Senior Consultant - Cyber Strategy and Advisory
September 2019 - Current | Tampa, FL
• Performed on-site client assessments of IT and IS business functions to identify control gaps and weaknesses.
• Conducted multiple IT risk assessments across North and South America, Europe, and Asia while managing the project delivery team.
• Validated cybersecurity controls against various industry-accepted standards and frameworks (NIST Cyber Security Framework, NIST SP 800-53, ISO 27001, and CIS CSC 20).
• Validated security controls against the PCI DSS for all 12 PCI requirements including all sub-requirements.
• Created and completed testing of an Insider Threat Audit program.
• Collaborated with internal and external teams to develop documentation that accurately reflects the organization’s security posture and control gaps. Deliverables including weekly status memos, executive summary and technical reports, remediation roadmaps, and Board of Director PowerPoint presentations.
• Developed strategic timelines and Total Cost of Ownership (TCO) guides to provide insight into the IT remediation estimates (i.e., capital and operational costs), annuity costs, and expected risk reduction.
• Designed data visualization models using Power BI to graphically communicate cybersecurity risk and maturity.
• Interviewed and effectively participated in the hiring of employees.
• Mentored and coached peers and junior staff on technical testing and reviewed project deliverables for quality and accuracy.