Vice President of Cybersecurity & Technology

Oct 2013 - Jan 2024

Direct and formulate strategic direction for technology and cybersecurity initiatives, aligning organizational goals with security objectives. Review and approve company documentation for planning, communications, and compliance of internal controls. Formulate and execute a comprehensive information security roadmap, aligning investments in security technology and services with the organization's risk management strategy to enhance overall resilience. Provide leadership to cross-functional remote and onsite teams, fostering cohesive collaboration and efficient operations in Software Development, Information Technology, and Cybersecurity.

• Spearheaded the development and implementation of an enterprise cybersecurity strategy, integrating cutting-edge AI-driven threat detection and streamlining security operations through script automation to fortify the organization's security posture.
• Engineered and implemented a robust Identity and Access Management (IAM) architecture, driving a 20% surge in employee productivity and slashing access-related issues by 45%.
• Enhanced enterprise-wide cybersecurity protocols by transitioning towards standardization with the National Institute of Standards and Technology (NIST) cybersecurity framework.
• Devised and executed comprehensive Incident Response, Disaster Recovery, and Business Continuity Plans, reinforcing the organization's resilience against unforeseen challenges and disruptions.
• Identified and implemented continuous improvement opportunities in operational procedures, technology configuration, and incident response procedures.
• Oversaw the conception and rollout of advanced security solutions, frameworks, architectural enhancements, and automation mechanisms, fortifying infrastructure security and streamlining business operations.
• Developed and maintained an incident response plan, leading the organization's response to information security incidents, conducting post-incident reviews, and implementing remediation plans.
• Reduced the attack surface by implementing network segmentation, resulting in an 80% decrease in potential attack surface.
• Enhanced data protection by implementing granular access control policies, reducing unauthorized data access by 75%.
• Strengthened network security by implementing intrusion detection and prevention systems, successfully detecting and thwarting 90% of cyber threats.
• Developed and implemented security awareness and training programs for all personnel and contractors, resulting in an 84% reduction in breaches.
• Improved overall security posture by leveraging industry-leading insights to identify risks, reducing vulnerabilities by 50%.