Executive Experience

Vice President, Chief Information Security Officer (2019 – Present)
NTT DATA Services, Plano, Texas

  • Accountable for the information security vision and strategy that is aligned to organizational priorities and facilitates the organization’s business goals.
  • Drive the direction and lead the execution of all security control technologies, as well as consult on and provide technical consultation for the overall IT strategy and technology solution architecture.
  • Provide regular reporting on the status of the Information Security program to enterprise risk teams, senior business leaders, NTT DATA board members, and other NTT operating companies.
  • Provide risk-mitigating directives for projects, including the appropriate application of controls.
  • Manage information security incidents and events to protect IT assets, intellectual property, regulated data, and the company’s reputation for both corporate and delivery environments.

Selected Accomplishments

  • Closely partnered with innovation and delivery teams to ensure strategic digital and cloud offerings are secure by design, have security built into agile and DevOps lifecycles, and are compliant with all international regulations.
  • Implemented advanced zero-trust security architecture to ensure only authenticated and authorized assets and users can reach and interact with internal systems and applications from anywhere in the world without the need of traditional VPN technology.
  • Designed automated DevOps workflows within security engineering and operations to increase accuracy of changes, deploy changes faster, lower our incident response times, and increase protection of organizational data assets.
  • Led IT automation and modernization efforts to streamline employee and asset onboarding, enable remote asset imaging/configuration, provide tools to quickly diagnose and resolve employee IT issues, application self-service to install third-party applications
  • Accurate budget and spending forecasting discipline (less than 2% annual variance).

Director, Chief Information Security Officer (2012 – 2018)
American Airlines, Fort Worth, Texas

  • Accountable for the Information Security vision and strategy that is aligned to organizational priorities and facilitates the organization’s business goals.
  • Drive the direction and lead the execution of all security control technologies, as well as consult on and provide technical consultation for the overall IT strategy and technology solution architecture.
  • Provide regular reporting on the status of the Information Security program to enterprise risk teams, senior business leaders, and American Airlines board members.
  • Provide risk-mitigating directives for projects, including the appropriate application of controls.
  • Manage information security incidents and events to protect IT assets, intellectual property, regulated data, and the company’s reputation for both corporate and delivery environments.

Selected Accomplishments

  • Founded the office of the CISO at AA. Drove cyber risk visibility to AA’s board of directors as well as established board-level charter to report quarterly to Audit Committee. Founded and chaired Information Security Council which consisted of executive stakeholders.
  • Launched enterprise technology risk and governance processes to align information security capabilities to corporate risk-tolerance levels.
  • Executive sponsor and active participant of DevOps initiative at AA including driving a “shift-left” mentality, automation, “governance as code,” and aligning substantial budget and processes to drive transformation.
  • Established industry-first penetration testing program focused on IoT, aircraft components, and the aircraft engineering lifecycle to identify and help remediate risks.
  • Founder and Board member of Aviation-ISAC, RSA Conference program committee member, numerous Customer Advisory Boards, as well as local DevOps and information security groups.
  • Accurate budget and spending forecasting discipline (less than 3% annual variance).

Other Employment Experience

American Airlines – Manager, Network Engineering & Delivery (2012 – 2012)
American AirlinesManager, Information Security Architecture and Consulting (2011 – 2012)
American AirlinesPrincipal Architect, Information Security (2009 – 2011)
American AirlinesSenior Architect, Information Security (2007 – 2009)
University of North TexasData Center Network and Security Manager (2005 – 2007)
University of North TexasUNIX & Messaging Systems Administrator (2003 – 2005)
University of North TexasInformation Security Analyst (2002 – 2003)
Tetra PakSenior Security, Infrastructure, Network Engineer (2007)
PepsiCo Help Desk Analyst (2001 – 2002)
Nortel NetworksFinancial Analyst (1998 – 2001)
Federal Reserve Bank of DallasBank Research Analyst (1997 – 1998)