Security Leader & Strategic Advisor

Building Resilient Security Architectures

Transforming enterprise security posture through strategic leadership, innovative risk management, and cross-functional collaboration across the software development lifecycle.

Get In Touch View Experience
About

Driving Security Excellence

With over two decades of experience in information security, audit, and risk management, I specialize in developing comprehensive security strategies that align with business objectives. Currently serving as Head of Security at FundGuard, I lead enterprise-wide security initiatives, integrate DevSecOps practices, and foster a culture of security resilience.

My expertise spans cybersecurity operations, compliance management, incident response, and security governance. I'm passionate about embedding security as a competitive advantage while mentoring teams and collaborating with stakeholders to build robust protection frameworks.

Career

Professional Experience

FundGuard

Head of Security
September 2025 - Present
  • Lead, drive, and strategize enterprise security to the next level, aligning cyber and cloud defenses with business objectives
  • Foster a culture of resilience and position security as a competitive advantage across operations
  • Direct security operations across all facilities and digital platforms, proactively mitigating risks and ensuring compliance with evolving regulatory standards
  • Partner with engineering teams to integrate security into the DevSecOps lifecycle, embedding automated testing and secure coding practices into CI/CD pipelines
  • Continuously evaluate and finetune security tools and platforms to maximize threat detection accuracy while lowering operational costs

SimCorp

Sr. Director, Security
November 2024 - August 2025
  • Developed and executed the organization's security strategy, aligning with business objectives and ensuring robust protection for all systems and data
  • Led high-priority security initiatives and managed the security posture of the organization
  • Led and managed the security team, ensuring effective and efficient implementation of security measures that comply with industry standards
  • Provided leadership in strategic decision-making regarding security infrastructure, investments, and policies
  • Collaborated with senior leadership and other departments to integrate security practices across the software development lifecycle and other business operations
  • Oversaw security risk management, identifying potential threats and implementing measures to mitigate risks
  • Developed and implemented security awareness programs to foster a culture of security across the organization
  • Managed incident response efforts and ensured timely and effective resolution of security breaches or vulnerabilities

SimCorp

Director, Security
January 2024 - November 2024
  • Led and managed the security team, ensuring effective and efficient implementation of security measures compliant with industry standards
  • Provided leadership in strategic decision-making regarding security infrastructure, investments, and policies
  • Collaborated with senior leadership and departments to integrate security practices across software development and business operations
  • Oversaw security risk management, identifying potential threats and implementing mitigation measures
  • Managed incident response efforts ensuring timely and effective resolution of security breaches and vulnerabilities
  • Stayed ahead of emerging security trends and technologies to address evolving security challenges

FIS / SunGard Securities Finance

Director, Risk Management and Audit Operations
September 2020 - December 2023
  • Conducted advanced security investigations and reported findings to the Incident Response Team
  • Managed critical security tools including Biscom (File Transfer) and Vontu (Data Loss Prevention), ensuring optimal functionality
  • Coordinated and managed SOC1/SSAE16 reviews for multiple applications across the organization
  • Coordinated and executed comprehensive security projects including penetration testing and vulnerability assessments using nStalker, OWASP Zap, nMap, Shadow Security Scanner, and Burp Suite
  • Utilized Risk Management Tools to review weekly vulnerability scan findings and manage audit findings
  • Coordinated application security questionnaires and assessed security exemptions
  • Monitored and advised management on information security issues related to systems and workflows
  • Performed risk analysis for functional areas to identify vulnerability points and recommend mitigation strategies
  • Developed, published, and maintained security policies, procedures, standards, and guidelines based on best practices and compliance requirements
  • Assisted in creating, managing, and maintaining user security policies and awareness programs
  • Supported disaster recovery and business continuity planning and testing initiatives

FIS / SunGard Securities Finance

Compliance Analyst Specialist
August 2017 - September 2020
  • Conducted advanced investigations with findings reported to Incident Response Team
  • Managed and maintained security tools to ensure optimal performance and functionality
  • Coordinated security-related projects including assessments and compliance reviews

FIS / SunGard Securities Finance

Information Security Analyst V
January 2016 - August 2017
  • Executed advanced security assessments and vulnerability management
  • Reviewed vulnerability scan findings and managed audit findings
  • Assessed compliance with IT controls and security standards

FIS / SunGard Securities Finance

Senior Information Security Engineer
April 2015 - January 2016
  • Designed and implemented security solutions for enterprise systems
  • Led technical security initiatives and projects
  • Collaborated with cross-functional teams on security infrastructure

FIS / SunGard Securities Finance

Manager, North American Information Security and Audit Operations
August 2013 - April 2015
  • Managed North American security and audit operations teams
  • Oversaw implementation of security policies and procedures
  • Directed security audit initiatives across multiple facilities

