Chief Information and Technology Officer (CIO / CTO / CiSO)
Toronto, Ontario
With over 25 years at the helm of technology leadership, I excel as a seasoned information technology professional adept at delivering innovative technological strategies across the complete product lifecycle. I bring a wealth of expertise with software development, cyber security, cloud and infrastructure. Spanning multiple sectors, including Military, Telecommunications, Aviation, Mobile, Embedded Systems, IoT, Fin-tech and Healthcare.
Experience
Happy Camper - Taking a big summer vacation
June 2025 - Present
Chief Technology Officer - The Nationwide Group
Jun 2022 - May 2025
As CTO (and often CiSO), I led our smooth migration to AWS, shifting our entire infrastructure to the cloud for better scalability, performance, and built-in security. This wasn't just a lift-and-shift. We leveraged services like IAM roles, VPCs, and encrypted S3 buckets to tighten access controls, enable auto-scaling, and slash costs while boosting resilience against DDoS and data breaches.
I led our SOC 2 Type II compliance push with PwC, coordinating rigorous pen testing, vulnerability scans, and red team exercises along with audits from RBC, TD, BMO and Scotia Bank and other private financial institutions and lenders. We hardened our security posture with tools like WAFs, SIEM integration, endpoint detection, and zero-trust principles, proactively closing gaps against exploits, insider threats, and advanced persistent threats to keep data locked down and audit-ready. Worked closely with the banks’ GRC teams to ensure compatibility with their cyber security frameworks.
I drove modernization across our stack and infra, deploying containerization with Docker/Kubernetes, CI/CD pipelines, and microservices to ramp up dev velocity, agility, and market edge. I also aggressively paid down tech debt by refactoring legacy code, migrating to modern frameworks, and automating deployments, making everything more maintainable, scalable, and easier to patch vulnerabilities.
By in-sourcing more capabilities and ditching unnecessary third-party vendors, we reduced attack surface from supply chain risks, gained tighter control over our data flows, streamlined ops, cut expenses, and improved margins, all while keeping service quality high.
I spearheaded our rollout to Microsoft 365, overhauling collaboration with Teams, OneDrive, and SharePoint. We tapped into features like real-time co-authoring, Azure AD conditional access, DLP policies, and Advanced Threat Protection to enable secure remote work, block phishing/ransomware, and let the team innovate faster from anywhere.
I built and scaled internal engineering teams, fostering a culture of collaboration, rapid iteration, and continuous learning. This DevOps-minded approach was crucial for staying adaptable and delivering quickly in a fast-moving space.
Senior Director Of Engineering - Raziel Health
Apr 2020 - Jun 2022
Led multifaceted dev teams handling API, DevOps, QA, Mobile, and AWS infra. Kept everything aligned with business goals while pushing for innovation, faster deliveries, and solid operational reliability through tight CI/CD, automated testing, and infrastructure as code.
Drove regulatory compliance efforts, playing a key role in achieving ISO 27001 alignment, HIPAA compliance, NIST 800-53 framework alignment, and Canada Health Infoway standards. Implemented strict controls around data encryption at rest and in transit, least-privilege access management, detailed audit logging, risk assessments, and breach notification protocols to lock down sensitive health data and meet rigorous infosec and privacy requirements across jurisdictions.
Spearheaded migrations of core apps to .NET Core and Kubernetes clusters. Pioneered facial recognition apps that used smartphone cameras to measure vitals like heart rate, blood pressure, and SpO2 in real-time. Built this with secure on-device processing, encrypted data handling, and compliance with HIPAA privacy rules to minimize risks, enabling new telehealth features and remote patient monitoring capabilities.
Orchestrated the shift of legacy ARM devices to modern Android builds, rolling out robust MDM profiles. This upgrade hardened device security with enforced encryption, remote wipe, app whitelisting, compliance checks, and alignment with NIST mobile guidelines, while streamlining fleet management and reducing breach exposure.
Oversaw integration of full SDLC and DevOps workflows into the Atlassian suite (Jira, Confluence, Bitbucket). Automated pipelines, code reviews, and issue tracking to speed up releases, cut downtime, and improve ROI, all while embedding security scans, compliance gates, and NIST-aligned risk management into every stage.
CIO / CiSO - Ideal Life Inc.
Dec 2011 - Mar 2020
As part of the senior exec team, I shaped priorities around core business strengths and ran deep feasibility checks on tech options. This directly contributed to nailing ISO 13485 certification for medical devices, keeping our tech roadmap tightly aligned with business goals, quality standards, and regulatory demands.
Led cross-border engineering teams across Canada and the US, handling hiring, onboarding, training, mentoring, and motivation for all in-house IT talent. Focused on sparking innovation while maintaining high operational standards, and collaborated on tech asset audits covering finances, ops, network hardening, expanded risk assessments, and granular user access controls with RBAC and least-privilege enforcement.
Supervised various pen tests along with static and dynamic code analysis to ensure code maturity and security.
Spearheaded a secure End-to-End WebRTC video conferencing platform for patient-nurse calls.
Worked on HIPAA compliance, Canada Health Infoway certification, PIPEDA alignment, encrypted data flows, and strict privacy safeguards for PHI across borders.
Directed AWS cloud migrations for both US and Canadian operations, syncing strategies with overall IT vision using services like multi-region setups, VPC peering, and AWS Organizations for governance. Rolled out the NIST Cybersecurity Framework across infra, implementing Identify-Protect-Detect-Respond-Recover controls, including advanced threat modeling and incident response playbooks to strengthen cyber defenses and protect sensitive assets.
