Co-Founder & Senior Partner - Harmony Healing - Ohio, Texas
(2026-01)
Harmony Healing is an early-stage Healthcare Managed Services Organization (MSO) operating under an MSO-PLLC model (DBA of Arolaeh, Inc., C-Corporation), delivering management and administrative support services across three active lines of business — Wound Care, Urgent Care, and Weight Loss/Longevity —, serving multi-state markets including Ohio, and Texas.
- Spearheaded all enterprise governance, legal structure, and corporate formation activities including establishment of the MSO-PLLC operating model, C-Corporation registration, Operating Agreement development, and Board of Directors governance framework
- Architected enterprise IT, cybersecurity, and HIPAA compliance infrastructure across all service lines, leveraging deep expertise (CISSP, C|CISO, CRISC, CISA, CDPSE) to establish security governance frameworks, data privacy controls, and technology systems supporting clinical operations.
- Directed development of comprehensive operational and financial infrastructure including multi-tab P&L budgets, 36-month pro forma projections, break-even analyses, clinician compensation structures, and payroll reporting across Ohio and Texas markets.
- Recruited and structured a senior leadership team including a CEO-in-Waiting (Strategic Advisor), VP of Clinical Operations, and Board of Directors with Strategic Advisors; prepared and facilitated inaugural Board of Directors meeting and ongoing governance cadence supporting executive accountability and strategic direction.
Chief Information Officer (CIO) - The Wound Pros
(2023-10 - 2026-02)
The CIO also contributes to the growth and financial integrity of The Wound Pros by supporting the company's mission and service goals, involvement in establishment of organizational goals, policies, and personnel practices, and serves as a member of the Executive Team.
- Establish and maintain a plan and budget that integrates IT with the business units and enterprise. This plan and budget will be transparent, as the CIO enables the Executive Team to make informed strategic decisions based upon the business goals of the organization.
- Reported monthly dashboard metrics.
- Lead by example, mentor and develop staff to achieve their full potential.
- Work with Departments to evaluate current IT needs and develop a strategy to address those needs.
- Align the projects, initiatives and tasks to the enterprise business goals and objectives.
- Vendor management, contract negotiation and 3rd party strategy vCISO, Cybersecurity Consultant - Strategic Point Cybersecurity (SPC)
(2022-06 - 2023-09)
- Presents to the client's Executive Team on Information Security risks, the Cybersecurity roadmap, Compliance, and other issues as needed.
- Leads and develops Security team responsible for standards, governance, policies, procedures, compliance, and Operations.
- Documents and communicate emerging threats and technologies to the client's key stakeholders to keep the security architect function aligned with the threat and risk.
- Defines metrics and reporting strategies that effectively communicate successes and progress of the security program.
- Manages and sustains the cybersecurity incident response strategy and plan.
- Collaborate with the client's Executive Team, General Counsel and Enterprise Risk Management Team to remediate new and outstanding issues via management of the Risk Register.
- Regulatory requirements, frameworks, standards, and industry best practices of focus: HIPAA, CCPA, GDPR, CSM, NIST CSF, NIST 800-53, CIS
Director, Cyber Security - Bank of Montreal (BMO) Financial
(2019-08 - 2022-03)
- Experienced leader delivering results that impact the current and future state business goals. Program direction includes budgeting, personnel management, strategy, and business collaboration.
- Served in leadership capacity for key enterprise projects and initiatives to include launching of Digital Crown Jewels project and program.
- Experienced in creating executive presentations and delivering information to regulatory, executive, business, and technology leadership.
- Steering Committee Chair Patch & Vulnerability Management
- Led initiative to improve the process for Cyber Standards development and reporting to meet current requirements as defined by the BMO Board of Directors, Executive Leadership, and Cyber Leadership
- Drove efforts to improve cost and service models for the Financial Crimes Unit (FCU) and Cyber Merger and Acquisition areas.
