For over thirty five years, Steve has been directly involved in establishing, building and directing Information Security and Privacy functions. He is the founder and President of Security Risk Solutions, LLC an information security company providing consulting and advisory services to major, mid-size, startup and venture capital companies. Steve is an Executive Advisor to Deloitte. He is also on the Advisory Boards for, Agari . Fortscale, ForcePoint, Vaultive and BatBlue. Steve has also been a member of the (ISC)² Americas Advisory Board for Information Systems Security.He also serves an advisor to the Board of the NH-ISAC
Steve organized and managed the Information Security Program at JP Morgan for ten years. In 1995, he joined Citicorp/Citigroup after the Russian hacking incident. At Citi, Steve was the industry's first Chief Information Security Officer. He spent the next six years directing Citigroup’s global Corporate Information Security Office. Steve then joined Merrill Lynch as their Chief Information Security and Privacy Officer, where he organized and instituted the company-wide privacy and security program. Steve has also served as the interim CISO and Advisor to the Head of Technology Risk at Kaiser Permanente.
Steve has testified before Congress on numerous information security issues and was appointed as the first Financial Services Sector Coordinator for Critical Infrastructure Protection by the Secretary of the Treasury. He was also the first Chairman of the Financial Services Information Sharing and Analysis Center (FS/ISAC) and has been an Advisor to the FS/ISAC Board of Directors and the Financial Services Sector Coordinating Council (FSSCC).