Jun 2022 * Ran the IT services for the cryptocurrency trading platform.

Established Cybercyonics to provide vCISO advisory, consulting, Information Security/Cybersecurity, and Information Technology services to clients.

Continuation from the Rutgers Cybersecurity Certificate Program

Developed a Biometric and Encryption product for a start-up. Working alongside security expert Ed Moyle with Dr. Ed Felten of Princeton University consulting.

Management of all aspects of Information Security and Vendor Management. Also the Incident Response Officer (IRO) and Service Provider Risk Management Officer (SPRMO). Strategic direction and development of Enterprise. Maintain and enhance security operations to achieve protection of the enterprise. Regular reporting and interfacing with the Board of Directors. Perform risk assessments on new applications and products. Manage GLBA, Cybersecurity, and IT Risk Assessments. Maintain knowledge of current information security trends and the applicable solutions. Maintain knowledge of regulatory updates. Maintain the security and integrity of the network, systems, and applications with constant monitoring of patch levels.

As Head of Security, I paved the way for operationalizing all aspects of system security as the first security professional for a virtual startup with +140 employees and consultants worldwide. To uphold management responsibilities and maintain communication, I checked in with all personnel via Google GSuite and Zoom.===========================================Select Highlights➨ Drove utilization of Amazon Web Services (AWS) with Virtual Desktop (VDI) for consultants to access work computers remotely. ➨ Drafted a data classification policy to ensure proper protection of information. Show less

Here, I managed vulnerability management, IT risk assessments, FFIEC Cybersecurity Assessment Tool (CAT) and self-assessment for the maturity of the Information Security Program. Collaborating with the Board of Directors and C-level executives, I developed and delivered security presentations and training. Additionally, I oversaw vendor services, including RFP and SOW review and 3rd party utilization. ===========================================Select Highlight➨ Adopted Network Access Control software, Forescout, at 150 locations within 6 months of identifying network vulnerability uncovered by red team. Show less

During my tenure at The BNY Mellon, I was instrumental in developing global endpoint security architecture solutions and assisting application and infrastructure technical leads. Leading security testing of multiple devices, I conducted risk assessments of Enterprise PCI 1.2 and 2.0. Additionally, I provided subject matter expertise (SME) for the secure architecting of Wi-Fi for mobile devices.===========================================Select Highlights➨ Partnered with the legal department to produce a Personally Owned Devices policy and End User License agreement for Bring Your Own Device (BYOD).➨ Steered design, testing, and rollout of RSA Adaptive Authentication to protect against fraud for outside acquisition. Show less

* My team covered the following areas for North and South America: Application Security Assessments * All new applications and major changes were required to go through an security/risk assessment. Application Security Consulting * Assisted developers that needed consultation on security matters. Exceptions to Policy * The official risk acceptance of exceptions to policy for the Bank. Issues Tracking * Official tracking of known issues that will be corrected instead of needing an exception to policy. Information Security portion of the Vendor Risk Management Assessments. Ethical Hacking program using 3rd party providers * Team oversaw the the 3rd parties and the testing of the applications. GLBA assessments * Conducted GLBA privacy assessments on location of various offices. Oversight of the Secure Coding Classes for application developers. The development of the Application Security Scanning program. Managed the Archer GRC servers and oversaw application developers and administrators. This included the architecture and design.

In my earlier career with the BNY Mellon, I utilized security and architecture reviews of new and modified applications for internal and 3rd party implementation. I oversaw numerous projects supporting the merger and integration of the Bank of New York and Mellon Bank. By utilizing 3rd party ethical hacks on high-risk applications, I uncovered and resolved security weaknesses. ===========================================Select Highlights➨ Played pivotal role in architecting and designing Archer Technologies Framework (GRC) system, planned and transitioned Lotus Notes based databases, and maintained Archer GRC platform as system administrator.➨ Developed corporate-wide Information Security policies and researched and strategized the impact of a new NY state SSN privacy law. Show less

As Information Security Officer, I mapped and executed security assessments of upcoming Merrill Lynch applications or outsourcing initiatives, including 3rd party sites and secure email. Consulting with the Office of General Council regarding contract strategy, I ensured compliance of old applications with new Federal and State laws. Through the development of security measures, I protected information against unauthorized modification. ===========================================Select Highlights➨ Established compliance with CA 2002 SB1386 privacy law and CA 2002 SB168 SSN protection law.➨ Spearheaded project plan development for security aspects of the WMTP initiative, a multi-billion-dollar technology platform. Show less

Safeguarding against security threats, I initiated Security Risk Assessments (SRA) of enterprise products to verify controls and wrote security recommendations and remediation plans for issues exposed during my first 2 years with Merrill. ===========================================Select Highlights➨ Guided the materialization of PCS Secure Suite internal product that included 3DES encryption, digital signatures, web server authentication filter, and SSL standalone client.➨ Coordinated multiple projects, including new security patch testing and implementation in production environment; disaster recovery initiatives; and, enterprise firewall software review and recommendations. Show less

* Worked on various projects for small businesses as a security consultant. * Setup wired networks. * Setup Wireless networks with security enabled. * Hardened the computers and installed personal firewalls.

* Board appointed Information Security Officer (CISO) managing all aspects of Information Security and Vendor Risk Management for Investors Bank. * Responsible for: * HIPAA Security Officer * Information Security Architecture * Information Security Operations * IT Risk Assessments * Audit and Regulatory interfacing * Incident Response * Information Security Policy creation and updates * Roll-out of many Information Security Technologies and creation of Policies pertaining to: * Network Access Control (NAC) * Anti-Malware Technology * Data Loss Prevention (DLP) * Business Continuity Planning (BCP) and Disaster Recovery * Mobile Device Security * Wireless Security * Data Classification and Handling * End-User Computing Controls * HIPAA company-wide Assessment * GLBA Assessments * Vendor Risk Assessments * Application Security Assessments * Network Security Assessments * Social Engineering * Penetration Testing * Web Filtering * Email Filtering * Firewalls * IDS/IPS/HIDS * 2-factor Authentication * VPN