Skills
Security Governance & Strategy: Cybersecurity strategy • Governance modernization
Security Exposure Management: Attack surface reduction • Shadow IT and AI • Third-Party risk
Identity & Data Protection: Identity governance • Information classification • Data sovereignty
Transaction Security: M&A security due diligence • Joint venture hardening • Day-1 readiness
About
I help organizations ensure information security during technology change and enterprise transformation.
My work focuses on security governance and cyber risk in complex environments.
Over 15 years building and leading security programs inside a large global enterprise, I worked directly with leadership to identify exposure and reduce risk without slowing the business.
I am now available for full-time, advisory and contract engagements:
- designing and modernizing cybersecurity strategy and governance
- making sense of true cyber risks
- getting third-party security risk under control
- adopting information classification where it is really needed
- simplifying identity governance
- bringing to light and hardening shadow IT and AI
- implementing sound protection of sensitive data
- measurably reducing attack surface
- security due diligence of mergers, acquisitions, divestitures
- joint ventures security integration and hardening
Recent work includes security consolidation during a $3.3B merger and identity governance across enterprise platforms supporting ~50,000 users. Led a remediation program that neutralized high-risk vulnerability exposure across ~150 business-critical services within one year.
Certifications: CISSP, CISM, CCSP, CDPSE, CCZT, GSTRT, ITCP/I.S.P. of Canada
MBA (Entrepreneurship and Innovation) in progress — University of London
Interested in a pragmatic approach to security? I'd welcome the conversation.
Profile Photo
