Dallas-Fort Worth Metroplex
I am a cybersecurity professional specializing in GenAI and Agentic AI Security, with a strong foundation in GRC. I focus on securing AI systems and architecture, mitigating emerging AI threats, and aligning technology with frameworks like NIST AI RMF and ISO 42001. My goal is to help organizations deploy secure and responsible AI applications, combining technical security practices with practical, risk-driven guidance. On a lighter note, I love creating things with my own hands - whether it’s cooking intricate dishes, pouring latte art, baking sourdough bread, or woodworking.
Securing AI
- Maintained the governance process for over 50 Company Policies to ensure conformance with industry cybersecurity and legal standards, leveraging frameworks such as the NIST CSF, NIST SP 800-53, and ISO 27001. - Led 200+ Third-Party Risk Management (TPRM) assessments covering suppliers, vendors, and AI tools/models, proactively identifying and mitigating risks to critical infrastructure, proprietary data, and Customer data. - Implemented and architected security controls around AI agents and tools, applying a Zero Trust Architecture and Responsible AI framework. - Drove $100M+ ARR by completing 250+ Vendor Security Questionnaires, demonstrating Semperis’ security posture, cybersecurity controls, and compliance with laws and regulations such as GDPR, CCPA, etc. - Built and maintained Semperis’ Trust Center, hosting key artifacts such as Policies, compliance certificates and attestations, Penetration Test reports, and security assessment questionnaires such as SIG, CAIQ, HECVAT, etc. - Developed and maintained a centralized Risk Register, collaborating with relevant stakeholders to track risk remediation and mitigation across systems, applications, products, and AI models/applications. - Executed regular enterprise-wide cybersecurity training and phishing campaigns for employees and vendors, driving improvement in security and AI awareness and reducing susceptibility to social engineering attacks.
- Responded to Vendor Security Questionnaires, demonstrating Semperis’ security posture, cybersecurity controls, and compliance. - Performed research into Third Party, Vendor, and Supply Chain Risk as part of creating a TPRM Policy. - Conducted Risk Assessments, Controls Self-Assessments, and tracked compliance of Semperis and its vendors.
- Designed and built an interactive web application, according to client specifications, that automated workflows and streamlined communication with target customers, incorporating API integrations with external systems. - Directed a cross-functional team consisting of front-end and back-end developers, coordinating tasks, setting deadlines, and ensuring on-time delivery of key project milestones. - Engineered a real-time NoSQL database solution using Python (Flask) and Firebase, enabling instant updates to user and group data and improving application responsiveness.