Keep in touch with meI'm using Intch to connect with new people. Use this link to open chat with me via Intch app
Work Background
Director of Information Security
Health New EnglandDirector of Information Security
May. 2024RemoteAs the Director of Information Security at Health New England (Contractor), I have spearheaded the development and implementation of a comprehensive security strategy aligned with NIST standards and our organizational goals. My role involves conducting thorough NIST CSF 2.0 risk assessments, establishing robust security governance program, and leading a security champion program to enhance our security culture. I oversee the deployment of security controls and coordinate response efforts to manage security incidents effectively, ensuring our organization maintains the highest standards of security and compliance.
Director of Information Security, Privacy, and Compliance, and Audit
Project RoninDirector of Information Security, Privacy, and Compliance, and Audit
Mar. 2022 - Mar. 2024San Mateo, California, United StatesAs the Director of Information Governance, Risk, and Compliance, I successfully cultivated a security-first organizational culture that seamlessly integrated security considerations into all business initiatives. By leveraging the NIST Cybersecurity Framework, I elevated the organization's security maturity ensuring that security was a fundamental aspect of all projects. I spearheaded the development of a high-performance security team, expanding it by 30% and improving our threat response time. I established a robust network of stakeholders and industry experts to support our security initiatives, promoting a strategy that aligned with corporate goals and drove innovation in our security solutions. This approach allowed us to balance security enhancements with product development, achieving a 100% project launch rate without any security delays and maintaining a zero-compromise rate on security standards. Additionally, I led the organization to achieve HITRUST CSF and SOC 2 Type 2 certifications, significantly enhancing our compliance and security standards.
Director of Information Security
Cardinal Innovations HealthcareDirector of Information Security
Apr. 2019 - Mar. 2022Charlotte, North Carolina, United StatesAs the Director of Information Security, I orchestrated the development of a comprehensive Information Security Program, achieving full compliance with HIPAA and HITRUST standards. I led major security projects, ensuring they aligned with both corporate and regulatory requirements. My leadership was instrumental in navigating multiple compliance audits with minimal findings, and I successfully implemented Plans of Action and Milestones (PO&AMs) to address any identified issues. By developing robust incident response plans and procedures, I enhanced our readiness and significantly reduced the impact of security incidents. My consulting on IT solutions and security practices led to streamlined operations and improved data security. I provided oversight and leadership during provider engagements, ensuring all objectives were met, and formulated executive-level recommendations for information security strategies and improvements, driving the organization's security posture forward.
Principal Consultant, Cybersecurity Healthcare Compliance and Privacy
TÜV Rheinland North AmericaPrincipal Consultant, Cybersecurity Healthcare Compliance and Privacy
Jun. 2018 - Apr. 2019Tolland ConnecticutAs the Sr. Manager Cybersecurity Service Leader, I provided strategic cybersecurity consultancy to Fortune 10 clients, significantly enhancing their security postures. Leading vulnerability assessments and security risk analyses, I effectively reduced client vulnerabilities by 25%. I developed comprehensive incident response plans that improved client readiness and mitigative capabilities against security breaches. Through detailed analysis of IT environments, I identified risk areas and recommended remedial actions to achieve compliance within industry frameworks. My expert consultancy on IT security strategies enhanced client trust and service adoption. I developed and managed cybersecurity assessments, ensuring alignment with best practices and client compliance. By maintaining quality control on all deliverables, I ensured adherence to internal standards for assurance. Actively participating in the strategic planning of cybersecurity services, I contributed to the firm's long-term success and fostered a culture of continuous improvement, innovation, growth, and internal process development. Advising on cybersecurity strategies aligning with ISO/IEC 27001 standards, I improved client security postures and managed the delivery of cybersecurity assessments and penetration testing, identifying critical risks and reducing vulnerabilities. Additionally, I developed and delivered training programs that significantly enhanced clients’ capabilities to manage and respond to security threats.
Manager, Information Security, Governance, Risk, and Compliance
Lowe's Companies, Inc.Manager, Information Security, Governance, Risk, and Compliance
Apr. 2013 - Jul. 2018Mooresville, North CarolinaAs the Manager of Information Security Architectural, Governance, Risk, Compliance, and Privacy, I directed the implementation of comprehensive cybersecurity risk management programs, successfully integrating multiple compliance standards. I achieved a 95% on-time delivery rate for cybersecurity projects, significantly enhancing enterprise-wide security measures. By establishing governance protocols, I contributed to a consistent approach to risk management and security policy enforcement. Leading a team of security professionals, I drove the execution of security policies, standards, and technical controls. I directed the adoption of a cybersecurity framework, ensuring a consistent approach to managing and mitigating risks, and oversaw project management efforts aligning with organizational security goals. Collaborating with senior leadership, I defined and implemented a strategic vision for cybersecurity. I implemented a Governance, Risk, and Compliance (GRC) platform, streamlining the management of risk assessments and engaging in continuous monitoring and improvement of over 400 security controls, ensuring the organization's resilience against emerging cyber threats.
Senior Security Consultant IT Risk Management & Security
OpenSky CorporationSenior Security Consultant IT Risk Management & Security
Oct. 2008 - Apr. 2013Tolland, Connecticut, United StatesAs a Senior Security Consultant and Engagement Manager in IT Risk Management and Security, I led the development of comprehensive IT Security and Risk Management programs for multiple clients. I managed an internal consultant team during a $16 billion international acquisition, focusing on seamless information security integration. By developing and managing client relationships, I ensured high levels of satisfaction and repeat business. I project-managed a $37 million bank divestiture with a specific focus on security controls, while building robust internal processes and procedures for incident handling. I rolled out risk assessment and management programs, working with several clients to build and deploy disaster recovery programs. My efforts in security mitigation and remediation significantly improved client security postures. Engaging in high-level strategic consulting, I enhanced client security operations by implementing industry standards. Leading a team of consultants, I delivered risk management and cybersecurity solutions across diverse industries, playing a key role in business growth through leadership in complex project deliveries and client engagements. I ensured the timely and accurate billing of services, which improved financial performance and client trust. Additionally, I championed the development of new service offerings, significantly contributing to the practice’s market positioning and growth, while mentoring and developing staff to foster a culture of collaboration and continuous professional growth.
Communication Security (COMSEC) Leader (RET)
United States ArmyCommunication Security (COMSEC) Leader (RET)
Apr. 1989 - Apr. 1999VariousAs an Army soldier with MOS 31U, I specialized in Signal Support Systems, focusing on maintaining and managing the communications infrastructure critical to mission success. Working in a Sensitive Compartmented Information Facility (SCIF), I handled highly sensitive and classified information, ensuring secure and reliable communication channels. My role required meticulous attention to detail and strict adherence to security protocols, given the nature of the information and the environment. Holding a secret government clearance, I was entrusted with safeguarding national security through the secure transmission and receipt of intelligence data. My responsibilities included the setup, maintenance, and troubleshooting of communication equipment, as well as providing technical support and training to fellow soldiers to ensure operational readiness and security compliance. This experience honed my skills in information security and communication systems management, underpinned by the highest standards of confidentiality and integrity.
Intch is a Professional Networking App for the Future of Work
300k+ people
130+ countries
AI matching
See more people like Kevin on Intch
Startup Founder
248622 people
17
Executive Creative Director / Art Director / Founder @ Those Guys Are Great, Inc
18
Technologist, Project/Program Manager
16
Program Manager @ DISH Network
Startup FounderAdvisor
62277 people
18
Technologist, Project/Program Manager
19
Marketing Creative Director
15
Principal Consultant @ Marketing Endeavors Strategic Consulting