Experience
Healthcare Entity (Non-Disclosed). 2025
Led the implementation of a GRC (governance, risk and compliance) service line for a multi-hospital system. This includes traditional cybersecurity governance initiatives (policies, procedures) as well as cloud specific monitoring and the adoption of industry best practices. Ran the third-party risk assessment intake process for vetting key vendors accessing company resources, the majority of which were cloud based solutions.
Healthcare Entity (Non-Disclosed). 2023
Identified and risk-ranked key cloud security observations against common security frameworks (HITRUST, NIST CSF) for a large, multi-state healthcare system. Also improved the security posture of the system’s EMR against core security controls.
For additional information on relevant experience, case studies, please email hello@cloudoutthere.com
cloudoutthere.com 