PROJECTS

• Fills the role of Virtual CISO
- Presents to a cybersecurity committee
- Prepares presentations for boards of directors
- Conducts strategic planning

Recent Projects:

• Strategic planning workshop
• Cloud security strategy
• Vendor risk profile
• Cyber risk self-insurance
- Research and analysis
• 3 days of on-site planning meetings
- Outbrief presentation
• Architecture review board process
• Procedures manual - Identity and access management
• Procedures - Third party risk management
- SOC report review
- Vendor artifacts review
• Mitigating vulnerability trends

Reference the current project list within my LinkedIn profile.

2021 Select Projects:

• Program welcome packet
• Vendor contract security requirements
• Assessment - Agile security testing (119 Controls)
• Cyber risk appetite statement
• Metrics and reporting package - Third party risk management
• Established and populated a risk register
• Metrics and reporting package - Vulnerability management
• Insider threat toxic combinations
• Assessment - Penetration test program (199 Controls)
• Procedures manual - Third party risk management
• Risk governance process, including risk register
• Assessment - Cybersecurity risk (409 Controls)
• Assessment - Cybersecurity program (303 Controls)
• Workforce development plan
• Assessment - Cyber exercise program (99 Controls)
• Ransomware risk analysis
• Incident response plan (4 scenarios)
• Assessment - Business process risk (327 Controls)
• Zero trust controls analysis (134 controls)
• Assessment - Security awareness program (87 Controls)
• Vulnerability management metrics, KPIs & KRIs
• Procedures manual - Vulnerability management

2020 Select Projects:

• Performance and development plans
• Assessment - Cybersecurity risk, threat landscape & controls analysis, risk register process, insider threat and fraud prevention (561 Controls)
• Assessment - Security Operations Center (SOC)
• Cybersecurity metrics, KPIs & KRIs
• Internal control framework
• Risk governance process, including risk register
• Workforce development plan

2019 Select Projects:

• Cybersecurity insurance information supplement
• Third party risk management program
• Cloud security strategy
• IT asset management requirements