SUMMARY OF QUALIFICATIONS

Certified Chief Information Security Officer and an IT security transformation expert with extensive experience directing incident response and digital forensics operations, effectively deploying a combination of cyber intelligence techniques and protocols to control, manage, reduce, and ultimately mitigate IT security risks. Extensive experience in IT Security management, the ability to share technical information with C-Suite executives in a non-technical way.

In addition to managing incident responses and digital forensic operations, he uses a combination of cyber intelligence techniques and protocols to control, manage, mitigate, and ultimately reduce IT security risks and maintain key performance indicators (KPIs).

Areas of Expertise

ISO 27001 Information Security Management

Cyber Security Strategic Planning

Digital/ Computer Forensics

Business Continuity Management

Disaster Recovery Plan

Cyber Security Leadership

Program Management

Operational Planning

Risk Management

Human Resources Management

Business Process Improvements

Cybersecurity Gap Assessment

Incident Management Plans

Professional Experience

Royal Caribbean International – Miramar, FL 2016 – Present

Incident Response & Investigation Manager

Provide vision and leadership for enterprise-wide cybersecurity initiatives. Manage enterprise cybersecurity incident management structure, policies, processes, and metrics globally across over eight international and 45 ship-side locations. Create strategic initiatives, advise CISO on alignment with business objectives, and guide senior IT management on implementation. Advise and guide senior management, legal, audit, and HR regarding incident management and cyber investigations across the enterprise. Evaluate and prioritize cybersecurity projects based on enterprise cybersecurity strategy, cost, and capacity to drive change. Established Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) for enterprise incident management and computer forensics investigations.

Create a comprehensive Cybersecurity incident management program based upon enterprise risk management methodology from conception, including structure, policies, processes, and metrics

Conducted an efficiency assessment of the incident response group, executing the development and implementation of automated incident tools to enhance response time by over 200%.

Developed and managed an entire global enterprise-level incident response (IR) and investigation team for Royal Caribbean International, saving the corporation millions of dollars annually by eliminating the need to outsource cybersecurity operations and support.

Enhanced business lines based on current security threats, methodically sourcing intelligence, and comparing against defenses; additionally, sent out regular alert briefs to reduce incidents by 30%.

Bolstered robust working relationships with other cross-functional department leads, including legal, security, and privacy audit personnel, adding additional levels of cohesive communication.

D+H Financial Solutions – Englewood, CO 2015 – 2016

Incident Response & Investigation Manager

Provide vision and leadership for the company to provide comprehensive information about cybersecurity to all of its employees, customers, partners, and partners in the information security industry. Advise IT management and CISO on the development of strategic initiatives to align with business objectives and support in their implementation. Manage the cybersecurity team responsible for managing cybersecurity incidents across 40 global locations. Evaluate and prioritize cybersecurity projects based on business-driven change, business objectives, and the company's needs. Established Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) for enterprise incident management and computer forensics investigations.

Create a comprehensive Cybersecurity incident response program based upon enterprise risk management methodology from conception, including structure, policies, processes, and metrics.

Managed and lead the implementation of an enterprise-level governance, risk management, and compliance and information security software platform.

Booz Allen Hamilton – Herndon, VA 2015

Digital Forensics Lab Manager

Provide management and leadership for Booz Allen Hamilton's computer forensics lab's cross-functional team of six computer forensics and three malware investigators. Developed policies, processes, and metrics to drive the maturity level of the forensic lab.

Designed and implemented the laboratory's case management system increases efficiency by reducing the average cycle time for each case.

Freddie Mac – Reston, VA 2014 – 2015

Lead Cyber Forensics Investigator

Provide management and leadership for Freddie Mac's computer forensics lab's cross-functional team of three computer forensics investigators. Developed policies, processes, and metrics to drive the maturity level of the forensic lab.

Spearheaded a training initiative to teach junior personnel cybersecurity and forensic investigation strategies.

Designed and implemented the laboratory's case management system increases efficiency by reducing the average cycle time for each case.

Capital One – Glen Allen, VA 2010 – 2014

External Cyber Threat Manager

Provide management, leadership, and advanced cybersecurity knowledge to build a cybercrime fraud detection and mitigation team. Established policies, processes, and metrics to drive the maturity level of the cybercrime department.

Directed quantitative and qualitative analysis of cyber fraud detection, bolstering defenses resulting in proactive cost savings from $2M to over $32M; drove malware prevention from 20% to 92%.

United States Army – Stuttgart, Germany 2008 – 2010

Lead Digital Forensics Investigator

Provide management, leadership, and advanced cybersecurity knowledge to build a Network Forensics Team for AFRICOM including structure, policies, processes, and metrics.

Conducted computer forensic operations in numerous locations worldwide.

Designed and implemented the laboratory's case management system increases efficiency by reducing the average cycle time for each case.

Education

Bachelor of Science (BS), Information Technology, American InterContinental University

Certifications

Certified Chief Information Security Officer (CCISO)

Certified Information Systems Security Professional (CISSP)

Certified Enterprise Risk Management Specialist (CERMS)

Certified Security Leadership Officer (CSLO)

Certified Business Management Expert (CBME) – In Process

ISO 31000 International Controls Risk Analyst

ISO 27001 Internal Controls Architect

ISO 27001 Lead Implementer Certified

ISO 27001 Lead Auditor

Training

Cyber Leadership Program

Executive Leadership

Information System Security Management Professional

Diploma in Information Technology Management

Emerging Cyber Security Threats

Enterprise Risk Management

Change Management

Talent Management

Organizational Leadership

Cloud Computing Security

NIST Cybersecurity Framework

Contact this candidate