As a Director in the Security Advisory practice at Stroz Friedberg, Brian leads cross-functional security consulting teams on a variety of engagements, including strategic consulting, risk assessments, compliance, and CISO Advisory projects. Areas of expertise include Cybersecurity strategy, security architecture, application security, vulnerability management, security operations, governance, risk management, and compliance.
Prior to joining Stroz Friedberg, Brian had 23 years at a global systemically important financial institution (G-SIFI), where he held various leadership roles in the areas of business, application architecture/development and Cybersecurity. As a Vice President on the corporate information security team, Brian played a key role in transforming the organization’s Cybersecurity maturity to a top tier program. His responsibilities included leading teams in the areas of Cybersecurity governance, infrastructure and network security, application security, vulnerability management and threat intelligence.
Select experience includes:
• Leading governance programs and reporting to leadership teams and regulators
• Developing metrics for Key Risk Indicators (KRI) and Key Performance Indicators (KPI)
• Vulnerability scanning, network and application penetration testing
• Secure Software Development Lifecycle (S-SDLC) program development
• Risk Assessments including alignment with Second and Third Line of Defense initiatives
• Assessing, managing, and implementing changes to security policies and controls
• Data Loss Prevention (DLP) Program development
• Security Operations Center (SOC) maturation
• User security training and awareness programs
Brian had previously served 10 years in the US Army Reserves and National Guard as an Intelligence Analyst and Fire Direction Control Chief. This experience provided Brian with a foundation for leadership, discipline and accountability.
Brian’s undergraduate degree was a BS in Finance from Bryant University. He has is a Certified Information Security Manager (CISM). Currently, he is in the process of obtaining a Master’s Certificate in Cyber Security from Worcester Polytechnic Institute.