Kurt S.
Cybersecurity Leader | CISO | Security Architecture | SecOps | GRC | AI Risk Management | Healthcare, SaaS, Compliance | Open to Executive & Advisory Roles - The only story that matters is the one you’re working on.
About
CISO and cybersecurity executive with 18 years of experience building audit-ready, multi-cloud security programs for regulated industries.
Professional Brief:
• Building security programs from zero to enterprise scale
• Healthcare & regulated environments (HITRUST, SOC 2, NIST, FedRAMP)
• Leading security through M&A and a $400M acquisition
• Multi-cloud security architecture (AWS, Azure, VMware)
• Enabling growth, AI adoption, and compliance
Experience
Cybersecurity Consultant | vCISO | Fractional CISO | Security Architecture & GRC
DigitalCyx
Apr 2025 – Present(1 yr 1 mo)
Delivering cybersecurity consulting, vCISO and fractional CISO services for organizations scaling securely in healthcare, SaaS, and regulated industries. Build audit-ready, cloud-first security programs aligned with NIST, SOC 2, HITRUST, and HIPAA. Advise executives and boards on cyber risk, GRC, AI security, and architecture to drive resilience, compliance, and business growth.
Chief Information Security Officer
Vālenz® · Wayne, PA
Apr 2017 – Apr 2025(8 yrs 1 mo)
Recruited to modernize and scale Valenz’s IT and cybersecurity strategy. Designed and led implementation of a three-tier, defense-in-depth security architecture and established a fully remote production model—foundational for scalable growth, resilience, and risk mitigation. Expanded architecture to hybrid AWS, Azure, and VMware infrastructure, integrating 7 acquisitions and 30 digital platforms. Built and led security, assurance, and compliance teams to HITRUST and SOC 2 Type 2 certification—enabling enterprise growth and client trust. Pioneered NIST AI Risk Management Framework to protect PHI, PII, and proprietary data during AI innovation—balancing compliance, privacy, and business enablement.
VP of Security and IT Systems | CISO | Director of IT Security
HMS · Las Vegas Metropolitan Area
Sep 2007 – Oct 2016(9 yrs 2 mos)
Recruited to transform startup IT and security at HealthDataInsights. Architected government-grade, multi-zoned, defense-in-depth environments for commercial and CMS contracts (RAC-D, PERM), laying the foundation for secure growth and regulatory compliance. Designed core infrastructure, including $5M disaster recovery site, 24/7 NOC, and compliant DMZ, aligning to NIST SP 800-53 and CMS ARS. Led five CMS SCAs and multiple SOC 2 and ISO 9001 audits. Post-acquisition, managed strategic integration and ongoing modernization for a 900-server enterprise, sustaining federal/commercial growth and continuous compliance.
Education
SF Academy of Art University and California College of Arts and Crafts
No degree, made career change into technology.
Jun 1986 – Sep 1989
Expertise
Specialties
