SUMMARY:

With over three decades of experience in cybersecurity leadership, I seamlessly embody the roles of a Virtual, Fractional, Interim, or a Full-Time CISO or CxO, and as a Trusted Advisor.
   
As a Virtual, Fractional, Interim, or a Full-Time CISO or CxO, I bring a wealth of expertise in cybersecurity strategy development, risk management, and incident response. My leadership and management skills enable me to build cross-functional teams, drive collaboration, and ensure alignment with business objectives. Additionally, I excel in vendor management, stakeholder engagement, and continuous improvement, making me a valuable asset in guiding organizations through complex security challenges.
   
In my capacity as a Trusted Advisor, I leverage my deep understanding of cybersecurity to provide strategic guidance that aligns with organizational goals. My strong communication skills allow me to articulate complex concepts clearly and engage with stakeholders at all levels. By staying abreast of the latest trends and best practices, I ensure that my advice is informed, relevant, and actionable. Overall, my combination of technical expertise, leadership acumen, and commitment to trust-building makes me uniquely qualified to serve as a Virtual, Fractional, Interim, or a Full-Time CISO or CxO, and as a Trusted Advisor, driving success and security for organizations navigating the ever-evolving cybersecurity landscape.
   
Demonstrates credibility (trustworthiness, reliability, dependability, integrity, and character) in the security industry every day…, coupled with well-aligned security practitioner natural talents.
   

SKILLS:

  • Strategic cybersecurity vision development
  • Enterprise information security and IT risk management program implementation and monitoring
  • Partnership with executive management, Enterprise Risk Management, Compliance, Internal Audit, and external Regulators and audit personnel
  • Collaboration with stakeholders including counterparts, regulators, and governing agencies
  • Leadership of the enterprise's information security organization
  • Interaction with business, corporate, and technology disciplines to ensure consistent application of policies and standards
  • Awareness raising of risk management concerns
  • Planning and execution of vulnerability audits, penetration testing, and forensic IT audits and investigations
  • Integration of new IT systems development with overall IT, data, and information security policies
  • Compliance monitoring with the organization's information security policies and procedures
  • Data loss and fraud prevention policy effectiveness and advisement on vendor risk and data/fraud exposure
  • Security breach investigation and forensic execution
  • Cybersecurity team leadership for security process automation
  • Staying abreast of emerging security threats and technologies
  • Preparation and delivery of Info Sec updates and materials for the Board and executive team
  • Collaboration with the CISO community to share standard methodologies
  • Knowledge of common information security and information risk management frameworks
  • Knowledge of cloud-based services and related cybersecurity best practices
  • Management of varied key stakeholders, both internal and external
  • Software development practices experience
  • Integration of functional security metrics into an enterprise risk management context
  • Working in a highly regulated entity
  • Departmental budget management
  • Contract and vendor negotiations and management including managed services
  • Innovative thinking and leadership
  • Effective communication with and influence on senior-level management and key stakeholders
  • Excellent written, verbal, and inter-personal communication skills
  • Personal integrity

 

EXPERIENCE:

Company Name: Freelance Cybersecurity – Open to Work, W2 or 1099 Independent Contractor
Job Title: Virtual, Fractional, or Interim Chief Information Security Officer (CISO or CxO), and Trusted Advisor.
Dates: January 2024 – Present
Location: Remote from St. Cloud, Florida (Orlando, Florida) Area
Key Responsibilities:
  • Expertise in Cybersecurity Strategy: My extensive experience in cybersecurity strategy development enables me to assess an organization's current security posture, identify gaps and vulnerabilities, and devise comprehensive strategies to mitigate risks effectively. I understand the importance of aligning security initiatives with business objectives and regulatory requirements.
  • Leadership and Management: Having held leadership roles in various organizations, I possess strong leadership and management skills. I excel in building and leading cross-functional teams, fostering a culture of security awareness, and driving collaboration between IT, business, and executive stakeholders.
  • Risk Management and Compliance: My expertise in risk management allows me to conduct thorough risk assessments, prioritize security threats, and develop risk mitigation strategies tailored to the organization's unique risk profile. I am well-versed in industry regulations and standards and ensure compliance with mandates such as GDPR, HIPAA, and PCI-DSS.
  • Incident Response and Crisis Management: With my background in incident response and crisis management, I am adept at handling security incidents effectively, minimizing impact, and orchestrating swift response and recovery efforts. My proactive approach to incident handling helps organizations mitigate reputational damage and financial loss.
  • Vendor Management and Relationship Building: I have experience in vendor management and building strategic relationships with security vendors and partners. I evaluate and select third-party security solutions, negotiate contracts, and ensure vendors adhere to service level agreements (SLAs) and security standards.
  • Communication and Stakeholder Engagement: My strong communication skills enable me to articulate complex security concepts clearly and concisely to both technical and non-technical stakeholders. I excel in engaging with C-suite executives, board members, and regulatory authorities, providing strategic guidance on cybersecurity matters.
  • Continuous Improvement and Professional Development: As a Virtual, Fractional, Interim, or a Full-Time Chief Information Security Officer (CISO), I am committed to continuous learning and professional development. I stay abreast of the latest cybersecurity trends, emerging threats, and industry best practices, ensuring that my skills and knowledge remain current and relevant in an ever-evolving threat landscape.

