AVAILABLE JANUARY 2024
For over 20 years, I have been at the forefront of cybersecurity, architecting and deploying security solutions that shield businesses from an increasingly complex landscape of cyber threats. As a seasoned IT professional, my expertise spans across operations, infrastructure, architecture, and management. Throughout my career, I've steered customers and businesses towards achieving excellence in security operations and governance. My overarching goal has always been to ensure the utmost confidentiality, availability, and integrity of customer and patient data, recognizing its paramount importance in today's digital age.
One of the core areas of my expertise is PCI Compliance. The Payment Card Industry Data Security Standard (PCI-DSS) is a rigorous set of requirements designed to ensure that all companies that process, store, or transmit credit card information maintain a secure environment. Furthermore, I have a profound understanding of the Center for Internet Security (CIS) benchmarks and the NIST Cybersecurity Framework (CSF) – both of which set the industry gold standard for secure IT operations. While serving OhioHealth, I spearheaded the collaborative efforts of several teams, culminating in the successful implementation of a multitude of standards crucial for institutional governance. In a landmark achievement for OhioHealth, I played an instrumental role in the successful integration of both PCI-DSS and PCI P2PE, bringing the organization into compliance for the very first time in its history.
My technical background extends across various platforms – from Windows, Linux, and Mac to more niche operating systems. I am a staunch advocate for free, open-source solutions and believe in harnessing the potential of cloud technology to its fullest. I have hands-on experience with cloud-based solutions, especially within the Azure ecosystem.
In my role as Director of Information Security and during my tenure as a professional consultant, I have consistently fortified companies against sophisticated cyber threats. My in-depth knowledge positions me perfectly to provide strategic guidance on both operational and architectural design considerations, ensuring compliance remains at the heart of every decision.
My comprehensive operational skillset encapsulates several domains – from vulnerability management and penetration testing to incident response, identity and access management, and the often nuanced world of governance, risk, and compliance (GRC). GRC is an approach that aligns IT with business objectives while effectively managing risk and meeting compliance requirements. With this unique fusion of technical talent, managerial acumen, and leadership expertise, I stand poised to guide any organization through the intricate maze of modern-day cybersecurity and governance, ensuring both resilience and adaptability.
I stay current on the latest security technologies and have over 30 technical certifications to date. I enjoy listening to the security podcasts and books from audible on these topics.
I have had career success as an engineer and architect, consultant and sales engineer, and most recently as a director of information security operations for a Fortune 500 company. Now I'm looking for my next challenge, but I'm going to take a little time off to get my Masters degree in CyberSecurity first.
In addition to cybersecurity I do have a few other things I enjoy, and now a days that usually includes a new Beagle puppy named “Buddy.” I am aware that his name is not the most original name but it works. He’s 10 months old as of this writing (3/16/23) and he's been a good dog. I enjoy playing golf (most of the time) and have some drones that are fun to fly for good video footage. Other than that, I enjoy cooking or trying out new restaurants, I've become a Buckeyes fan and enjoy college football in general, and I've had a decent time here in central Ohio but I'm open to relocating for my next role.