MICHAEL C DAVIS
San Francisco Bay Area
Summary
HITRUST certified CSF practitioner with 18+ years of progressive experience building, maturing, and leading enterprise-wide security programs. A collaborative leader with proven track record designing and operationalizing information security for AI, SaaS, health-tech, med-tech, medical device, and healthcare entities, achieving critical certifications (HITRUST, SOC 2, NIST, ISO), and embedding security within corporate strategy.
Overview
18
18
years of professional experience
1
1
Certification
Work History
Director of Information Security / Compliance Officer
AKASA Inc.
10.2020 - Current
- As Director of Information Security and Compliance officer, I lead AKASA’s security and compliance initiatives, ensuring AKASA meets regulatory requirements and maintains strong governance.
- I designed the information security management program (ISMP) and manage a high-performing compliance team.
- I’ve driven key security certifications and continue to evolve AKASA’s risk management framework.
- Oversee all compliance obligations, including HITRUST, SOC 2, and NIST Cybersecurity.
- Lead security governance efforts, acting as Security Committee Chair.
- Manage 10+ member interdisciplinary team responsible for all security related functions.
- Partner with Sales and Marketing teams to develop compelling, security-focused messaging.
- Meet with prospective and current customers to validate our security posture.
- Manage budget and resource allocation for compliance operations and cybersecurity initiatives.
- Communicate effectively with CTO, executive board members and key stakeholders.
- Collaborate effectively with engineering, IT, HR, legal and operations departments.
- Create network security, incident response, vulnerability management and BCDR strategies.
- Created foundational ISMP based on HISTRUST 9.x Risk Management Framework.
- Chartered Security Committee and provide ongoing security strategy and leadership.
- Successfully achieved and renewed HITRUST, SOC 2, and NIST certifications.
- Hired, managed and mentored security team, fostered growth and leadership opportunities.
- Implemented a GRC platform for enhanced compliance management.
- Maintained a four-year record of no significant security incidents or data breaches.
- Developed a new third-party vendor risk management workflow.
- Led community engagement efforts, including mentorship programs and charity events.
- Created entire new security policy, procedure and agreements stack.
- Implemented new comprehensive company-wide Infosec security training program.
- Reduced security costs by 30% while increasing internal and external coverage by 50%.
Senior Risk Advisory Consultant / HITRUST & SOC2 Auditor
Wipfli LLP
07.2017 - 04.2020
- Worked directly with entities of all sizes and industries to validate security controls, identify risks, analyze risks, and develop governance programs to maintain regulatory compliance.
- Functioned as an auditor for HITRUST Assessments and SOC 2 engagements.
- Conducted audits and performed HIPAA security and privacy risk assessments with subsequent risk analysis for AI startups, SAS technology companies, medical device companies, hospitals, and clinics.
- Developed information security management programs and executed risk assessments utilizing HITRUST, NIST 800-53, and ISO 27001/02 risk management frameworks.
- Developed and delivered presentations covering various information security and compliance-related topics to large and small groups, internally and externally.
Senior IT Analyst
Wipfli LLP
07.2016 - 07.2017
- Understood the technical and non-technical complexities involved with regulatory compliance to support the Wipfli internal IT department and the client-focused risk advisory team.
- Initiated and implemented organization-wide HIPAA Security Training.
- Analyzed IT controls related to various standards and security frameworks including SOC, HITRUST, HIPAA, COBIT, NIST, PCI, and ISO to develop crosswalks and inter-framework mappings.
- Developed customer roadmaps and corrective action plans to facilitate regulatory compliance within the context of each client’s unique risk environment.
Director of Information Systems
Healthcare Financial Solutions / (HFS) Consultants
02.2007 - 07.2016
- Created the companywide technology vision in alignment with the firm’s overall strategic growth initiatives and business objectives.
- Developed IT strategic and operational plans for all divisions, departments, and branch offices.
- Designed an Information Security Management Program (ISMP) to ensure the integrity and security of all information systems.
- Oversaw 20 technology-related staff, subcontractors, and supplier partners to ensure that IT operations effectively met internal and regulatory compliance standards.
- HIPAA Security Officer.
- Represented HFS for all security-related activities including security program governance, risk management, third-party vendor management, internal security audits, breach analysis and reporting, perimeter security, and transactional security.
- Developed staff education and security training programs.
- Facilitated business associate agreements (BAAs), and data use agreements (DUAs).
- Identified and deployed hardware and software solutions to facilitate HIPAA/HITECH compliance.
Education
Bachelors - Cognitive Science, Computer Science Emphasis
University of California, Berkeley
Skills
- Cybersecurity Program Development
- Governance Risk Compliance (GRC)
- Policy & Procedure Creation
- Marketing and Sales Support
- Team Development & Mentorship
- Audit and Regulatory Prowess
- HITRUST & SOC 2 Certifications
- NIST Cybersecurity & AI Frameworks
- PCI DSS & ISO 27001 Experience
- HIPAA, GDPR, Privacy Expertise
- Information technology Background
- AWS/Azure Infrastructure security
Certification
HITRUST Certified CSF Practitioner, #58332
Honors Awards Community Service
- 01/01/18, 1st Degree Black Belt, Wado International Karate-Do Federation
- 01/01/13, Commendation from the City of Oakland 'Mentorship of Bay Area Children'
- 07/01/17, Assistant Instructor, Senpai (Volunteer), Hercules Karate Dojo
- 05/01/12, Advisory Board Member, Spark National Youth Apprentice Program
Timeline
Director of Information Security / Compliance Officer
AKASA Inc.
10.2020 - Current
Senior Risk Advisory Consultant / HITRUST & SOC2 Auditor
Wipfli LLP
07.2017 - 04.2020
Senior IT Analyst
Wipfli LLP
07.2016 - 07.2017
Director of Information Systems
Healthcare Financial Solutions / (HFS) Consultants
02.2007 - 07.2016
Bachelors - Cognitive Science, Computer Science Emphasis
University of California, Berkeley
Similar Profiles
Chandan KumarChandan Kumar
Manager- Sales & Service- PAN INDIA (Lithium ,EV) at Akasa Clean Energy Pvt Limited (Akasa Finance)Manager- Sales & Service- PAN INDIA (Lithium ,EV) at Akasa Clean Energy Pvt Limited (Akasa Finance)
ABINASH TAMANGABINASH TAMANG
Cabin Crew at AKASA AIRCabin Crew at AKASA AIR
SANDY FERNANDESSANDY FERNANDES
Sr Customer Service Executive at Akasa Air Private LimitedSr Customer Service Executive at Akasa Air Private Limited
Jennifer RobertsJennifer Roberts
Associate Chief Marketing Officer at UCSF HealthAssociate Chief Marketing Officer at UCSF Health
BRITTNEY HIGHTMANBRITTNEY HIGHTMAN
Lead Behavior Assistant at SPG Therapy and EducationLead Behavior Assistant at SPG Therapy and Education