CISSP, Has Successfully Completed the Fundamentals of Auditing for NERC Compliance Training Course
Director – Consulting Services
Professional Experience / Credentials
• 20+ years of Information Technology experience
• Former Manager of Information Security and Compliance for a large investor-owned utility, a key role of which included the full establishment and on-going maintenance of a NERC CIP compliance program
• Has represented investor-owned utilities on multiple North American cyber-security working groups
• Successful leadership experience of cross-functional teams to attain regulatory compliance with industry standards, including the NERC CIP Standards
• Has designed and implemented corporate-wide programs for asset classification, vulnerability and patch management, incident response and risk assessment
• Designed and implemented network security architecture and wrote a comprehensive set of information security policies and standards that formed the basis for a large investor-owned utility’s information security program
• Extensive knowledge and experience in selecting, designing and implementing high availability firewall management systems, including reporting capabilities, disaster recovery procedures, monitoring and alarm capabilities, and network-based intrusion detection systems as well as threat monitoring and awareness training activities
• Expertise in network security, vulnerability and patch management, policies & procedures, threat monitoring, risk assessments, and regulatory compliance
• Experienced writer of information security charters and supporting policies and procedures
Certifications / Education / Training
• CISSP – Certified Information Systems Security Professional
• Has Successfully Completed the Fundamentals of Auditing for NERC Compliance Training Course
• Master of Science, Computer Science, University of Colorado
• Bachelor of Science, Mathematics and Computer Science, Marquette University
Professional Affiliations (Past & Present)
• Member of NERC CIP Standards Drafting Team
• Southwest Power Pool Critical Infrastructure Protection Working Group
• NERC Critical Infrastructure Protection Committee
• North American Transmission Forum – Security Practices Group
• Edison Electric Institute Security Committee
• InfraGard Kansas City Member’s Alliance – President
• International Information Systems Security Certification Consortium
