I am a former Chief Information Security Officer with more than 25 years of experience building and leading cybersecurity, risk management, and compliance programs across healthcare, fintech, and higher education. I specialize in helping organizations design practical, risk-based security programs that meet regulatory and customer expectations while directly supporting business growth.

Most recently, I served as CISO at Rectangle Health, where I developed and executed an enterprise-wide security and risk management strategy, achieved and maintained compliance with PCI DSS, HITRUST, NIST, and SOC 2, and established a continuous audit-ready posture. I have led incident response, disaster recovery, and business continuity programs, reduced phishing response times from days to minutes, and eliminated critical security vulnerabilities through targeted, proactive risk mitigation.

Prior to that, I held senior security leadership roles at UConn Health and the University of Connecticut, leading enterprise risk assessments, internal audits, and compliance initiatives across complex healthcare and academic environments. Throughout my career, I have worked closely with executives and boards to translate technical risk into clear business decisions and actionable roadmaps.

I bring a business-first approach to cybersecurity. My focus is not on tools for the sake of tools—it is on building sustainable security programs, clear governance, and pragmatic controls that scale with the organization. Clients work with me because they want experienced security leadership, straightforward guidance, and outcomes they can trust.

Certifications: CISSP, CISM, CISA, CRISC

Education: Norwich University - MS, Information Assurance