San Jose, California, United States
I entered the cyber security field, not as a result of a traditional path, but because one of my first mentors saw the potential in my interpersonal skills and core values. I’m the leader I am today because of my life experiences, exceptional mentors, and desire to succeed. Early Career After joining the Air Force as a teenager, I was an exceptionally hard worker with a drive to turn any challenge into a win. However, the transition to a civilian career wasn’t easy. A pivotal moment in my life was receiving an offer to gain experience as a junior network administrator. Since that opportunity, I’ve remained passionate about helping organizations achieve strategic goals through effective IT and security solutions. I’m also energized by providing career advancement opportunities to others. Executive Leadership I’ve consistently delivered strategic results surrounding large-scale initiatives, leading to rapid promotions. Most recently, I was the CISO for BreachQuest, a digital forensics and incident response cyber-security firm, where I was a virtual CSO and incident commander resolving complex security threats for clients. Known as a person who gets things done, I leverage resources and relationships to find solutions to security challenges. As a strategic business partner, I make an impact by mitigating risk, while supporting business needs. Leadership Philosophy I build highly-engaged and diverse global teams, optimize processes, and expand organizational capabilities. I’m a dedicated mentor and inspire teams to respectfully challenge the status quo. Select Accomplishments ✔ Grew BreachQuest’s revenue by $3.5M+ by leading successful rapid response and resolution of attacks, building trust with client executives and creating roadmaps for heightened security plans. ✔ Established StoneX’s first cyber security program, now implemented in 60+ countries. ✔ Introduced cyber security best practices, positioning the organization for strategic growth. ✔ Built, restructured, and grew multiple high-performing teams. ✔ Implemented next generation endpoint detection and response platform across 10+ data centers and multiple cloud environments with no negative business impact. ✔ Met or exceeded compliance standards and successfully completed external audits, paving the way for profitable business relationships. Active SECRET Security Clearance Expertise: Executive Leadership | Cyber Security | Identity Management | M&A |Vulnerability Management | IT Governance | Incident Management | Compliance & Risk Assessment | Strategic Planning | Teambuilding
➤ ORGANIZATION: IANS, founded in June 2001 as the Institute for Applied Network Security, is inspired by the Harvard Business School experience of interactive discussions driving collective insights. IANS adapted this format to fit the needs of information security professionals, and focuses exclusively on the fields of information security, regulatory compliance, and IT risk management. IANS’ mission is to deliver technical and business insights that assist its clients in solving their most pressing problems. IANS serves its clients through a unique ‘bottom-up’ research methodology. The combination of world-class Faculty and a closed community of end users drives IANS’ insights, curriculum, and dialogues. IANS’ offerings include the Enterprise Client annual research membership, eight regionally held Information Security Forums, peer-based roundtable discussions, and a custom collection of advisory services for security professionals and security solution providers. For more information, visit www.iansresearch.com ➤ ROLE: I deliver on-demand security expertise across various information security domains to clients in the healthcare, financial services, software, legal and other industries. I coach CISO's, Security Directors, and other security professionals on how to best implement security products, and how to avoid pitfalls while doing so.
➤ ORGANIZATION: BreachQuest is a digital forensics and incident response cyber-security start-up serving clients in technology, retail, financial, healthcare and other sectors. ➤ ROLE: I was recruited by Jake Williams, the founder and CTO, to build BreachQuest’s internal security system, serve as a virtual CSO (vCSO) and incident commander for clients, and elevate the corporate reputation. I served as the primary point of contact for client and stakeholder communication during attacks, identified security gaps in control frameworks and balanced stakeholder needs in post-incident reviews and reports. ➤ SELECT RESULTS: ✔ Grew revenue by $3.5M+ by navigating successful rapid responses and resolution of attacks. ✔ Established trust with client executives and earned referrals from leading cybersecurity law firm. ✔ Built cybersecurity roadmap for client, resulting in incremental contract expansion of $1.2M. ✔ Handled incident response for multi-billion-dollar retail financial services company, 2nd largest in Asia-Pacific. Identified and remediated security event by installing security operations center, engineering services and enterprise detection, drawing $3.5M in revenue – BreachQuest’s largest to date. ✔ Partnered with C-suite of multi-site medical software and services provider to mitigate ransomware attack. Managed attacker negotiations and communications and directed digital forensic responses. Transitioned into preventative virtual CSO client and performed cybersecurity assessment locating ~10 control gaps. ✔ Built internal security program that withstood external scrutiny, including achieving SOC2 compliance. ➤ EXPERTISE: Large-scale Incident Response | Stakeholder Communication | Negotiation | Cloud, Hybrid & On-Prem Systems | Continuous Process Evolution | Escalation Resolution | Post-Incident Reports | Risk Evaluation | Security Roadmaps | Training