Director Of Technology - Ideal Life Inc.
Jan 2007 - Dec 2011
Built the company's entire network and dev environment from the ground up, setting up firewalls, intrusion detection systems, and hardened servers. Handled full-stack IT ops, overseeing software dev, networking, infra provisioning and cybersecurity programs to keep everything running smoothly with zero-trust access controls and regular threat hunting.
Led the design and rollout of an end-to-end IoT platform for medical devices, integrating edge computing, and secure firmware over-the-air updates. Also engineered a custom real-time protocol for reliable, low-latency data streaming from devices, with end-to-end encryption and integrity checks to ensure secure transmission of critical health metrics in clinical settings.
With deep expertise in product design and dev, I managed security across systems, apps, and governance frameworks, aligning with business goals and standards like HIPAA, NIST 800-53, and ISO 27001. Worked hands-on with manufacturing partners in Hong Kong, Taiwan, and China to develop a cutting-edge 2.1+EDR Bluetooth SoC and devices (blood pressure monitors, scales, pulse oximeters, and Linux-based cellular gateways).
Set clear security objectives and rolled out comprehensive policies, procedures, and controls, including DLP, endpoint protection, vulnerability management programs, and incident response plans to shield sensitive data from breaches, ransomware, and exploits.
Prepped multiple devices for 510(k) FDA submissions, handling all documentation, risk management files per ISO 13485, cybersecurity requirements under FDA guidance, and validation testing to secure regulatory clearance in the medtech space.
Oversaw data center migrations and led rigorous audits for SAS 70 Type II, SOC 2 Type II, and SSAE 16 compliance, implementing continuous monitoring, access reviews, and encryption standards to maintain data integrity, availability, and confidentiality while strengthening overall resilience.
Chief Technology Officer - SkyLink Travel Group
Feb 2003 - Dec 2006
Drove major tech upgrades across the org, starting with deploying robust email servers and gateways using Exchange and secure SMTP/POP/IMAP setups with TLS encryption to keep comms reliable and protected for the whole team.
Orchestrated the full migration from legacy NetWare and NT 4.0 domains to Windows 2000/2003 Active Directory environments, consolidating domains, implementing Group Policy Objects for centralized management, boosting performance, compatibility, and laying groundwork for stronger authentication and access controls.
Rolled out advanced monitoring stacks with tools like Nagios/SNMP probes and performance counters for real-time system health tracking, alerting on anomalies, capacity planning, and proactive issue detection to minimize downtime and optimize resource usage.
In network security, designed and deployed multiple site-to-site IPsec VPNs across North America using Sonicwall hardware, with IKEv2 tunnels, AES encryption, and dead peer detection for secure inter-office connectivity and protected data in transit.
Implemented the full McAfee suite, including ePO orchestration, endpoint protection, DLP, host intrusion prevention, and web gateway filtering to defend against malware, zero-days, phishing, and data exfiltration attempts.
Led the modernization push by migrating all legacy apps to web platforms, refactoring classic ASP code to ASP.NET/.NET Framework with MVC patterns, and porting Borland/Delphi-based ticketing and sales systems to modern web stacks with SQL backends for better scalability, maintainability, and easier security updates.
At the same time, directed the build of B2B and B2C e-commerce sites for air travel, car rentals, and hotel bookings, integrating payment gateways with PCI-compliant endpoints, secure APIs, and fraud detection to expand online presence and drive customer interactions.
Professional Services Team Lead - Xpert
Feb 2002 - Feb 2003
In my role, I provided leadership and guidance to a dedicated team of IT professionals, overseeing and actively contributing to a wide array of IT projects. Among my achievements, I successfully implemented and provided advisory support for the deployment of critical infrastructure components such as mail servers, firewalls, backup solutions, security applications, and storage systems.
My expertise extends to the realm of Public Key Infrastructures (PKI), where I possess extensive knowledge in design, implementation, operation, and management. Furthermore, I played a key role in designing disaster recovery strategies specifically tailored for Check Point firewalls, collaborating closely with HP Omniback and Netapp storage devices to ensure comprehensive protection of our systems and data assets.
In specialized projects, I utilized a range of advanced tools including sniffers, forensic tools, and network discovery tools to conduct thorough analysis and investigations. Additionally, I spearheaded efforts to implement security policies aligned with ISO 7799 (now 27001) standards, ensuring adherence to industry best practices and regulatory requirements.
Moreover, I took charge of managing the security innovation lab, where I fostered a culture of continuous improvement and experimentation. This environment served as a platform for testing new technologies, evaluating emerging threats, and refining our security strategies to stay ahead of evolving cyber threats.
Senior Instructor & Lecturer - John Bryce
Mar 2000 - Feb 2002
In my role as a senior instructor, I specialized in providing comprehensive training on Check Point Firewalls, Microsoft technologies, and a range of security technologies such as IP Sec, PKI, McAfee, Symantec, Finjan, and more. Through my combined experience as an instructor and active participant in the ethical hacking community, I strived to empower individuals and organizations to strengthen their security posture and effectively protect their digital assets.
Staff Sergeant - Israel Defense Forces
Nov 1991 - Nov 1994
Electronic communications, computing and intelligence.
Discharged with honors
Education - John Bryce College Jan 1999 - Dec 2002
Information Systems and Technology
Numerous courses, seminars and certifications
Articles