A senior cybersecurity professional and adjunct professor with a proven record of excellence in developing and implementing comprehensive cyber security programmes for global clients in financial services, healthcare, life sciences, automotive, and entertainment. Built and led a cyber security practice focused on secure application development with over 75 global security professionals. Over 20 years of professional experience in security governance, risk management, secure application development, practice leadership, security assessments, security tool evaluations and integrations, and reporting and dashboard development for effectively communicating KPIs/KRIs to executive leadership.
Keith served as the Chairman of the Board of The Fulbright Academy of Science and Technology, an independent organization established by the global community of Fulbright scholars to create opportunities for collaboration among alumni and their institutions with a primary focus on serving as a catalyst for progress in the respective fields. As Chairman, Keith was responsible for appointing committees and task forces, interfacing with the Executive Director, and serving as the spokesperson for the Academy at multiple international conferences, and leading the TEDx Fulbright Programme initiative.
- Swiss Bank: Designed and implemented a global application security testing managed service for a global bank. Built delivery centers in Singapore, United Kingdom, Switzerland, and India to address complex regulatory requirements. Tested over 2,000 applications and identified more than 10,000 vulnerabilities in the initial 18 months. Provided executive visibility into application risks to the global bank and reduced time to remediation by 75%.
- Major US Bank: Led the development and implementation of an enterprise-wide Payment Card Industry Data Security Standards (PCI DSS) compliance programme for a major US bank.
- Bank Holding Company: Developed an organization’s IT security policies and standards to enable transformation to a bank holding company. This included the analysis of over 290 regulatory drivers (e.g., ISO, FFIEC, FDIC, COBIT), served as the facilitator for policy/standards review sessions with the chief information officer, chief information security officers, business owners, application owners, and other senior company officers.
- Global Pharmaceutical Company: Developed and implemented the IT security strategy and security testing solution for a major pharmaceutical company’s global SAP-based human resource solution.
- Law Enforcement: Led a team of auditors who served as the IT security audit liaisons for ten components at the U.S. Department of Justice (DOJ) during the Office of the Inspector General (OIG) annual financial system audit. Performed general and application control reviews, system development life cycle reviews, physical security assessments of data centers and facilities, network vulnerability assessments, and assessments of disaster recovery planning and system testing.
- Law Enforcement: Led the development of multiple law enforcement applications that were leveraged by the New York Police Department which included a case management system for tracking all case work within the department. Developed the next generation object-oriented database tracking system used for tracking gang activities and crime-related objects/weapons/vehicles. Also incorporated facial recognition and the use of mobile devices for expeditiously advancing case work in near real-time.
Areas of Expertise
- Secure Software Development Lifecycle (SSDLC)
- Cyber Security Assessment and Controls Evaluations
- Application Security Testing (On Premise and Managed Service)
- Banking & Capital Markets
- Life Sciences
- Fulbright Scholar, Information Assurance Programmes in the German Banking Industry, Georg-August Universität Göttingen 2004
- Master of Science, Engineering Management, George Washington University 2003
- Graduate Certificate, Information Security Management, George Washington University 2001
- Bachelor of Arts, Geology, George Mason University 1992
Professional Memberships and Certifications
- Certified Information System Auditor (CISA)
- Adjunct Professor of Cyber Security, Fordham University