My experience includes a history of making impactful contributions leading enterprise risk/vendor discussions and initiatives; especially proficient and effective in the convergent integration of compliance with operations and business needs; high priority placed on maintaining proactive security posture through thoughtful planning and innovative automation.

Successful risk management relies on clear communication and collaboration between internal teams and external partners. Integrating risk practices throughout the vendor lifecycle not only minimizes threats but also strengthens organizational resilience and trust.

Risk management integrity and relentless diligence are essential for strong cybersecurity, involving the identification, assessment, and mitigation of threats to organizational assets and operations. By using governance frameworks and effective tools, businesses can proactively address risks with ongoing monitoring and incident response strategies.

Third-party risk management extends this discipline to partners and service providers. It includes thorough vetting, contract reviews, and ensuring compliance with security standards. Regular audits and performance checks help ensure vendors uphold required controls.

Extensive experience performing enterprise risk assessments; leveraging assessment tools and risk registers (Qualys, Rapid7, Tenable, Archer, ServiceNow GRC).

Partnered with business, security, and engineering personnel to recommend planning and execution of mitigation strategies.

Monitor progress; ensure adherence to NIST CSF, RMF, CIS, ISO 27001, SOC 2 mandates alongside tailored standardization based on corporate cybersecurity governance, policy and business needs.