Company Name: Zones LLC
Job Title: Practice Head, Security
Dates: September 2022 – January 2024
Location: Global
Key Responsibilities:
As the former Cybersecurity Practice Head, I was accountable for driving the financial performance and success (Profit & Loss) of cybersecurity initiatives across all four Zones practice areas company-wide, including Digital Workplace, NexGen Networking, Cloud & Data Center, and Cybersecurity. Key responsibilities included:
  • Strategy Development: Conducted comprehensive environment scans to assess market trends, customer needs, technology advancements, competitor landscape, and industry reports. Collaborated with internal teams and stakeholders to create and maintain a robust go-to-market strategy. Presented long-term (3-year) plans and annual strategies to executive leadership, overseeing execution, and conducting performance reviews to ensure alignment with objectives.
  • Product Management: Partnered with product and partner management teams to formulate and execute segment-focused product strategies. Evaluated new partners, technologies, and product offerings for each segment. Conducted regular reviews to ensure alignment with strategy and achieve key partner status.
  • Services Delivery: Defined and propagated solutions and services catalog to sales and pre-sales teams. Led the development and launch of new services and solutions, while refining existing offerings in collaboration with product and partner management. Ensured delivery teams were aligned with service strategy, possessed necessary competencies, and met client expectations.
  • Sales Enablement: Oversaw sales enablement team to support sales channels in pursuit of goals through training, account planning, pipeline reviews, and involvement in key pursuits.
  • Sales/Pre-Sales Support: Ensured sales/pre-sales teams had required competencies, capacity, and tools to achieve targets. Conducted pipeline reviews and maintained high win ratios.
  • Marketing Collaboration: Worked with marketing team to define marketing materials, branding, promotions, and events to support practice growth.
  • Innovation and Thought Leadership: Established capabilities in the Zones Innovation Center to showcase relevant technologies. Utilized various communication channels such as webinars, conferences, publications, and social media to demonstrate thought leadership. Represented Zones at key industry events and engagements with original equipment manufacturers, analysts, and customers.

Company Name: Zones LLC
Job Title: Practice Head, Cyber Security
Dates: March 2022 – September 2022
Location: Global
Key Responsibilities:
As the leader of the Cybersecurity practice, I was accountable for its financial performance and success across the company. I spearheaded the creation, execution, and monitoring of strategies driving Zones’ Cyber Security Practice growth, collaborating with internal teams and partners.
  • Strategy Development: Conducted thorough environment scans, assessing market trends and customer needs. Collaborated to maintain a robust go-to-market strategy. Presented long-term plans to executive leadership, ensuring alignment with objectives.
  • Product Management: Formulated segment-focused product strategies and evaluated new partners and technologies. Ensured alignment with strategy and achieved key partner status.
  • Services Delivery: Defined solutions catalog and led the development of new services. Ensured delivery teams met client expectations.
  • Sales Enablement: Oversaw sales enablement team, supporting sales channels through training and involvement in key pursuits.
  • Sales/Pre-Sales Support: Ensured teams had required competencies and maintained high win ratios.
  • Marketing Collaboration: Defined marketing materials and events to support practice growth.
  • Innovation and Thought Leadership: Established capabilities in the Innovation Center and demonstrated thought leadership through various channels.

