I enjoy consulting with and advising clients on issues ranging from IT systems compliance, business process optimization, change management,  internal controls and various risk assessments and security design projects. My specialty is projects where the deadlines are immanent, urgent challenges need to be solved, relationships need to be built and failure is not an option.

Rook Consulting is the leading provider of professional services to executives in Information Security, Compliance, and Risk Management. With years of industry expertise, a proven track record, and by employing well known and respected individuals, Rook scales quickly and efficiently to provide clients with the response required by leading corporations. Rook empowers clients by providing talented consultants who are versatile problem solvers with deep domain expertise and strong business acumen. Combining a vast network of information security and business professionals with application of a repeatable, sustainable approach to solving business challenges, Rook provides clients with unparalleled results. Rook's dynamic business model facilitates timely, scalable, efficient services and solutions unequaled by other professional services firms.

Rook's commercial clients cover a range of U.S. and global Fortune 500 organizations including financial services, energy, healthcare, high tech manufacturing, & insurance industries. Make your move.
 

+Rook Consulting (Partner): Present
+Emagined Security (Director): 2007-2008
+Ernst & Young (Senior Consultant): 2004-2007
+Microsoft (Student Consultant): 2003-2004
+Maytag (IT Process Improvement / Governance Intern): 2003
+HolliThomp (Founder / Web Marketing Consultant): 2001-2004
+The University of Iowa (Systems and Security Administrator): 1999-2002
+Dynamic Systems Solutions Group (Sys / Security Administrator): 1998-1999

• Created a Marketing Strategic Plan, conducted market research, and re-designed Emagined's corporate identity and service offerings to improve market positioning. Resulted in increasing the active pipeline (opportunities >20%) from $0 in April 2007 to over $3M by April 2008.
• Created a New Business Development Strategic Plan and internal New Business Development Process, yielding field consultant opportunity identification and overall increased opportunity and partner identification and personally closed over $1M in net new sales with 5 new clients.
• Created a Channel Program and worked closely with top Security partners such as Symantec, Vontu, Check Point, McAfee, Solidcore, and others.
• Created marketing tools and collateral including, new web site, brochures, conference 10x10 booth, web marketing campaigns, etc.
• Created a demand generation campaign which was executed by Emagined, Symantec, and BAO to identify over 50 Fortune 1000 prospects, their 3 top funded projects for the upcoming year, and who the key influencers and decision makers were.

• Managed a large project team guiding a Mortgage Investment Company's Controls Organization in triage and re-design of several hundred IT application controls over a period of 6 months. Designed strategy, built consensus with mid and executive management, met aggressive deadlines all contributing to the timely release of financial statements. By request, returned to the Mortgage Investment Company for a project to assess and re-design IT security controls.
   
• Selected for a triage team responsible for the rapid re-design and implementation of an SDLC process and represented our executive leadership during strategic planning sessions with client executive management leading to a complete re-design and deployment of a Secure SDLC process.
   
• Developed platform security standards for a Fortune 500 company’s nuclear energy facilities.
   
• Guided a Fortune 50 healthcare client through identification, containment, eradication, and recovery from a financial systems failure. Guided triage efforts, developed project strategy, and monitored the execution of the incident response strategy.
   
• Developed minimum baseline standards and tested platforms for numerous clients. Platforms included including Cyberguard, Pix, Checkpoint, Windows 2000, Windows XP, Windows Server 2003, Unix, Mainframe, OS400, Oracle, SQL Server, Linux, RACF, and more.
   
• Assessed security configurations, conducted policy & procedure reviews, and re-designed the Incident Response Plan for a Fortune 50 international credit services company.
   
• Authored an Intrusion Detection System (IDS) evaluation guide which was adopted to guide clients in determining whether they should continue investing in their IDS solution or consider integration or migration to an Intrusion Prevention System (IPS).
   
• Assessed perimeter security configurations, host based security configurations, IDS rules, and provided guidance on a layered security model for an outsourced payroll processing company.
   
• Provided over 3000 hours of Sarbanes – Oxley related IT services. These services included: outsourced Project Management, outsourced Internal Audit services, process documentation, process re-design, process design, control identification, control re-design, control design, procedure documentation, procedure training, test plan creation, test plan execution, test management, stakeholder training, triage compliance services, monitoring, process improvement, and executive reporting.
   
• Assisted numerous clients with year 1 Sarbanes – Oxley, section 404 compliance project scoping and execution.
   
• Developed and coached junior team members.
   
• Served clients from a variety of industries including 3 of our firm’s 100 top global Office of the Chairman Accounts; Fortune 500, 100, and 50 companies including: 2 of top 5 Financial Data Services, top 2 Diversified Financials, top 2 Health Care Managed Care, top 2 Industrial & Farm Equipment.
   
• Identified sales opportunities, contributed to wins, and developed relationships with clients.
   
• Maintained a client billable utilization rate of 99.5% (FY04) 114% (FY05), top 2%.

Industries Served:
Financial Services, Healthcare, Defense, Manufacturing, Consumer Products

• Facilitated the development and implementation of a MCP training class
• Increased corporate donations to the Management Information Systems Dept.
• Instructed training workshops for Microsoft technologies and methodologies

• Assisted in managing Sarbanes Oxley 404 compliance project
• Led Lean Sigma process improvement projects prioritized by Portfolio Project Management tracking to reduce project hours and measure project quality
• Guided incident response efforts for a security incident; created an IR plan
• Performed enterprise IT Risk Analysis and presented remediation plans

• After being laid off due to state budget cuts, I created a web marketing and web based process improvement group where I designed and developed product and service offerings, developed client relationships, negotiated terms, sold contracts on products and services prior to establishing a proven track record on that service offering to clients up to $13M in annual revenue, managed up to 4 students, delivered projects on-time with high client satisfaction.
• Established a value-driven bill rate which averaged over $100 an hour.
• Earned a client's business over all the web development firms in the state, including a competitor with over 40 employees who bid 40% less than our professional fees.
• Designed and managed the web marketing and process improvement project (previous bullet) where we delivered a web site: ranked by Google in the top 10 listings for the client's preferred search terms, containing a full content management back-end so the technically challenged can administer the site, providing fully paperless processes, demonstrating a significant increase in web traffic, and providing a fully paperless back office automation system complete with time logging and inventory tracking.