SENIOR INFORMATION TECHNOLOGY LEADER

INFORMATION SECURITY GOVERNANCE RISK COMPLIANCE WEB3 BLOCKCHAIN

Blockchain, A.I., NFTs, Web3, De-Fi

Governance, Risk Management & Compliance (GRC)

Information Security and Privacy

Vendor Management/Contract Negotiation

Risk Assessments / Control Design

Business Continuity Planning / Disaster Recovery

Fortune 500, banking, and startup experience

Program/Project Leadership

Cross-functional Team Development and Leadership

Acquisitions and Divestiture security reviews

Audit Remediation: SOX, HIPAA, HITRUST, PCI, GLBA and Federal Regulations (FISMA, NIST)

ACCOMPLISHMENTS

Created and implemented a Cybersecurity program including Governance, policies, controls, and standards.

Initiated a Risk Management program including identification, prioritization, and mitigation of known risks.

Achieved Compliance with financial and healthcare industry standard frameworks including third parties.

Applied new technologies including Blockchain and A.I. to potential case studies for improved efficiencies.

EXPERIENCE

MTY Group IT GRC Manager Remote, Dec 2021 – Oct 2023

One of the largest restaurant franchisors in North America

Implemented and maintained cybersecurity controls framework mapped to NIST CSF, CIS and PCI DSS.

Created Information Security Policy with supporting standards and processes for company-wide rollout.

Developed Third-Party Risk Management program, including people, process, technology, assessments and maintains a risk register.

USAA Senior Risk Management Analyst Plano, TX, 2019 – 2021

Insurance, Banking and Investments

Performed Second Line of Defense functions by overseeing/monitoring risk management policies and processes.

Provided independent challenge/oversight/review of First Line Defense execution of risk management activities.

Prioritized $1.2 billion modernization program risk management coverage plan implementation roadmap.

7-Eleven Third Party Risk Manager - Consultant Irving, TX, 2019 –2019

World’s first convenience store with over 84,000 stores globally

Implemented assessment process and metrics for identifying and reporting on third parties.

Evaluated security posture of third-party vendors and partners to ensure proper data hygiene.

Reviewed and approved requests from procurement to initiate new vendor relationships based on data security.

Brinks Information Security Risk Manager – Consultant Coppell, TX, 2018 – 2018

Leading global provider of cash and valuables management services

Lead policy review, management, and consolidation of internal and third-party partners.

Provided assurance and evidence of security controls during customer audits / assessments.

Reviewed risk management processes and collaboration to ensure exposure is aligned with risk appetite.

Toyota Cybersecurity Leader - Consultant Plano, TX, 2017 – 2018

Motor Vehicle production and sales

Performed risk assessments on Third Parties and ongoing projects, solutions, and implementations.

Examined emerging technologies and scrutinized possible implementation risks and rewards.

Managed policy exceptions and track to ensure remediation.

Bank of America Information Security - Consultant Addison, TX, 2016 – 2017

One of the world's leading financial institutions

Advised business units on Cybersecurity controls using security framework and track remediation.

Reviewed Third-Party vendor security solutions for compliance with Bank policies and guidelines.

Coordinated with vendor managers and assessors on security solution implementation.

State Farm Information Security Risk Analyst Richardson, TX, 2015 – 2016

Auto and Home insurance

Applied industry standard risk management techniques to ongoing projects in application security.

Promoted security engagement through knowledge transfer and awareness.

Delivered risk reducing strategies to project teams via end-to-end security solution design.

HMS (Acquired by Gainwell Technologies) Information Security Analyst Irving, TX, 2013 – 2015

Healthcare digital services

Led HITRUST implementation to ensure protection of electronic Protected Health Information (ePHI).

Conducted Vendor Risk management assessments based on industry standards (HIPAA, HiTech, HITRUST).

Created and presented security awareness road show to promote Information Security knowledge sharing.

PROFESSIONAL RECOGNITION

STATE FARM: On the Spot Award for Information Security area representation at Symposium event

HMS: Awarded outstanding achievement for disaster recovery exercise

EDUCATION CURRENT CERTIFICATIONS

UTD - University of Texas at Dallas CRISC (Certified in Risk and Information Systems Control)

BS, Business Administration CISSP (Certified Information Systems Security Professional)

CISM (Certified Information Security Manager)

UCLA – University of California, Los Angeles CISA (Certified Information Systems Auditor)

Blockchain Technology Management Certificate

BTA Certified Blockchain Business Foundations

Blockchain Training Alliance BTA Certified Blockchain Solution Architect

Enterprise Training BTA Certified Blockchain Security Professional

BTA Certified Blockchain Project Manager

COURSES

Blockchain Solutions, Governance and Collaboration

Digital Transformation: Blockchain, IoT, AI, and Trusted Data

Fundamentals of Blockchain Technology

Blockchain Cryptocurrency Applications in Business and Finance

NFT Foundations (Non-Fungible Token training)

DAO Fundamentals (Decentralized Autonomous Organization training)

HITRUST CCSFP Certified Common Security Framework Practitioner

National Institute of Standards and Technology (NIST), Dept. of the Treasury Financial Management Service

Advanced IT Auditing Training; Auditing Practices Training, Information Systems Audit and Control Assoc. (ISACA)

Privacy and Information Security Training, International Association of Privacy Professionals (IAPP)

Contact this candidate