Company Name: Zones LLC
Job Title: Chief Architect, Security (OCTO) Office of the Chief Technology Officer
Dates: March 2021 – February 2022
Location: Global
Key Responsibilities:
During my tenure as Chief Architect, Security (OCTO) Office of the Chief Technology Officer, I led and executed the security-relevant solution environment portfolio from a technical perspective to ensure alignment and support of overall go-to-market strategies. Key responsibilities included:
  • Partnered with the marketing organization to enable the software and cloud sales organization to support the relevant solutions environment portfolio.
  • Enabled Solution Architects with repeatable processes and portfolio for technical pre-sales activities such as demos, workshops, etc., and architecting solutions.
  • Assessed customer pain points and market demand to help define compelling services and extend solution offerings.
  • Worked closely with the Cloud and Security Center of Excellence Director to measure and deliver on solution profitability expectations.
  • Identified strategic and tactical technical partnerships and key players necessary to achieve and sustain thought leadership within the solutions environment portfolio.
  • Understood competitors' capabilities and articulated those capabilities pertaining to tools, automation, services, pricing, and solutions.
Additionally, I achieved professional services margin objectives by:
  • Identifying, evaluating, managing, and executing strategic customer opportunities.
  • Driving SOWs for security-relevant solutions environments with the software and cloud teams, focusing on the Enterprise segment.
  • Ensuring awareness and execution within the technical organization of partner margin-enhancing programs.
  • Serving as the initial escalation point for technology-related issues relating to the security-relevant solution environment portfolio.
  • Partnering with the software and cloud sales team to proactively develop plans for professional services with strategic accounts.

Company Name: ReeseWeb LLC
Job Title: Owner
Dates: January 2021 – December 2021
Location: United States
Key Responsibilities:
  • Freelance Work
  • Any legal business activity.

Company Name: ISSI (Information Security Systems International)
Job Title: Management Consultant
Dates: February 2021 – March 2021
Location: Global
Key Responsibilities:
  • As an independent consultant, assisted MSPs in transforming and building their capabilities using hyper-scale cloud services.
  • Consulting and auditing services on behalf of Microsoft, AWS, Google, and Oracle for Cloud Managed Service Providers (MSP) to transform and build sustainable, profitable service organizations.
  • Management Consultant providing advisory services on digital and business transformation, ICT/Business Strategy, Organizational Change, Go-To-Market Strategies, Business Process Improvement & Expansion into New Markets/Geographies.

Company Name: BlueAlly
Job Title: Chief Information Security Officer (CISO)
Dates: November 2019 – November 2020
Location: United States
Key Responsibilities:
  • Reported to the Executive Chairman and was responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies were adequately protected.
  • Implemented and led BlueAlly’s Information Security Management System (ISMS).
  • Implemented and aligned the ISMS with legal, regulatory, industry frameworks and standards, and contractual control requirements.
  • Helped prepare the organization to meet control requirements for a SOC 2 Type II audit.
  • Successfully completed a 12-month SOC 2 Type II audit with no findings or exceptions.

Company Name: Urgently Roadside Assistance (BlueAlly Contract)
Job Title: Virtual Chief Information Security Officer (vCISO)
Dates: November 2019 – October 2020
Location: United States
Key Responsibilities:
  • Reported to the Chief Administrative Officer, responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies were adequately protected.

