Information Security Officer
2022 - PRESENTCommunity Healthcare System- Supervised the information security team to ensure best practices.
- Oversaw the cybersecurity program and protected IT assets and digital information.
- Collaborated and coordinated with Corporate Compliance and all activities related to cybersecurity assessments, projects, and audits.
- Managed incident response and disaster recovery plans and incident playbooks to ensure resources' availability across the organization and eliminate or minimize business disruption.
- Coordinated cybersecurity and security incident response training.
Technologies: Business Continuity & Disaster Recovery (BCDR), Incident Response, Cybersecurity, Budgeting, Information Security, PCI DSS, IT Systems Architecture, Cross-functional Collaboration, Insurance, CISO, HIPAA Compliance, Security Architecture, NIST, Risk Management, Security Audits, Architecture, Security, Risk Assessment, Threat Modeling, DevSecOps, Data Protection, Data-level Security, Compliance, PCI, Security Policies & Procedures, Technical Writing, Identity & Access Management (IAM), Cloud Security, Data Security, Privacy, Data Privacy, Application SecurityVP of IT and Security
2007 - 2022NAMIC Insurance Company, Inc. (NAMICO)- Acted as the guiding force behind all IT and information security operations.
- Established the company's IT department and separated the network infrastructure from the parent company while creating a new cybersecurity program.
- Served as project manager, lead developer, and data architect, redesigning the proprietary CRM system—for underwriting, quoting, policy administration, and managing claims—data warehouse, and BI metadata models.
- Designed and managed a compliant cybersecurity program for a multi-state insurance company with key components such as policies, incident response, business continuity, disaster recovery plans, risk assessments, and penetration testing.
- Functioned as project manager and data architect for the website, supporting dynamic online applications.
- Developed and managed budgets, overseeing and approving all hardware, technology, and security purchases.
Technologies: Cybersecurity, C#, Web MVC, SQL Server 2014, SAP BusinessObjects (BO), Information Security, PCI DSS, NIST, App Development, Web Development, Penetration Testing, Risk Management & Mitigation, Incident Response, Business Continuity & Disaster Recovery (BCDR), Network Administration, CISO, Database Administration (DBA), Data Architecture, C#.NET, HIPAA Compliance, Security Architecture, Risk Management, Security Audits, IT Management, Architecture, OFAC, IT Security, Security, LDAP, Dropbox, File Systems, Risk Assessment, Threat Modeling, DevOps, Containers, Data Protection, Data-level Security, Compliance, Visual Basic 6 (VB6), Visual Basic .NET (VB.NET), Data Encryption, Database Security, Secure Coding, Security Policies & Procedures, Technical Writing, Identity & Access Management (IAM), Data Security, Web Security, Web Architecture, WordPress, JavaScript, Insurance, Privacy, Data Privacy, Application Security, Business ServicesSolutions Architect
2003 - 2007Baker Hill (acquired by Riverside Company)- Drove the development of cutting-edge B2B banking solutions for national and international companies, including spending two years in Australia as lead solutions architect working with consultants to build several new applications.
- Contributed heavily to defining product core components, functional requirements, business rules, and the development roadmap.
- Created a series of enterprise infrastructure assets to enable seamless interfacing between Baker Hill's international solutions and a client's legacy system.
- Engaged as a key member of the technical sales team, delivering GAP analyses for proposals, which highlighted how company solutions would meet clients' current and future needs.
Technologies: C#.NET, SQL Server 2014, Data Architecture, Database Administration (DBA), DevOps, Visual Basic 6 (VB6), Visual Basic .NET (VB.NET), Data Encryption, Database Security, Secure Coding, Technical Writing, Data Security