As an experienced Information Security professional, Leo has focused on IT Security Operations, IT Governance, Secure Development, Compliance, Risk, and Privacy. His experience blends a diverse mix of small and Fortune 100 companies and a real-world understanding of the challenges and opportunities of PCI, SOX, PII, HIPAA, NIST, and International regulatory requirements. Leo provides strategic advice as well as practical expertise in information security, compliance, and risk management.
Leo’s key capabilities and examples of related experiences include:
Information Security and Risk Management – Create and Manage Information Security and Risk programs to control and reduce risk and meet regulatory requirements.
Regulatory Compliance – Meeting Privacy & Security Obligations – Identify applicable privacy and security regulations and laws, remediate compliance gaps, and create a sustainable compliance program.
IT Governance – Aligning Business and IT
Work with business executives to prioritize initiatives in alignment with long-term strategy and benefits.
Disaster Recovery and Business Continuity Planning
Directed and facilitated development, implementation, and testing of comprehensive organizational plans that include Risk Assessment and Business Impact Analysis, Business Continuity Plans, and Technology Disaster Recovery Plans.
Master of Science Degree in Applied Information Management
University of Oregon – Eugene, Oregon
Bachelor of Arts Degree
University of Washington – Seattle, Washington
Professional Training and Certifications
CISSP – Certified Information Systems Security Professional
CISA – Certified Information Security Auditor