Scott Schindler

Security executive and AI practitioner with over 30 years in IT, cybersecurity, and AI — with deep specialization in healthcare security. Served as CISO for multiple FQHC and community health networks, leading HIPAA compliance programs, vendor risk management, incident response, and security-awareness operations at organizations serving underserved patient populations. Holds a proven record building governance, risk, and compliance programs from the ground up — on nonprofit budgets, in high-stakes environments, without cutting corners on patient trust.

Brings an emerging and practical AI discipline to every engagement: trained in NIST AI RMF, EU AI Act Article 4, AI4K12, UNESCO AI Competency Frameworks, and the governance challenges of AI adoption in regulated industries. Currently building the world's largest free AI literacy curriculum (43 courses, 7 languages) and advising organizations on AI governance, risk, and responsible deployment. A veteran, educator, and practitioner — not a theorist.

Experience

• Information Security Officer & Director of AI

  Nov 2021 – Present

  Community Medical Centers, Inc.  ·  Contract  ·  Stockton, CA

  • Lead HIPAA compliance operations for a network of community health clinics serving uninsured and underserved patients.
  • Manage incident response, vendor risk assessments, staff security awareness, and policy lifecycle for a resource-constrained nonprofit healthcare environment.
  • Directing AI adoption strategy, evaluating AI governance risk against patient data obligations and HIPAA requirements.
  • Serve as organizational lead for AI literacy and responsible AI deployment — ensuring staff and leadership understand risk and regulatory exposure as AI tooling enters clinical workflows.

• Chief Information Security Officer

  Mar 2022 – Sep 2025

  LifeLong Medical Care  ·  Contract  ·  Oakland, CA

  • Served as CISO for a multi-site FQHC network providing primary, behavioral, and specialty care across Oakland, Berkeley, Richmond, and Albany.
  • Owned full HIPAA compliance program: risk analysis, security management, training, breach notification, and BAA governance.
  • Led medical device and connected-equipment security hardening across clinical environments with complex vendor ecosystems.
  • Built vendor risk review program and managed third-party security assessments against a nonprofit operating budget.
  • Developed and maintained security policies aligned to clinician workflows — keeping controls proportionate to realistic threat models without compromising PHI protection.
  • Designed and implemented a custom risk management framework integrating NIST CSF, NIST RMF, HIPAA Security Rule, and ISO 27001 controls into a unified operational model sized for nonprofit healthcare.

• Chief Security Officer / Interim Director of IT

  Apr 2023 – Aug 2023

  Asian Health Services  ·  Contract  ·  Oakland, CA

  • Served concurrently as CISO and Interim IT Director during an organizational transition period.
  • Led information security operations and IT governance for a multilingual primary care organization serving communities that face significant barriers to culturally-competent care.
  • Maintained HIPAA compliance posture and vendor oversight through organizational change with minimal disruption.

• Field CISO

  Jan 2023 – Apr 2023

  Inspira Enterprise  ·  Contract  ·  Southlake, TX

  • Served as practitioner-side CISO in the field, partnering with enterprise security leaders on program assessment, roadmap development, and architecture decisions.
  • Translated managed security service offerings into specific client environments — helping security leaders distinguish genuine need from vendor noise.
  • Brought outcome-based and risk-proportionate thinking into service design conversations internally.

• Adjunct Professor — Cybersecurity

  Jan 2022 – Mar 2023

  Collin College  ·  Part-time  ·  Frisco, TX

  • Authored and developed the Honors Cybersecurity Capstone program — a rigorous culminating curriculum integrating real-world security leadership, risk management, and practitioner judgment for advanced students.
  • Taught the Security Management capstone course to working-adult career changers and midcareer professionals leveling up into security leadership roles.
  • Covered risk management in business context, executive communication, security program design, and the judgment calls that no textbook covers.

• Managing Director, Managed Security Services

  Jul 2021 – Feb 2022

  Booz Allen Hamilton  ·  Full-time  ·  Dallas, TX

  • Built and led a managed security services practice targeting SMBs through cyber-insurance partner channels.
  • Designed the full service portfolio, established delivery operations, and onboarded insurance distribution partners across the United States.
  • Demonstrated the viability of the cyber-insurance + MSSP delivery model before Booz Allen exited the commercial MSS space in a strategic realignment.

• Founder / Believer

  Jan 2026 – Present

  Aesop AI Academy  ·  Full-time  ·  Colorado Springs, CO (Remote)

  • Architected and personally developed the full-stack web platform powering AESOP AI Academy — including the patent-pending AESOP Engine (App #64/018,565), a story-driven AI education delivery system, module generator, evaluation pipelines, and standards-alignment tooling.
  • Built and maintains 43 AI literacy courses across 7 languages, designed for learners from age 5 through senior executive — free, ad-free, and paywalled by nothing.
  • Mapped all curriculum to major standards frameworks: NIST AI RMF, EU AI Act Article 4, AI4K12, ISTE, UNESCO AI Competency Framework, and CSTA.
  • Engaged globally in AI governance research, policy alignment, military transition programs, and K–12 outreach.

• Founder & Developer — Govern AI Now (GAIN)

  Apr 2026 – Present

  GovernAINow.com  ·  Self-built  ·  Colorado Springs, CO (Remote)

  • Designed and built GAIN — a multi-tenant AI governance program platform that guides organizations through structured AI governance frameworks in isolated, secure workspaces.
  • Platform features: Framework Selection Worksheet, AI Use Case Intake, AI System Inventory, AI Impact Assessment (AIA) editor, Risk Register with scoring, member-based access control, and an append-only audit journal.
  • Built on Firebase (Firestore + Auth), plain HTML/ES modules — no build step, production-deployed to GovernAINow.com via CI/CD pipeline.
  • Implements role-based access (owner/admin/editor/viewer) with Firestore security rules protecting multi-tenant governance data.
  • Directly addresses the practical gap between AI governance frameworks (NIST AI RMF, EU AI Act) and organizational implementation — turning policy into operational workflow.