Governance, Risk, Compliance & Security Management Leader
PROFILE: Senior IT and cyber security leader with proven success managing and delivering solutions that streamline operations, capture savings, bolster security, manage risk, increase capability, improve service quality, and accelerate growth across both the public and private sector. Combines a unique blend of industry expertise and strong business acumen with deep subject matter knowledge and hands-on expertise to deliver a highly business focused, results oriented, collaborative approach, honed from working with government, fortune 50, and SMB organizations.
Extensive knowledge and experience in managing information technology, governance, risk management, compliance, security, and development teams. Entrepreneurial approach and experience acquired by having founded or co-founded multiple companies, and while working for industry leaders in energy, finance, education, technology, entertainment, health, utilities, insurance, telecommunications and transport.
Recognized as a leading authority in information and cyber security, has written and edited multiple books, presented hundreds of sessions at conferences, trade shows and expositions, and regularly teaches courses for the CISSP, CISM, and CGEIT certifications.
EXPERTISE: Cyber Security, Team Leadership, Information Governance, Risk Management, Compliance, IT Infrastructure, Enterprise Security Architecture, Risk Assessment & Audit, Program / Project Management, Business Continuity, Strategic Planning, Security Management & Controls, Expert Witness
STANDARDS, NORMS & METHODOLOGIES: ISO 27001 / 27002 / 27005 / 31000, NIST 800 Series, PIPEDA, LADOPPRP, Sarbanes-Oxley (SOX), HIPAA, PCI DSS, FISMA, COSO, MEHARI, COBIT, NERC/FERC, CSEC, CAN-SPAM
CRMP (Certified Risk Management Professional) / 2009
CGEIT (Certified in the Governance of Enterprise IT) / 2009
SBCI (Specialist, Business Continuity Institute) / 2008 – Expired
CISM (Certified Information Systems Manager) / 2004
ISSMP (Information Systems Security Management Professional) / 2003
ISSAP (information Systems Security Architecture Professional) / 2003
SSCP (Systems Security Certified Practitioner) / 2001
CCNP (Cisco Certified Network Professional) / 2001 – Expired
CCDA (Cisco Certified Design Associate) / 2000 – Expired
CISA (Certified Information Systems Auditor) / 2000
CISSP (Certified Information Systems Security Professional) / 2000