Company Name: CompuCom Systems, Inc.
Job Title: Security and Compliance Practice Leader
Dates: Jan 2005 – November 2019
Location: North America
Job Title: Managing Principal
Dates: May 2016 – November 2019
Location: North America
Job Title: Principal Consultant
Dates: January 2005 – May 2016
Location: North America
 Key Responsibilities:
  • Partner with the leadership team, sales and marketing, to envision and develop a go to market strategy for security and compliance service offerings.
  • Identify and evolve new security and compliance consulting opportunities; assist with scoping, proposal development, project management plans, pricing and costing models, and prospective customer presentations/discussions.
  • Extensive experience leading security and compliance design workshops, in partnership with internal and external client stakeholders and technical SMEs, a consensus builder.
  • Service delivery track record of being able to operate at all levels of an organization, such as: board of directors, executive leadership teams, operations management, internal audit, and tactical technical levels, as well as experience working in multiple vertical markets.
  • Led multiple annual pre-registration and internal audits as the lead internal auditor.
  • Versed in Open Compliance and Ethics Group (OCEG) Governance, Risk, and Compliance (GRC) maturity modeling, architectures, and best practices, as well as the Unified Compliance Framework (UCF) Common Controls Hub and control harmonization.
  • Performed hundreds of security and compliance gap assessments for clients using various industry maturity models, frameworks and standards, such as: Carnegie, Gartner, and CobiT maturity models… SOX, GLBA, HIPAA, NIST CSF and SP 800-53, ISO-27001, PCI-DSS, CIS Top Controls and Configuration Benchmarks, and much more
  • Recognized for writing clear and compelling deliverables that include specific, tailored, and actionable advice and recommendations (note: award winning published author since 2008)
  • Guide and advise clients on redesigning their security and compliance policies, standards, baselines, guidelines, processes, procedures, and detailed work instructions, aligning them with legal, regulatory and contractual requirements, as well as business goals and objectives.
  • Performed numerous business impact and risk assessments of internal and external clients.
  • Experienced and formally trained on business continuity and disaster recovery processes.
  • Led CompuCom’s security and compliance design and implementation for its first successful ISO-20000 registration, which included alignment with ITIL, ISO-27001, and many other international standards, laws, regulations, and contractual requirements.
  • Led numerous consulting engagements for assessing, designing, and implementing security and compliance technical controls, such as: firewalls, intrusion prevention systems (IDS/IPS), data center security (DCS) and endpoint protection solutions (EPS), email and network security gateways, VPNs, advance threat protection (ATD/ATP), endpoint detection and response (EDR), security event and incident management (SEIM), data loss prevention (DLP) and data meta tagging, access controls, permissions, and authorizations, network and system vulnerability scanners, configuration checkers, and much more.

Company Name: DynTek, Inc.
Job Title: National Director of Security Consulting
Dates: March 2003 – October 2004
Location: United States
Key Responsibilities:
  • Directed, developed and defined security practice methodologies.
  • Directed strategic Virtual CxO and Trusted Advisor consulting services.
  • Developed and defined service reporting templates.
  • Defined security skill requirements and engagement quality assurance.
  • Directed, developed and maintained strategic security partnerships.
  • Led the most complex security consulting engagements.

Company Name: Reese Web Security, Inc.
Job Title: Co-Owner and Vice President
Dates: January 2003 – December 2004
Location: Clearwater, FL
Key Responsibilities:
  • Licensed Private Investigator in the State of Florida.
  • Performed detailed background checks.
  • Performed numerous investigations with a team of licensed investigators.

Company Name: AimNet Solutions Inc.
Job Title: VP, CISO & Information Security Practice Leader
Dates: May 2000 – December 2002
Location: United States
Key Responsibilities:
  • Started venture funded AimNet Solutions in 2000.
  • Successfully completed acquisition of several high-tech companies.
  • Expanded managed security services to include network management.
  • Provided Virtual CxO services that guided and led commercial clients as their CISO, CSO, CRO, CTO, and CIO.
  • Led the most complex security consulting engagements.
  • In 2007, successfully sold AimNet Solutions (and ANS, LLC) to Cognizant.

Company Name: Reese Web, Inc.
Job Title: Chief Executive Officer and President
Dates: August 1995 – May 2000
Location: United States
Key Responsibilities:
  • Provide managed security and professional services from SMB to large enterprise companies.
  • Over 800+ commercial customers blanketed the nation from coast to coast.
  • Secured Florida State Negotiated Price Schedule Agreement during his first year of business.
  • Provided security services to SLED, U.S. Military, and Federal Agencies.
  • Created the Virtual CxO service offering that guided and led commercial clients as their CISO, CSO, CRO, CTO, and CIO.
  • Led the most complex security consulting engagements.
  • Axent Technologies recognized Reese Web as their #1 Systems Integrator in the State of Florida and their Elite Security Partner.
  • In 2000, started new venture funded company AimNet Solutions and merged with Reese Web.

