Accomplished IT Compliance and Information Security professional with 30 years of experience leading end-to-end IT SOX programs, audits, and risk assessments in complex regulatory environments. Expertise includes control design, testing, remediation, and reporting aligned with SOX, PCI, ISO, FedRAMP, and HIPAA. Skilled in partnering with engineering, DevOps, and IT teams to implement scalable controls, manage walkthroughs and evidence, and guide remediation and SDLC compliance. Experienced in developing governance policies, maintaining SOX documentation, and serving as a primary liaison to external auditors to strengthen security frameworks and control effectiveness.