Chief Information Security Officer and Compliance Leader

Chief Information Security Officer

Proven leader with extensive experience directing cybersecurity teams to navigate complex compliance landscapes, mitigate legal and financial risks, and maintain organizational trust. Ensures security initiatives are integrated enterprise-wide, aligning diverse teams to support a unified security strategy. Leads and develops high-performing security team to foster a culture of security awareness, enhance team capabilities through mentoring, and ensure effective collaboration to build a resilient security function. Key strengths include balancing strategic oversight, technical expertise, and governance, while ensuring robust security postures are aligned with organizational objectives.

Information Security and Privacy: CISSP-Certified CISO and PO; Policy and Guidance; Security Architecture; Data and Infrastructure Security; Privacy Assurance

Legal/Regulatory/Contractual Compliance and Audit: CISA-Certified Audit Director and Compliance Officer

Project and Functional Management: Agile Scrum Master (SM); Systems Engineering and Architecture; Enterprise-Wide Implementations; Migrations/Integrations; Multi-Team Leadership and Accountability

IT Project Lifecycle: Requirements Elicitation and Analysis; Scope and Risk; Communication and Reporting; Implementation and Closeout

Value-Added Leadership: Cross-Functional Supervision; Team Building and Mentoring; Business and IT Strategic and Tactical Planning; Regulatory Compliance and Audit

PROFESSIONAL EXPERIENCE

Digital Harbor INC., Vienna, VA 2014 - July 2025

Chief Information Security and Compliance Officer &

Director Audit, DevOps and Systems Infrastructure (2018 - 2025)

Spearheads enterprise-wide initiatives by defining strategic and operational objectives to fortify organizational security. Advises executive leadership on critical security, audit, and privacy compliance matters, ensuring alignment with business goals. Drove the adoption of FISMA, NIST and HIPAA compliance frameworks, while maintaining adherence to state and federal regulations, including FedRAMP and multi-state compliance. ISO responsibilities encompass developing security and compliance policies; overseeing security components in contracts (MSA, SOW, ISA, BAA); conducting risk and vulnerability analysis; planning network security; delivering corporate education, and preparing for audits such as SOC 2, ACAB, and FISMA.

Serves as Security Architect, integrating security into the Software Development Life Cycle (SDLC); performs penetration testing; and conducts reconnaissance. Manages Amazon (AWS Cloud) infrastructure and security, oversees enterprise network infrastructure, and drives DevOps, systems administration, and infrastructure initiatives to ensure robust, secure, and scalable operations.

Senior Project Manager/Architect/ISSO (2014 - 2018)

As the project management lead for the “Know Your Provider” product suite, led implementation for state Medicaid programs, directed virtual teams of architects, business consultants, engineers, and quality assurance analysts to deliver significant customizations tailored to customer needs. Ensured timely delivery by meeting project milestones, mitigating risks, and overseeing all phases of the SDLC, including communications, risk avoidance, resource allocation, and financial and schedule management.

As an Agile Scrum Master, spearheaded the adoption of agile practices across development teams; mentored team members; defined agile methodologies; and developed additional training and education programs to enhance team performance and project success.

As ISSO, established and grew the security team to 12 full-time employees, including 8 in the US and 4 offshore.

As DevOps manager established and grew the DevOps team to 8 full-time employees, including 2 in the US and 6 offshore.

As SysOps, manager establish and organized the SysOps team to 5 full-time employees based in US.

Humana, INC., Louisville, KY 2000 - 2014

Application Architect/Project Manager/Agile Scrum Master/Adjunct Trainer

Directed virtual teams of architects, business consultants, engineers, and quality assurance analysts. Drove project success by maximizing ROI through structured SDLC processes, effective risk management, and timely delivery of project milestones within budget. As an architect, provided technology designs aligned with corporate standards and best practices. As a Scrum Master, led development sprints; managed backlogs; ensured team velocity; and facilitated planning activities and retrospectives while advocating for agile methodologies and developing additional training. Served as the primary contact for vendor communications throughout the project lifecycle, collaborating with the vendor management team on contracts and statements of work to ensure seamless coordination and project alignment.

Enterprise-wide projects included:

Implemented an Enterprise Secure Email capability, featuring deep portal integration, branding, compatibility with standard associate email clients, and dynamic intelligent rule processing to ensure regulatory compliance and detect data leakage.

Integrated Google Search Engine with enterprise portals to enhance search functionality and user experience.

Developed and launched HuTube, a media portal, for effective management of internal video and audio resources.

Delivered the Enterprise social media portal (Buzz), achieving proven ROI and enhancing knowledge management capabilities.

Created the FamScape games portal to promote health and wellness advocacy among users.

Led the design and delivery of a city based bicycle rental program that has been adopted in several US cities.

Led the delivery and adoption of Content Management technology, driving the transition to managed content for enterprise web portals.

Managed Visitor (Marketing) portal, overseeing associated applications and content to ensure alignment with organizational objectives.

Medx12.com, Louisville, KY 2004 - 2009

Chief Information Officer/Consultant

Oversaw all technology services, encompassing strategic planning, tactical implementation, goal setting, and policy development. Designed and executed programs to drive achievement of business plan objectives, focusing on growth, profitability, and brand enhancement.

•Implemented cost-savings and efficiency plan saving $200,000 within first year.

ADDITIONAL POSITIONS HELD

ZirMed.com, Louisville,KY Director Application Development

Norton Healthcare, Louisville, KY PM Advanced Technology Group

WVirginia University Hospital, Morgantown,WV PM Advanced Technology Delivery Group

University Health Associates, Morgantown, WV Programming Supervisor/System Manager

EDUCATION / CERTIFICATIONS

Education

Doctor of Education (Ed.D.) Walden University, In Progress

Master of Applied Information Technology Bellarmine University, Louisville, KY,

Bachelor of Science, Computer Science Clarion University of Pennsylvania, Clarion, PA

Certifications

Certified Information Security Manager In progress

Certified Information System Security Professional ISC2 2022

Certified Information System Auditor ISACA 2023

Others: Oracle DBA Masters Program - Advanced Database Management Certificate, ANSI MUMPS Training Certificate, Project Management Certificate, Microsoft SQL Server DBA

CORE COMPETENCIES

CISSP Certifed ISSO, CISA Certified Audit Director, Network Engineering, Waterfall & Agile Project Management, Planning Communications and Budgeting, Web & Internet Security, Cost Benefit Analysis & Budgeting, AWS Security and Administration, Custom Software Development, Data Architecture Database Design, Virtual Systems Architecture, SDLC management, Resource Planning, WBS & Schedules, Testing/QA/Rollout/Support, Data Governance, DevOps & Systems Management Enterprise Infrastructure, Customer Relations, Vendor Management, Healthcare Administrative and Clinical Systems

Contact this candidate