Governance-First Security
I am a governance-first fractional CISO with over 25 years of experience driving strategic security and risk leadership.
I founded CyberIntelPro to deliver executive-level security governance and threat intelligence directly to small and mid-sized businesses—providing the strategic leadership and program oversight you need without the cost of a full-time CISO.
I work with your existing IT and MSP teams, not in competition with them. My focus is on translating complex technical risks into clear business outcomes using proven NIST frameworks—helping you achieve proactive compliance, secure enterprise contracts, and make confident, risk-based security decisions.
Proven Executive Leadership
I have successfully led comprehensive security and compliance programs for organizations ranging in size and complexity, establishing a track record of tangible results across critical areas:
Audit & Compliance Success
Led cross-organizational compliance programs that achieved first-time success in numerous regulatory frameworks, including SOC 2 Type II, HIPAA, ISO 27001, PCI-DSS, and FedRAMP.
Risk Mitigation & Architecture
Established and managed a Public Cloud Penetration Testing Program, personally conducting 200+ penetration tests to proactively identify and remediate critical vulnerabilities at scale.
Program & Process Efficiency
Streamlined and coordinated over 100 client security assessment requests from sales teams, reducing response times by an average of 30% and accelerating deal closure.
Data Privacy Leadership
Directed the security and privacy program for a significant AI initiative, ensuring full GDPR privacy compliance for sensitive data and large language models (LLMs).
Framework-Driven Governance
I design your security program using NIST CSF 2.0 as the default ISMS-style baseline—freely available, globally recognized, and right-sized for SMBs. This creates a coherent foundation that I then map and align to any compliance requirements your business faces.
NIST CSF 2.0
Your default ISMS baseline. Organizes your entire program across all six functions: Govern, Identify, Protect, Detect, Respond, and Recover.
Foundation FrameworkNIST RMF
Maintains your risk register and supports risk-based decision making—ensuring security investments align with actual business impact.
NIST AI RMF
Governs AI systems and data use as part of your overall technology risk strategy—integrated, not isolated.
Compliance Framework Governance
I map your NIST CSF 2.0 baseline program to any of these compliance frameworks:
Foundational Credentials
My role as your fractional CISO is anchored in independent, globally recognized credentials. These aren't vendor badges; they demonstrate that I can design, defend, and explain a security program that stands up to regulators, auditors, and enterprise customers.
Professional Certifications
Executive & Leadership
CISSP, CISSP-ISSMP, CISSP-ISSAP, CISSP-ISSEP
Risk & Audit
CISM, CISA, CRISC, CDPSE
Cloud & Architecture
CCSP, CSSLP, CCSK, CCAK
Project & Program Delivery
PMP, ACP, PSM, CSM
Education
MS, Computer Science
NYU Polytechnic School of Engineering
MS, Electrical Engineering
NYU Polytechnic School of Engineering
BS, Electrical Engineering
Drexel University
Ready to Work Together?
Book a free 30-minute consultation to discuss your security needs.