About Me
As a Technology Director with over 25 years of experience in IT and cybersecurity, I specialize in providing executive-level consulting to enterprises seeking to strengthen their security posture. My expertise in information security governance, risk management, and compliance enables organizations to develop robust security strategies aligned with business objectives.
Currently serving as the Technology Director at DivergeIT since 2006, I lead initiatives that help organizations navigate complex security challenges in an evolving threat landscape. My approach combines technical knowledge with business acumen to deliver practical, effective security solutions for businesses of all sizes.
Areas of Expertise
Security Leadership
- CISO-level Advisory
- Security Program Development
- Information Security Governance
- Strategic Security Planning
- Security Awareness Training
Risk Management
- Threat Modeling
- Vulnerability Assessment
- Risk Analysis & Mitigation
- Business Continuity Planning
- Disaster Recovery Strategy
Compliance & Standards
- ISO 27001/27002
- NIST Cybersecurity Framework
- GDPR, CCPA, HIPAA
- PCI DSS Compliance
- Industry-specific Regulations
Technical Security
- Security Architecture Design
- Cloud Security (AWS, Azure, GCP)
- Identity & Access Management
- Security Operations
- Zero Trust Architecture
- Endpoint Protection
Professional Experience
Technology Director
DivergeIT
October 2006 - Present
- Provide strategic direction for the technology and security services portfolio
- Consult with enterprise clients at the CISO level on security strategy and implementation
- Lead a team of security professionals delivering assessments, architecture reviews, and security program development
- Develop and implement security frameworks tailored to client organizational structures and industry requirements
- Design and implement comprehensive security architectures including network segmentation, data protection, and threat detection
IT Director
Premier IT
2006 - Present
- Lead strategic IT planning and cybersecurity initiatives
- Manage enterprise-level security implementation and oversight
- Develop comprehensive security policies and procedures
- Perform security risk assessments and implement remediation strategies
IT Director
Paul Davril Inc.
2003 - 2006
- Managed IT infrastructure and security operations
- Implemented security controls and compliance measures
- Led technology planning and deployment initiatives
- Coordinated security assessments and vulnerability remediation
Project Manager
Kenneth Cole Mens and Womens Apparel
2003 - 2005
- Managed IT and security projects for retail operations
- Implemented PCI compliance measures across retail systems
- Coordinated technology deployments and security integration
Field Engineer
South Coast Computers
2001 - 2002
- Provided on-site technical support and security services
- Implemented secure network configurations
- Performed security assessments and remediation
Certifications
CISSP
Certified Information Systems Security Professional
CISM
Certified Information Security Manager
CCSP
Certified Cloud Security Professional
PMP
Project Management Professional
Security Posture Expertise
I specialize in building robust security postures that protect organizations from evolving threats while enabling business growth:
Security Program Assessment
- Comprehensive evaluation of existing security controls and measures
- Gap analysis against frameworks like NIST CSF, ISO 27001, and CIS Controls
- Maturity modeling to benchmark against industry standards
- Executive-level reporting with actionable recommendations
Defense-in-Depth Strategy
- Multi-layered security architecture design
- Implementation of Zero Trust principles
- Data classification and protection strategies
- Network segmentation and access control
- Cloud security architecture and controls
Security Operations Enhancement
- Security monitoring and detection capabilities
- Incident response planning and tabletop exercises
- Security automation and orchestration
- Threat intelligence integration
- Vulnerability management programs
Governance, Risk, and Compliance
- Security policy development and implementation
- Regulatory compliance gap assessment and remediation
- Risk management frameworks and methodologies
- Third-party risk management programs
- Security metrics and KPI development
Technical Interests & Expertise
As a technology director with a strong security foundation, I'm passionate about exploring emerging technologies and implementing cutting-edge security solutions:
Cloud Security
- AWS Security Architecture
- Azure Security Controls
- GCP Security Framework
- Multi-cloud Risk Management
- Secure Cloud Migration
Development & DevSecOps
- Secure Coding Practices
- CI/CD Pipeline Security
- Infrastructure as Code
- Container Security
- Secret Management
Emerging Technologies
- Zero Trust Architecture
- Secure AI Implementation
- Blockchain Security
- IoT Security Frameworks
- Edge Computing Security
Current Projects
- Advanced threat modeling methodologies
- Secure architecture blueprints
- Security training curriculum
- Zero Trust implementation guide
- Security metrics dashboard
Personal Interests
Surfing
Passionate about catching waves at dawn and exploring new surf spots around the world.
Cooking
Experimenting with fusion cuisine and perfecting techniques from various culinary traditions.
Yoga
Practicing yoga to maintain balance, focus, and mindfulness in both professional and personal life.
Get in Touch
I'm always open to discussing cybersecurity challenges, professional opportunities, or connecting with like-minded professionals.