 |
 |
 |
 |
 |
Cybersecurity Consultant |
Certifications:
Professional Organizations
LIPN, LIEN, ILTA, InfraGard, (ICS)2, NY Chapter of (ICS)2, Long Island Chapter (ICS)2, and CMMC-AB.
Information Technology Specialist for over 35 years in the small business and mid-tier market. The last 15 years have been dedicated to implementing and practicing good cyber hygiene with many small and mis-size companies. I have worked with the FBI and high-profile cybersecurity forensic companies on cyber events like Ransomware, highjacked account, malware, compromised email accounts, advanced persistent threats, etc.… Unique experience in dealing with Ransomware and Cyber Insurance.
Our goal and my company’s goal are to prepare companies for cyber events as well preventing it from happening. It is called the “Left of Boom”. Boom is the cyber event; Left is the preparation or prevention of a cyber event.
DataSoftNow is a consulting company focused solely on Cybersecurity. We work with several Managed Service Providers (MSP) both on Long Island and Manhattan in varying degrees of both compliance and certification for their company as well as their clients. With newly released regulations; HIPAA, New York SHIELD Act, ISO 27001 preparation, Part 121 (Education, NIST Cybersecurity Framework 1.1), DoD NIST SP 800-171 Compliance; now certification, and NY DFS Part 500 there have been an increase in Third-Party security audits.
Over the past few years DataSoftNow has worked with many DoD contractors with their NIST SP 800-171 assessments. In November 2020 DoD contractors were required to file their NIST SP 800-171 along with a POAM or risk not being awarded contracts. Starting in 2023 DoD contractors will now be requiring CMMC 2.0 certifications to be awarded contracts. In response to this we registered as a candidate for a Level 2 CMMC-AB assessor. We also registered and passed the exam to become a Registered Practitioner which allow us to work with DoD contractors prepare for the CMMC-AB certifications. As a Registered Practitioner and performing Readiness Reviews which are an essential step in preparing for the certification. Registered Practitioners are trained by the CMMC-AB specifically to help contractors with their preparedness. Recently passing the DoD CMMC CCP training and exam, I have been awarded the distinct certification as a Certified CMMC Professional (CCP).
2017 – Certified Information System Security Professional (CISSP) from the (ICS)2, the world largest and most prestigious cybersecurity organization in the world.
2021 – Registered Practitioner (RP), Department of Defense run organization, CMMC-AB (Cyber-AB).
2023 – Certified CMMC Professional (CCP), Department of Defense run organization, CMMC-AB (Cyber-AB).
DataSoftnow is a candidate Certified Third-Party Assessor Organization (C3PAO) with the Department of Defense (Cyber AB). The organization is pursuing to be able to perform the CMMC NIST SP 800-171A (CMMC 2.0) Certifications.
Worked with the Port Authority of New York and New Jersey as a consultant in preparation of migration of COBAL applications that were used at the three major airport (JFK, Newark, and LaGuardia) to a new application that was Y2K complaint. This included internet connectivity, web applications, client server applications and infrastructure.
Worked in the technology industry as a CNE for a major New York City international law firm. I was quickly move up as the IT Manager for one of the firm’s office. A major project that I was instrumental in getting proposed, budgeted, and implemented was the upgrade from all Microsoft DOS computers to Windows 95 fully networked. Because of my work and expertise with database application design I was the principle in change of migrating our WANG (COBAL) accounting and document management system to a windows-based SQL server and accounting application as well as the migration of all documents from the WANG system to Micrososft Word. The system incorporated over 800 computers, 200 Servers supporting 750 t0 1000 users.
Firm Information Technology Manager 1998 – 2003
Working in the legal space for a major New York City International Law Firm I was move to the firm wide position of Operations & Technology Manager. Here again managing many upgrade to infrastructure and systems.
Director of Information Technology 2004 – 2016
As the Director of Information Technology, my role was to manage both IT capital and operational budgets. Our annual capital budgets were between 3.8 to 7.5 million dollars. One major project that was implemented was on time and under budget. This was the implementation of a firmwide Cisco infrastructure upgrade to support a new Cisco IP Telephony phone system. I managed over 60 IT professionals and supervised 8 IT managers. We were also managing over 45 capital and operational leases. Tracking EOL equipment with full term leases. Managing the leases and maintenace costs required a 3-year budget plan and carrying them year-over-year.
Information technology in law firms took a major turn in 2008. Born was the Advanced Persistent Threat. Working with the firm and understanding the threats the firm was facing; the IT department had to change in the new world of Cybersecurity. All projects now included our internal cybersecurity expert. Working hand-in-hand with one of the most prestigious cybersecurity firm in the world at that time, we rebuilt our entire infrastructure leaving no stone unturned.
President and CISO of DataSoftNow 2017 – Present
DataSoftNow is a Cybersecurity company with its main focus on the NIST SP 800-171A Certification and compliances, NIST Cybersecurity Framework 1.1 Compliance, ISO 27001 Preparedness.
In performing these cybersecurity frameworks, we work with our clients in performing the tasks required to maintain a good cyber-hygiene. Below is a list partial of periodic cyber tasks that are documented and performed: