I am the creator of technology & cybersecurity strategies which enable business objectives and permeate the organizational culture at all levels. I strongly believe that by forging strong partnerships, inside of an organization, and outside of an organization, kinetic energy is built that reduces risk, makes an organization more resilient, and promotes innovation which increases the probability of success.
I am the head of cybersecurity, technology strategy, architecture, operations, and infrastructure at Lumber Liquidators (LL Flooring). Before joining LL Flooring I was CISO for Orvis, Resorts Casino Hotel, and PokerStars.
Outside of the office I have been an executive committee member for the National Retail Federations CISO Council since 2015 and I have contributed to NIST NCCoE publications and have been a part of several PCI Special Interest Groups.
I completed the CISO Executive Program at Carnegie Mellon University and I am now an advisory board member for the Master of Science in Information Security & Assurance program at Norwich University.
CISO Executive Program
Master of Science in Information Security & Assurance Advisory Board Member
CISO & Head of IT Strategy, Architecture, Operations and Infrastructure
March 2019 - Present
CISO & Head of IT Strategy, Support, Infrastructure & Architecture
April 2015 - April 2019
Chief Information Security Officer
April 2014 - April 2015
Security Architect & Engineering Manager
June 2013 - April 2014
Director of Information Strategy & Security
April 2012 - June 2013
Co-Founder & VP of IT & Security
September 2009 - February 2014 GA (Volunteer Position)
Sr. Network Infrastructure & Security Manager
December 2007 - April 2012
Microsoft Certified Special Agent
November 2005 - December 2007
Network Administrator
August 2004 - November 2005
Evolving Technologist
April 1993 - August 2004
Advisory Board Member - Master of Science in Information Security & Assurance Program
April 2018 - Present
Executive Committee Member of IT Security Council
June 2015 - Present
Special Interest Group Member & Nominated To The PCI Board of Advisors Ballot
January 2016 - Present
MFA & PII Tokenization Project Team Member
January 2016 - Present
EC-Council’s CCISO Program has certified leading information security professionals around the world. A core group of high-level information security executives, the CCISO Advisory Board, contributed by forming the foundation of the program and outlining the content that would be covered by the exam, body of knowledge, and training. Some members of the Board contributed as authors, others as exam writers, others as quality assurance checks, and still others as trainers. Each segment of the program was developed with the aspiring CISO in mind and looks to transfer the knowledge of seasoned professionals to the next generation in the areas that are most critical in the development and maintenance of a successful information security program.
The demand for skilled information security management professionals is on the rise, and the CISM certification is the globally accepted standard of achievement in this area.
CISMs understand the business. They know how to manage and adapt technology to their enterprise and industry.
CRISC is the most current and rigorous assessment available to evaluate the risk management proficiency of IT professionals and other employees within an enterprise or financial institute.Those who earn CRISC help enterprises to understand business risk, and have the technical knowledge to implement appropriate IS controls.
This cybersecurity certification is an elite way to demonstrate your knowledge, advance your career and become a member of a community of cybersecurity leaders. It shows you have all it takes to design, engineer, implement and run an information security program. The CISSP is an objective measure of excellence. It’s the most globally recognized standard of achievement in the industry. And this cybersecurity certification was the first information security credential to meet the strict conditions of ISO/IEC Standard 17024.
The Internal Security Assessor program teaches you how to perform internal assessments for your company and recommend solutions to remediate issues related to PCI DSS compliance. Assessors are sponsored by their companies, so when you receive this qualification you will be able to act as a liaison with external PCI auditors and manage interactions with a Qualified Security Assessor (QSA).
The Payment Card Industry Professional is an individual, entry-level qualification in payment security information and provides you with the tools to build a secure payment environment and help your organization achieve PCI compliance. This renewable career qualification is not affected by changes in employment assignments and stays in effect as long as the individual continues to meet requirements. This three-year credential also provides a great foundation for other PCI qualifications.
Together our forces are stronger than they ever will be alone. Please feel to connect with me to ask a question or just to say a quick hello.