FIS / SunGard Securities Finance

Information Security Analyst
August 2008 - August 2013
  • Monitored and assessed information security issues related to systems and workflows
  • Performed risk analysis for functional areas to identify vulnerabilities
  • Developed and maintained security policies and user awareness programs
  • Participated in disaster recovery and business continuity initiatives

Federal Home Loan Bank of Boston

Senior Information Systems Auditor
November 2007 - August 2008
  • Performed information technology audits on complex business and technology processes
  • Evaluated business/technology risks and internal controls to mitigate those risks
  • Developed value-added recommendations to improve operational effectiveness and efficiency
  • Identified opportunities to improve internal controls and reduce organizational risk
  • Prepared audit memos and reports for various levels of management detailing recommendations

American Student Assistance

Audit Supervisor
March 2006 - November 2007
  • Developed the annual audit plan executed throughout the year
  • Developed standardized procedures for Internal and External Reviews including Operational and IT Audit Procedures
  • Managed staff Operation and IT Auditors through completion of the Audit Plan
  • Reviewed daily progress of staff auditors and all work papers for accuracy and completeness
  • Participated in staffing interviews and decision-making processes to expand audit department
  • Trained new hires in department policies and procedures

American Student Assistance

Senior Information Technology Auditor
November 2002 - March 2006
  • Established the IT Audit process and procedures used within the Audit Department
  • Participated in development of annual audit plans across the organization
  • Completed IT Audits on complex business and information technology management processes
  • Evaluated business and technology risks, internal controls, and opportunities for improvement
  • Assessed compliance with IT controls through technical reviews including general IT Controls, information security, network and operating system reviews
  • Developed value-added recommendations for operational effectiveness, internal controls, and risk reduction
  • Prepared and communicated audit memos and reports to management and Audit Committee
  • Built exceptional working relationships with Company personnel and obtained consensus on audit results
  • Trained audit new hires in departmental policies and procedures
  • Documented Company's Business Continuity Policies and Procedures

Staples Incorporated

IS Auditor
January 2001 - October 2002
  • Performed gap analyses of existing processes and identified key control weaknesses and solutions
  • Developed detailed process and systems diagrams to support gap analyses
  • Defined audit scope and developed comprehensive audit plans
  • Executed audit procedures: understanding and evaluating information, identifying business risks, and testing controls
  • Prepared and communicated audit memos and reports to management detailing recommendations
  • Directed daily progress of assigned staff auditors and reviewed workpapers for accuracy

TJX Companies Inc.

IS Auditor
January 1999 - December 2001
  • Provided software development and implementation to users including programming, testing, and quality assurance
  • Performed IS Audits at division and corporate level including General Control Reviews, Application Reviews, and System Development Reviews
  • Identified problems, investigated, analyzed, tested, and documented possible solutions and improvements
  • Examined company records and activities to ensure accuracy and consistency with corporate guidelines
  • Properly assembled and maintained audit workpapers and ensured adequate coverage to support audit conclusions
  • Prepared, revised, and expanded audit programs to ensure complete analysis of assigned areas
  • Prepared and communicated audit memos and reports to management detailing findings and recommendations
  • Assisted external auditors PricewaterhouseCoopers in managing and conducting year-end reviews of key applications
  • Developed and implemented departmental time management system using MS Access
Expertise

Core Competencies

Security Leadership

Strategic security planning, enterprise risk management, and cross-functional team leadership with a focus on aligning security initiatives with business objectives.
Strategy Risk Management Leadership

Cybersecurity Operations

Platform security, incident response, vulnerability assessment, and continuous security monitoring to protect digital assets and ensure business continuity.
Incident Response Threat Detection SecOps

Compliance & Governance

IT audit expertise ensuring compliance with GDPR, SOX, HIPAA, and industry-specific regulatory frameworks.
Compliance Governance

DevSecOps Integration

Embedding security into the software development lifecycle with automated testing, secure coding practices, and vulnerability management in CI/CD pipelines.
DevSecOps Automation SDLC

AI Governance

Developing frameworks for responsible AI implementation, ensuring ethical use, and managing risks associated with emerging AI technologies.
AI Security Policy

Crisis Management

Business continuity planning, disaster recovery, and crisis response coordination to ensure organizational resilience during security incidents.
BCP/DR Resilience
Academic Background

Education & Credentials

Northeastern University

Master of Professional Studies in Informatics (Information Security)
4 Credits from Completion

Northeastern University

Bachelor's Degree in Accounting and Management Information Systems
1999
Let's Connect

Get In Touch

Interested in collaborating or discussing security strategy? I'm always open to connecting with fellow professionals and exploring new opportunities.

Email Me LinkedIn