Irvine, California, United States
Having launched my technology career in the trenches as a software programmer & hardware technician, I have a deep appreciation for the technical aspects of my work as a senior executive in information security. With a passion for enabling growth and innovation, I protect the digital and physical assets of complex global organizations such as THE COCA-COLA COMPANY, FISERV, OPTIV, PNNL (Department of Energy and Department of Homeland Security), and WESTERN DIGITAL. I have earned recognition within the industry as a visionary leader in InfoSec and have been featured as a speaker/presenter at various conferences and events, such as ISACA and ComplianceOnline. EXPERTISE AREAS ๐ฏ Cloud Security ๐ฏ Computer Forensics ๐ฏ Cyber Security (Cybersecurity) ๐ฏ IT Regulatory Compliance ๐ฏ Technology Rationalization ๐ฏ Risk Management ๐ฏ Vendor Management ๐ฏ Business Development & Growth Strategy I have managed budgets of up to $60M and cross-functional teams of 75+ (including offshore & onshore resources) providing technology services across 100+ countries. Throughout my career, my teams and I have protected over 250K endpoints within corporate environments. LEADERSHIP COMPETENCIES Strategic Planning | IT Governance | Stakeholder Engagement | Policy Development | Process Improvement | Key Performance Indicators (KPI) | Key Risk Indicators (KRI) | Budgeting | Cost Containment | Vendor Management | Negotiation | ROI Evaluation & Optimization | Cross-Functional Team Leadership (Offshoring, Nearshoring) | DevOps Security Architecture | Strategic Advisor to Executive Team | SPANISH Language Fluency PROFICIENCIES Cloud Security (AWS, Azure, Google) | Data Lake (Hadoop, Greenplum) | Containers (Kubernetes, Jenkins, Docker) | Digital Investigations | eDiscovery | Incident/Breach Response | Threat Analysis | Data Privacy | Business Continuity Planning & Disaster Recovery (BCP/DR) | Data Loss Prevention (DLP) | Insider Threat Prevention | Risk Profiling | Cyber Hunting | Ransomware | Malware | Penetration Testing | Vulnerability Management | Compliance: PCI-DSS, PA-DSS, HIPAA | Frameworks: ISO 17799, 27001, 27002, COBIT, ITIL, Mitre ATT&CK, NIST CSF
Timeless Learning, Inc. is a nonprofit dedicated to helping young learners discover their potential and shape the future. Through the S.T.E.A.M. Race to Space Reading Challenge, the organization blends literacy with science, technology, engineering, art, and math to create hands-on, inspiring learning experiences, especially for students with limited access to enrichment opportunities.
Serve as a strategic advisor to the leadership team, bringing deep enterprise insight to align product strategy with real-world security demands. In this role, guidance is provided on emerging shifts in the threat landscape to define the critical security capabilities required for enterprise resilience, alongside advising on evolving trends in human risk management, workforce security behavior, and corporate defense. By educating the team on the inner workings, daily routines, and distinct operational environments of both Security Operations and Security Engineering teams, this role clarifies unique daily challenges and unmet needs to drive the overarching strategy required to support this target audience. Ultimately, this foundational insight feeds directly into product roadmap collaboration, ensuring strategic direction addresses the highest-priority pain points for modern information security leaders.
Leading the global cybersecurity strategy at Sandisk entails safeguarding enterprise infrastructure, critical intellectual property, and advanced data storage technologies across the entire organizational footprint. Managing risk in a sophisticated threat landscape requires building resilient, proactive architectures that align technical defenses with overarching corporate objectives. Daily focus centers on driving the implementation of advanced threat detection, robust identity management, and secure inline traffic monitoring to ensure operational continuity. By cultivating an organizational culture of risk awareness and integrating secure practices seamlessly into business operations, the objective is to transform cybersecurity from a defensive necessity into a strategic enabler of innovation, corporate resilience, and global trust.
Lead cybersecurity strategy to protect over 135 manufacturing facilities in over 18 countries. Engage with senior executives and Board of Directors to align security initiatives with organizational goals and manage risks. Implement security controls, oversee incident response, and ensure regulatory compliance. Partner with Operational Technology (OT) teams to foster security awareness, support continuous improvement, and defend against cyber threats. โ Spearheaded the Artificial Intelligence (AI) committee. Led senior management and technical experts to manage AI risks and identify opportunities to enhance business objectives. โ Presented cybersecurity strategy to full Board of Directors quarterly. Addressed cybersecurity threats, industry trends, and information security risks. โ Optimized the Enterprise Risk Management (ERM) program. Redesigned the strategy to save over 2000 hours, simplifying risk categories, quantifying risks against business objectives, and documenting risk tolerances. โ Founded Business Continuity and Disaster Recovery program. Conducted business impact analysis (BIA), architected backup strategy based on RTO / RTO requirements, and promoted adoption and execution through training and awareness. โ Championed the adoption of the Purdue Model. Educated engineers and technical experts on its benefits, engaging in architectural design sessions, and driving its integration into network strategies. โ Integrated technology with industrial manufacturing. Engineered innovative technological solutions at the cell, machine, and device level. โ Established a 24/7 global Security Operations Center. Partnered with Managed Security Services Provider (MSSP) to deliver threat intelligence, monitoring, and 24/7 cybersecurity incident response. โ Acted as CIO for Aerospace business unit. Oversaw comprehensive IT responsibilities including project management, technology simplification, budget planning, and resource management.