- Regulatory requirements, frameworks, standards, and industry best practices of focus: ISO 27000 Series, NIST CSF, FFIEC CAT, GLBA, PIPEDA, PCI DSS, Sarbanes-Oxley (SOX), NY DFS
Consultant: Information Security - Insight Global
(2019-04 - 2019-08)
Client: Bank of Montreal (BMO)
- Program direction includes budgeting, personnel management, strategy, and business collaboration.
Senior Manager, Information Risk Management - Tenneco
(2016-09 - 2019-01)
Reported directly to the Global CISO of the fortune 500 Company.
- Responsible for the company wide Information Risk Management Program
- Responsible for budget and forecasting for the Information Risk Management Tower of the Information Security Program
- Responsible for the management of the Information Security Metrics and Reporting Program
- Responsible for the management of the Third-Party Security Review Program
- Responsible for management of the enterprise Governance Risk and Compliance (GRC) tool
- Regulatory requirements, frameworks, standards, and industry best practices of focus: ISO 27000 Series, ISO 31000, GDPR, NIST 800-53, Cybersecurity Law - China
Finance Business Information Risk Officer - HSBC
(2016-02 - 2016-09)
- Direct management and responsibility for all information security functions as outlined by Security and Fraud Risk in support of the Finance Business Information Risk Officer program.
- Regulatory requirements, frameworks, standards, and industry best practices of focus: NIST 800-53, ISO 27000 Series, Sarbanes-Oxley (SOX), Safe Harbor.
Consultant: Information Security Risk - Insight Global
(2014-11 - 2016-01)
Client: HSBC
- Conducted Third Party Information Security Reviews
Senior Cyber Security & Risk Consultant - PWC
(2013-10 - 2014-10)
- Served as the technical lead in a vendor assessment for PCI Security and compliance requirements.
- Served as a technical lead in a Threat Modeling engagement. Conducted and participated in a series of workshops with technical client teams to identify high-risk threat vectors facing the organization, mapped out detective and preventive defenses, and performed a gap analysis to prioritize remediation activities.
- Regulatory requirements, frameworks, standards, and industry best practices of focus: ISO 27001 Series, HIPAA, PCI DSS, Safe Harbor, NIST-800-53, ISO 31000.
Information Systems Security Officer - James Secure Solutions - Chicago, Illinois
(2011-11 - 2013-10)
Client: Federal Bureau of Investigations (FBI), Chicago Field Office
- Lead for the Certification & Accreditation Project for the Chicago Division of the Federal Bureau of Investigations
- Regulatory requirements, frameworks, standards, and industry best practices of focus: NIST 800-53, FISMA.
Assistant Director, IT Security, Risk Compliance - Federal Home Loan Bank of Chicago
(2003-05 - 2010-09)
Reported directly to the Head of Global IT Operations. Member of the Federal Home Loan Bank of Chicago Information Technology Senior Management Team that was responsible for reviewing Information Technology related activity as it related to business process activity. The primary purpose of the IT Sr. Management Team was to review cross-sectional initiatives as a diverse body of subject matter experts to provide direction for the ultimate approval of the Executive Team and the Board of Directors.
- Served as Manager, which included preparing budgets, assignment tasks, managing projects, providing performance appraisals, employee hiring and termination.
- Created policies, and procedures in alignment to the business strategy of the regulated environment.
- Liaison for IT Security, Governance Risk & Compliance related issues to the external and internal auditors, including the bank regulators.
- Experienced in creating executive presentations and delivering information to regulatory, executive, business, and technology leadership.
- Steering Committee Chair Patch & Vulnerability Management
- Led initiative to improve the process for Cyber Standards development and reporting to meet current requirements as defined by the BMO Board of Directors, Executive Leadership, and Cyber Leadership
- Drove efforts to improve cost and service models for the Financial Crimes Unit (FCU) and Cyber Merger and Acquisition areas.
- Regulatory requirements, frameworks, standards, and industry best practices of focus: ISO 27000 Series, NIST CSF, FFIEC CAT, GLBA, PIPEDA, PCI DSS, Sarbanes-Oxley (SOX), NY DFS