Company Name: The Waldec Group
Job Title: Director of Network and Advanced Network Services
Dates: December 1994 – August 1995
Location: United States
Key Responsibilities:
  • Practice leader for professional service delivery teams and service offerings.
  • Profitably grew technical team from 15 to 26 professionals.
  • Identified and implemented strategic vendor relationships.
  • Achieved recognition as Tampa's leading systems integrator.
  • Led the most complex consulting engagements.

Company Name: Nielsen Media Research
Job Title: LAN Coordinator
Dates: June 1993 – December 1994
Location: Dunedin, FL
Key Responsibilities:
  • Managed and maintained systems and tech-teams for three groups (Network Management & Internet Services, EDI & Network, and UNIX Systems Administration & Support) for a 90,000+ global user environment.
  • Performed extensive requirements analysis, development, and implementation work around advanced technologies in Internet and system security, multi-protocol network management, multiple email vendor platforms solutions and operating systems (from desktop/laptop, vast list of state-of-the-arts server technology, multiple mainframe vendors).

Company Name: McDonnell Douglas
Job Title: Senior Engineer – Technology
Dates: October 1992 – June 1993
Location: MacDill AFB, FL
Key Responsibilities:
  • Member of a research team in the Special Operations Command HQ-J2 test lab.
  • Maintained a Top Secret (SBI, w/SCI) Military Security Clearance.

Company Name: Halifax Corporation
Job Title: European Regional Manager
Dates: January 1989 – October 1992
Location: International
Job Title: International Account Manager
Dates: July 1987 – January 1989
Location: International
Job Title: Senior Field Service Representative
Dates: August 1986 – July 1987
Location: Ohio
Job Title: Field Service Representative
Dates: June 1986 – August 1986
Location: Ohio
Key Responsibilities:
  • Managed government contracts and multiple component level repair depots.
  • Managed international accounts and started a new international business division.
  • Managed systems and tech-team oversight at international cruise missile planning facilities.
  • Maintained a Top Secret (SBI, w/SCI) Military Security Clearance.

Company Name: Eaton Corporation
Title: Associate Field Engineer
Dates: January 1985 – June 1986
Location: Eglin AFB, FL
Key Responsibilities:
  • Served as a resident onsite engineer at the USAF Tactical Air Warfare Center (TAWC) - J2.
  • Maintained a Top Secret (SBI, w/SCI) Military Security Clearance.

Company Name: Enfield’s 3M Business Products
Title: Customer Service Representative
Dates: April 1984 – January 1985
Location: Jacksonville, FL
Key Responsibilities:
  • Maintained 3M office products in the States of Florida and Georgia.
  • Completed numerous product certification courses in electronic mechanical technologies.
  • Products such as: 3M Copiers and Microfiche Viewers, and Lanier Word Processors.

Company Name: U.S. Navy
Title: Fire Control Technician Ballistic Missile - FTB1(SS) – E6
Dates: January 1978 – January 1984
Location: Kings Bay, GA
Key Responsibilities:
  • Submariner: USS George Bancroft SSBN-643 (Blue Crew)
  • Led a seven-man team in launch operations of a Nuclear Trident Ballistic Missile System.
  • Maintained a Top Secret (SBI, w/SCI) Military Security Clearance.

VOLUNTEER WORK:

InfraGard
InfraGard is a partnership between the U.S. Federal Bureau of Investigation (FBI) and the private sector. It is an association of persons who represent businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the U.S.
 
InfraGard Membership National Alliance (IMNA) is a non-profit 501(c)(3) Delaware Corporation, comprised of over 70 separate 501(c)(3) InfraGard Member Alliances (IMAs) with a membership of more than 32,000 plus Subject Matter Experts, representing our Nation’s critical infrastructures.
 
