Adam R. Rubenstein CISA

Primarily focused on implementing scalable processes to ensure PatientIQ is proactively mitigating risks and empowering team members with the tools and technology to do their work most effectively and securely.

• Developed and implemented a comprehensive information security program to safeguard the confidentiality, integrity, and availability of over 12 million patient records.
• Formulated and managed annual OPEX and CAPEX budgets for IT, application security, and information security, focusing on tool acquisition, staffing, and optimized operations.
• Directed the orchestration of external audits and certifications, prioritizing the attainment of SOC 2 Type 2 certification, augmented by the rigorous integration of HITRUST i1 controls.
• Assumed advanced responsibilities pertaining to the technical integration of PatientIQ with client systems. Duties encompassed configuring VPN tunnels for HL7 data transmission, specifically managing SIU, ADT, ORU, and MDM feeds.
• Formal appointment as PatientIQ’s HIPAA Security Officer

Lead complex client engagements that help refine the client's IT strategy with a focus on inorganic growth by conducting IT diligence, divestiture support, and post-merger support for clients as they asses JVs, Partnerships, Acquisitions, or potential sales

• Identify gaps and risk associated with IT enablement, IT maturity and IT technical debt and provide recommendations on how to mitigate the risks in the M&A context
• Determine separation and standup costs considerations during carve-out specific projects. During integration-related projects, estimate integration and synergy costs
• Assess the maintainability, scalability, reliability, architecture, and security of custom developed business solutions
• Led cross-functional divestiture planning and post-merger standup/integration work efforts including: PMO leadership, Transition Service Agreement (TSA) negotiation; transition planning; application and infrastructure selection; and one time, and recurring cost estimation
• Manage day-to-day interactions with executive clients and sponsors; develop and maintain contact with top decision makers at key clients

Responsible for conducting enterprise-wide cybersecurity and risk assessments, threat hunting, compliance assessments, and IT and cybersecurity due diligence for mergers and acquisitions across various industries for private equity firms.

• Completed 50+ cybersecurity and IT diligence engagements across several industries, including software and technology, security services, retails, healthcare, manufacturing, and security
• Subject Matter Expert for diligence engagements with domestic and internal regulatory exposure in areas such as GDPR, ISO 27001, NIST-800, PCI-DSS/PA-DSS
• Led Cybersecurity Advisory for Private Equity (CAPE) programs across various Private Equity firms, both from a delivery and ongoing support perspective as well as overall program management and oversight
• Responsible for deploying endpoint protection tools during an active breach
• Used various tools and methodologies to threat hunt and identify indicators of compromise during active breaches and as a proactive service

• Conducted technical consulting engagements to help customers configure and maintain their Carbon Black instances
• Helped formalize Carbon Black's business continuity strategy through policy creation and leading tabletop incident response exercises
• Represented Carbon Black by speaking at major conferences such as FS-ISAC
• Member of the Carbon Black GDPR work-group that validated our internal compliance to the regulation
• Responsible for the creation of mapping documents that showed customers how Carbon Black can fulfill compliance requirements related to PCI DSS, SOX, GLBA, GDPR and FFIEC

• Helped merchants with PCI DSS compliance obligations design infrastructure strategies that would reduce the amount of assets considered in-scope for compliance
• Promoted to Trustwave's security consulting division and began work to become a PCI DSS QSA

• Served as head trader for refined products
• Conceptualization and implementation of automated and quantitative trading strategies
• Traded as a market-maker and spreader of the U.S. Treasury yield curve from the 2-year through 30-year maturities
• Liquidity provider on multiple global exchanges

• Worked closely with a team of quants to build an automated commodity trading strategy
• Oversaw development of proprietary applications
• Helped vet future candidates to the commodities team.
• Ran the largest grain and metals portfolio at the firm with sole discretionary responsibility