Summary of Qualifications

  • Knowledge of CMMC, HITRUST/HIPAA, SOC1 and SOC2
  • Knowledge of NIST Cybersecurity Risk Management Framework                
  • Maintains Technology Compliance Requirements 
  • Experienced Business Process Analyst
  • Effective Project Management Skills

 Credentials

  • Certified Information Security Manager (CISM)
  • Certified Information Systems Auditor (CISA)
  • Certified in Risk and Information Systems Control (CRISC)
  • OpenGroup FAIR Certification (Factor Analysis of Information Risk)
  • Previously Certified Common Security Framework Practitioner (CCSFP)/HITRUST 
  • CMMC-AB Registered Practitioner

 

Information Technology Compliance, Assurance, and IT Audit experience

 IT and Business Consultant: Ecology and Environment, Lancaster, NY

  • Implemented the technology set of Internal Controls for the company's SOC 1 Report as required by the Sarbanes-Oxley Act

 IT Compliance Consultant: Sallie Mae, Arcade, NY

  • Assisted with managing annual Third-Party Security Assessments

 IT Compliance Manager: Blue Cross Blue Shield of Western New York, Buffalo, NY                                           

  • Worked with external and internal auditors to facilitate multiple audits to successful outcomes
  • Managed the policies, standards, and procedures required for HealthNow's Governance, Risk, and Compliance (GRC) program
  • Developed and maintained the Compliance and Risk Control Framework required for the SOC2 Type 2 Report as required by the Blues Association
  • As a member of the Enterprise Information Risk Assurance group, responsible for the implementation of the HITRUST Certification program
  • Recognized as a vital team member of an interdisciplinary group to help strengthen the overall Corporate GRC posture

 IT Compliance Auditor, Kaleida Health System, Buffalo, NY

  • Modernized the IT Compliance Program to meet revised HIPAA Security Rules requirements, HSR-July 2018, including integration with the NIST Cybersecurity Framework and the NIST Risk Assessment

 

Domain Experience in Defense Industrial Base

 Technical Project Manager/Senior Business Analyst: Pratt and Whitney Aircraft, East Hartford, CT 

  • International Aero Engines: Technical Project Manager of multi-company and multi-function team tasked to develop business requirements for new application managing engineering changes, product support and publications management
  • Pratt and Whitney Aircraft: Senior Business Analyst responsible for analysis, design, development, and support of major financial applications including cost accounting used for commercial and military programs.

 

Education

State University of New York (SUNY) at Buffalo, Amherst, NY

  • Master of Science in Industrial Engineering - Cognitive Technologies
  • Master of Business Administration - Information Systems and Operations Research

 State University College at Potsdam, Potsdam, NY

  • Bachelor of Arts in Joint Degree in Economics and Mathematics