SUMMARY: Cybersecurity and Privacy professional with 20+ years of experience leading business strategies, developing technical approaches for large-scale risk assessments, program maturity modeling, compliance-readiness reviews, internal audits, and implementing IA remediation and mitigation plans. Proven experience building and establishing privacy and data security programs for federal and commercial clients, as well as developing policies, procedures and implementing leading industry practices for security operations. Possess extensive project management experience and strong client relationship management skills. EXPERTISE: NIST SP 800-series (contributing author to SPs) and Cybersecurity Framework (CSF), Risk Management Framework (RMF), HIPAA/HITECH, FIPPs, HITRUST, eGov Act, FISMA, and OMB guidance. KEY STRENGTHS: Business & pipeline development, creating capability offerings, staff mentoring/management, contracts oversight, project management, applying risk management framework solutions, and implementing roadmap strategies and leading practices. SAMPLING OF PAST CLIENTS: Sony Picture Entertainment, Internal Revenue Service, Strayer University., US Dept. of Veteran's Affairs, Capital One, Intelligence Community, INOVA Hospital, US Dept. of Health & Human Services, and DoD. Business Integra Consulting, 2016 - Present Senior Manager Specialist, Cybersecurity & Privacy - Federal Market (Washington, DC) * Provide cybersecurity and privacy analyses and reviews throughout the assessment and compliance life cycle. * Drive the planning and development of system security and privacy compliance (e.g., SSPs, SCDs, PTAs, PIAs) in support of security & privacy requirements, system assessments & accreditation, and program management. * Provide project oversight and strategies to ensure timely execution of engagement plans, quality assurance of deliverables, and that milestones and budget requirements are met. * Facilitate stakeholder meetings and work with executives identifying enterprise risks, IT security vulnerabilities, and strategic program needs around IT system and programmatic policy, procedures and leading practices.

Highlights:

• Internal Audits
• Capability Building
• Privacy & Data Security
• Cyber Security
• Proposal Development
• Program Maturity Modeling
• Wireless and Cloud
• Program Assessments
• HIPAA, GLBA, PCI and NIST Compliance
• Developing Policy, Processes & Leading Practice