Image by rawpixel.com
 

My deep interest in technology, design, and business has allowed me the opportunity to work on numerous IT and cybersecurity efforts for businesses, nonprofits, and individuals. Below are some of the projects and organizations I’m proud to have been associated with throughout my career.


FEATURED compliance PROJECTS


 

Ford Foundation | Cybersecurity Academy

As Program Support Lead for the Ford Foundation Cybersecurity Program, I collaborate with the Senior Cybersecurity Program Manager to develop comprehensive cybersecurity training programs based on the NIST Cybersecurity Framework, provide technical assistance, and implement security measures for grantee partners. I also cultivate and nurture the Cyber Academy online community by fostering knowledge sharing, promoting security awareness among the community members, and maintaining educational resources. Additionally, I ensure that the program’s Cyber Assessment Tool remains accessible and effective for our diverse user groups by working with our UX and Dev leads for continuous updates and enhancements to the tool.

 

 

NYC Transit Museum | IT & Security Compliance

Spearheading a dedicated team focused on fortifying the museum's website and email systems, I established  alignment with IT audit requirements. Utilizing thorough project planning practices, risk assessments, and strategic execution, The New York Transit Museum  maintained compliance with industry standards like GDPR and PCI DSS. This work encompassed the development and implementation of organizational policies, procedures, and controls. Furthermore, I oversaw incident response protocols, vendor coordination, and ongoing enhancement initiatives to bolster cybersecurity practices and technologies across the organization.

 

 

Brandshare | Data Security and Compliance Solutions

At Brandshare, I served as the department lead for the company’s digital offerings and management with a focus on strengthening cybersecurity and data compliance procedures. Launching efforts to streamline data security protocols, I effectively managed customer data, reducing security vulnerability incidents by 80% and saving the company over $1 million. Additionally, I led client-driven security assessments, ensuring compliance with GDPR and CCPA regulations through requirements gathering, PEN tests, and documentation. Moreover, in collaboration with  IT leads, I established internal regulatory data compliance processes, enhancing overall data security and regulatory adherence company-wide.

Clients Include: Walmart, Proctor & Gamble, Unilever, Downy

 

 

SILK Commerce | IT & Data MANAGEMENT

At SilkCommerce, I collaborated closely with a multidisciplinary team to ensure the security and integrity of e-commerce platforms for clients undergoing data migrations and site redesigns. This work often included integrating ERP (Enterprise Resource Planning) and PIM (Product Information Management) platforms. Leading the planning, execution, and monitoring of these projects, I orchestrated comprehensive risk assessments and implemented mitigation strategies to safeguard against potential threats. Working with tech and design leads, I streamlined compliance with regulatory requirements and industry standards, including GDPR and PCI DSS, while delivering security awareness to enhance clients’ vigilance.

 

 

CYBERLIXIR | Cybersecurity Programs  

Working alongside esteemed non-profit leaders, I managed a wide range of cybersecurity projects for a portfolio of clients, including risk assessments, cybersecurity training, policy implementations, and incident responses. Additionally, I provided technical leadership and ensured compliance with company policies and regulatory standards.

 

 

Gainwell Technologies | Security & Training Compliance

Responsible for enforcing government-mandated regulatory compliance and training across various teams at Gainwell Technologies, I was tasked with ensuring adherence to industry standards such as HIPAA, NIST, and GDPR. Through developing and implementing robust policies, procedures, and controls, I managed incident response efforts, coordinated with regional leads to ensure security compliance, and drove continuous improvement on digital transformation projects.

 

 

CYPtOHARLEM | Security strengthening

Tasked with overseeing comprehensive cybersecurity initiatives for CryptoHarlems clients, I facilitated the education and training programs for non-traditional and underrepresented groups. This education included safety and technology guidance to organizers, activists, and protesters. Additionally, I managed teams to deliver cybersecurity services and assistance to non-profits and enterprise companies, ensuring organizations were equipped to handle digital threats.

 

DANNY SHAW | COPYRIGHT © 2024