 
InfraGard Orlando Members Alliance (IMA)
  • Member, Janury 2004 to Present
InfraGard National Members Alliance (INMA)
  • Chairman, CISO Cross-Sector Council, Feb 2021 – Feb 2023
  • Board of Directors Member and Corporate Secretary, Feb 2019 – Jul 2021
  • Chairman, Enterprise Risk Management Committee, Sept 2020 – Jul 2021
  • Vice Chairman, InfraGard History Committee, Feb 2019 – Jul 2021
  • Vice Chairman, CISO Cross-Sector Council, Oct 2020 – Feb 2021
  • North Central Regional Deputy Representative, Jun 2018 – Feb 2019
InfraGard Kansas City Members Alliance (IMA)
  • Board of Directors Member, Jan 2017 – Feb 2019
  • Webmaster InfraGard-KC.Org, Jan 2017 – Sept 2019
InfraGard Denver Members Alliance (IMA)
  • Member, 2016 to 2017
InfraGard Central Pennsylvania Members Alliance (IMA)
  • Member, 2006 to 2015

 

KC Tech Council
 Title: Science, Technology, Engineering and Math (STEM) Speaker
  • Dates: Jul 2018 - Nov 2020
  • Location: Kansas City, KS
Description
  • Connected Teachers and Speakers: (http://speakstem.org/)
  • Teachers were in need of thought-provoking leaders in the Science, Technology, Engineering and Math (STEM) industries to help motivate and inspire students towards a career in STEM.

  

Wounded Warrior Project
 Title: Mentor
  • Dates: Nov 2016 - Oct 2019
  • Location: Overland Park, KS
Description
  • Provided mentorship to our country's returning military veterans who are seeking employment in the hi-tech security industry.

 

(ISC)2
Title: Authorized Volunteer - Safe and Secure Online by (ISC)2 Foundation
  • Dates: Jan 2017 - Dec 2019
  • Location: As Needed
Description
  • The Center for Cyber Safety and Education, formerly (ISC)2 Foundation, is a non-profit charity formed by (ISC)2 in 2011 as a conduit through which its members could reach society and empower students, teachers, and the general public to secure their online life with cybersecurity education and awareness programs in the community. The Center was formed to meet these needs and to expand altruistic programs such as Safe and Secure Online, the Information Security Scholarship Program, and Industry and Consumer Research—the three core programs of the Center.

 

Symantec
Title: Member of the Technical and Reseller Advisory Boards
  • Dates: Dec 2000 - Jan 2005

 

AXENT Technologies, Inc.
Title: Member of the Technical and Reseller Advisory Boards
  • Dates: Feb 1998 - Dec 2000

 

Content Technologies (MIMEsweeper Technology)
Title: Member of the Technical and Reseller Advisory Boards
  • Dates: Jan 1998 - Mar 2003

 

Raptor Systems, Inc.
Title: Member of the Technical and Reseller Advisory Boards
  • Dates: Dec 1996 - Feb 1998

 

EDUCATION:

 

CERTIFICATIONS:

  • Security Management
  • Risk Management
  • Security Strategy
  • Business Process Controls & Internal Audit
  • External Compliance
  • Business Continuity
  • Disaster Recovery Planning
  • IT Governance
  • IT Strategy
  • erformance Management
  • IT Management & Policies
  • nnovation
  • takeholder Relations
  • Availability & Capacity Management
  • Operations Management
  • Change Management
  • Configuration Management
  • Release Management
  • Incident & Problem Management
  • Service Desk
  • Asset Management
  • Software Asset Management
  • Hardware Asset Management
  • Enterprise Architecture
  • Service Management
  • Quality Management
  • Managed Service Catalogs
  • Application Portfolio Management
  • Enterprise Application Selection & Implementation
  • Application Development Throughput
  • Application Development Quality
  • Application Maintenance
  • Portfolio Management
  • Project Management
  • Requirements Gathering
  • Organizational Change Management
  • Human Resources Management
  • IT Organizational Design
  • Knowledge Management
  • Leadership, Culture, and Values
  • Business Value
  • Cost & Budget Management
  • Vendor Management
  • Cost Optimization
  • Business Intelligence & Reporting
  • Data Architecture
  • Data Quality
Open Compliance & Ethics Group (OCEG) GRC Management Services Certificates

100+ Security Vendor Product and Subject Matter Certifications and Certificates of Completion

 

PROFESSIONAL AFFILIATIONS:

  

PUBLISHED BOOKS:

  • Rising Star Award
  • Publisher’s Choice Award

  

VIDEO PRESENTATIONS:

  

PUBLISHED ARTICLES: