Executive Business Leader with a lifetime worth of Cybersecurity expertise
Driving enterprise security strategy, governance, and risk management at the intersection of technology and business leadership.
About
Senior Vice President of Information Security with proven expertise in building and leading enterprise security programs at global financial institutions.
With a career spanning technology infrastructure, software security, and executive leadership, I bring a comprehensive perspective to cybersecurity challenges. My experience ranges from hands-on technical roles to strategic executive positions, enabling me to bridge the gap between technical teams and business objectives.
Currently leading Technology Governance, Risk, and Compliance initiatives at Goldman Sachs, I've developed security programs that balance regulatory requirements with business innovation, managed cross-functional teams across multiple continents, and advised C-suite executives on complex security and risk matters.
I'm passionate about data-driven security management, emerging technologies including AI/ML security, and building high-performing security teams that enable business growth while managing risk effectively.
Professional Experience
SVP Information Security
Goldman Sachs
Leading Technology Governance, Risk, and Compliance initiatives for a global financial institution. Driving enterprise security strategy, regulatory compliance, and cross-functional risk management programs.
Sr. Information Security Manager
Federal Reserve Bank of New York
Led Software Security and Risk Assessment programs. Established secure development lifecycle practices and managed enterprise risk assessment initiatives for critical banking infrastructure.
Information Security & Compliance Manager
Everyday Health
Designed and executed comprehensive information security program. Managed compliance initiatives and built security operations from the ground up for a digital health platform.
Founder & Chief Architect
Complex Technologies
Founded and led boutique consulting firm specializing in outsourced information security and IT consulting for small to mid-sized businesses.
Early Career - Infrastructure & Security Engineering
Various Organizations
Built comprehensive technical foundation through roles including Sr. Network Engineer (Medfone), Sr. Infrastructure Engineer (EnterpriseDB), IT Consultant, Firewall Engineer, and System Administrator. Earned industry certifications including CCNA, CCNP, CCIE Security, and MCSE.
Core Expertise
A comprehensive skill set developed through decades of hands-on technical work and executive leadership.
Data Driven Technology Management
Leveraging analytics and metrics to inform security strategy and demonstrate business value.
Operational Risk Management
Enterprise-wide risk assessment, mitigation strategies, and regulatory compliance programs.
Cloud, Container, & Mobile Deployments
Securing modern infrastructure including AWS, containerized applications, and mobile platforms.
Cross-Functional Team Leadership
Building and leading diverse security teams across multiple geographies and disciplines.
Compliance & Regulatory Advisory
Navigating complex regulatory landscapes including SOX, PCI-DSS, and financial services regulations.
Large Language Model – AI Security
Emerging expertise in securing AI/ML systems, LLMs, and addressing novel AI-related risks.
Process Improvement & Automation
Streamlining security operations through automation and continuous process optimization.
Business Continuity & Incident Response
Developing resilience programs and coordinating incident response efforts.
API & Micro-service Architecture
Securing modern application architectures and distributed systems.
Agile S-SDLC Methodologies
Integrating security into agile development processes and DevSecOps practices.
Security Operations & Threat Management
Leading security operations including threat detection/hunting, security intelligence, DLP, email encryption, and security awareness training programs.
Cloud & Network Security
Enterprise cloud security architecture, network security operations, and infrastructure protection across hybrid environments.
Phishing & User Awareness
Developing and executing user security awareness programs, anti-phishing campaigns, and security culture initiatives.
3rd Party Risk Management
Vendor security assessments, supply chain risk, and partner ecosystem security.
Technical Program Management
Leading complex security initiatives from conception through implementation and measurement.
Infrastructure & Application Security
Deep technical knowledge spanning infrastructure hardening, application security, and secure architecture design.
Certifications & Education
Professional Certifications
CISSP
Certified Information Systems Security Professional
CISM
Certified Information Security Manager
CEH
Certified Ethical Hacker (EC|Council)
GWAPT
GIAC Web Application Penetration Tester
AWS Certifications
Various Amazon Web Services Certifications
Education
Rensselaer Polytechnic Institute (RPI)
Bachelor of Engineering
Electronic & Computer Systems Engineering (ECSE)
Master of Business Administration
MBA (ACBSP Accredited)
Business Leadership & Strategy
Press & Speaking
"15 minutes of fame"
Channel Pro Magazine
"Focusing on Your Sweet Spot"
Featured article on specialization and business strategy in IT consulting.
Read Article →
InfoSecurity Professional (ISC2)
"5 Minutes with Eugene Tawiah"
Interview discussing cybersecurity leadership and industry trends.
Read Article →
Dutch Television (Vara)
"Kika New York: Hackers"
Television feature on cybersecurity and ethical hacking.
View Episode →
MTV
"True Life: I'm a Hacker"
Documentary series exploring the world of cybersecurity professionals.
Watch Episode →
VAR Insights
"From ASCII Chicago: 7 Cybersecurity Tips for Solutions Providers"
Conference presentation on practical cybersecurity guidance for IT service providers.
Read Article →
The New York Times
Featured in NYT Article
Featured coverage on cybersecurity and technology trends.
Read Article →
OWASP
OWASP LLM Top 10 - Credited Contributor
Contributed to the creation of the OWASP LLM Top 10, a standard for the top security risks in Large Language Model applications.
View Project →Live, Love, Laugh
ex Volunteer EMT | ex Auxiliary Police Officer
Motorized Vehicles
"Does it have an engine?"
Fitness
"Calisthenics and more"
Glamping
"Home is where we park it"
Outdoors
"There's soo much to see and do"
Let's Connect
Available for executive leadership roles, strategic consulting engagements, speaking opportunities, and advisory board positions.