Expertise: David is an information security subject matter expert. His information security and IT background originated in IT network engineering and his career has spanned the past 18 years. He has worked extensively with enterprise level clients in the U.S. and internationally, implementing strategic information security programs that help organizations protect their employees and critical information assets.

He has performed enterprise information security audits and is a security expert in all architectural IT layers; this has enabled him to work and communicate with large cross-functional IT teams that ensure all aspects of information security are considered.
He holds numerous information security related certifications such as CISSP, CISA, QDSP and CGEIT and is an active member in the Silicon Valley information security associations and communities.

Subject Areas - Information Security, IT Governance, Business Continuity, Disaster Recovery, Enterprise Architecture, Compliance

Business Acumen – Strategic planning, process improvement, teamwork and program management.

Industry Verticals – Hi-Tech, Retail, Life Sciences, Manufacturing, Finance, Healthcare

Representative transformation programs include:

• Information Security Management – Designed and implemented numerous information security programs utilizing ISO27000 and NIST standards. In 2007 he was responsible for one of the first Bay Area ISO27001 certifications for a $5b Hi-Tech client that has lead to significant process improvements and customer revenue opportunities due to certification competitive advantages.

• Compliance – Managed PCI audits for retail, life sciences and financial organizations. Provided advisory services and managed our client’s environments to PCI compliance. David has automated IT compliance processes that has helped reduce operational costs for IT SOX programs that has also lead to significant improvements in the IT related SOX processes.

• BCP/ DR – Performed business continuity and disaster recovery projects that help clients maintain the integrity of business processes and critical information and application assets. David has managed and contributed in several aspects of these programs from scope definition, business impact analysis to testing.

A sample list of clients includes: NetApp, VMware, JDSU, Life Technologies, Chordiant, Symantec, Central Pacific Bank
Past employers: Reuters, Hitachi

References, affiliations, certifications and publications are available on request.