Fractional GRC Leadership for Healthcare & Technology
Most mid-market security teams are technically capable but organizationally overwhelmed. Audits pile up. Vendor processes create friction. New regulations land on legal’s desk with no clear owner. Enterprise deals stall while security questionnaires sit unanswered.
I come in as a fractional GRC leader — embedded enough to understand the business, experienced enough to build what is missing, and structured enough to hand it to the internal team to run.
I work with CISOs, CIOs, CTOs and General Counsel at mid-market healthcare and technology companies — especially when an audit is looming, a deal is stalling, or a new regulation just landed on legal’s desk with no clear owner.
My background spans Deloitte, Take-Two Interactive, and MultiPlan — where I built GRC programs from scratch, led HITRUST certifications, implemented vendor oversight at scale, and turned security from a bottleneck into a business enabler.
Structured engagements for mid-market healthcare and technology companies that need senior GRC leadership — without the full-time cost.
A structured gap assessment that surfaces your highest-priority risks, maps them to the regulations that matter most to your business, and produces a board-ready findings report with a prioritized roadmap.
What You GetFollowing the diagnostic, I build the GRC or vendor oversight program your organization is missing — then stay on as your fractional GRC leader to course-correct, support audits, and advise on new regulatory requirements as they emerge.
What You GetTell me where you are and what’s blocking you. I’ll respond within one business day.
Thanks for reaching out. I will be in touch within one business day.