San Diego, California, United States
AI Optimist — Non Sine Periculo (Not Without Danger) I am a Senior Technical Leader and Applied AI Security Researcher securing modern AI/ML systems at a global enterprise scale. Combining a pragmatic approach to cybersecurity with 20+ years of SaaS experience, spanning IPOs and complex M&A integrations, I build resilient architectures that empower organizations to adopt AI with confidence. We are navigating a massive shift in enterprise software: the transition from passive "Systems of Record" to autonomous "Systems of Action." As platforms integrate Agentic AI to independently reason and execute workflows, the attack surface fundamentally changes. My mission is to ensure organizations transform operations on a foundation of rigorous security, trust, and resilience. As Vice President and Head of AI Security for SAP Supply Chain Management (SCM), and drawing on my experience at Palo Alto Networks, a global cybersecurity leader, I bridge AI innovation with enterprise security. Pioneering AI/ML security since 2018, I develop internal AI-SPM capabilities and hold patents for leveraging AI/ML in secure software development. I translate complex technical risks into actionable strategies for Boards and CISOs. Applying my Visibility, Understanding, and Traceability (VUT) mental model to AI governance, I ensure the deployment of Agentic AI remains secure, transparent, and cost-efficient. Beyond the enterprise, I advance the industry through applied research. I actively partner with a coalition of private, government, and academic researchers to push the boundaries of agentic AI security. Through my leadership at the OWASP Agentic Security Initiative (ASI) and global speaking engagements, I work to translate complex AI risks into actionable business strategies. I am dedicated to building, operating, and investing in autonomous systems that drive secure, scalable enterprise growth. ⭐️ Research & Citations https://scholar.google.com/citations?user=ADHRg6MAAAAJ&hl=en&oi=ao 🤗 HuggingFace Model https://huggingface.co/guerilla7/agentic-safety-gguf 🚀 GitHub Page https://github.com/guerilla7 🤖 OWASP Agentic Security Initiative https://genai.owasp.org/initiatives/agentic-security-initiative/ 🔐 CyberMoE: Exploring the capabilities of Mixture-of-Experts (MoE) Networks for Cybersecurity https://cybermoe.lovable.app/ 💹 COALESCE Agentic Protocol: Enable autonomous LLM agents to dynamically outsource tasks to specialized agents https://coaleasceagents.ai/
Vice President and Head of AI Security for SAP Supply Chain Management (SCM) organization reporting to the Business Information Security Officer (BISO). Responsibilities: - AI/ML Product Security Strategy & Innovation - AI/ML Security Design, Architecture & Engineering Strategy - AI Governance, partnering with Ethics, Legal, Data Protection & Privacy, and Compliance Teams. - AI Security Industry Thought Leadership and Collaborations (OWASP, NIST, SANS, etc.) - Applied AI/ML Research & Innovation for Cybersecurity (Experiments, Inventions, and Patents) - Provide AI/ML Training & Mentoring Opportunities to Product Security Architects, Engineers, and Developers.
Head of AI Security for SAP Intelligent Spend and Business Network (ISBN) Product Security Organization reporting to the Chief Product Security Officer. Responsibilities: - Chief Expert Product Security Architect - AI/ML Product Security Strategy & Innovation - AI/ML Security Design, Architecture & Engineering Strategy - AI Governance, partnering with Ethics, Legal, Data Protection & Privacy, and Compliance Teams. - AI Security Industry Thought Leadership and Collaborations (OWASP, NIST, SANS, etc.) - Applied AI/ML Research & Innovation for Cybersecurity (Experiments, Inventions, and Patents) - Provide AI/ML Training & Mentoring Opportunities to Product Security Architects, Engineers, and Developers.
Chief Security Architect for SAP Intelligent Spend and Business Network (ISBN) focusing on Artificial Intelligence and Machine Learning (AI/ML) Security. Responsibilities: - SaaS Product Security Architecture Strategy - AI/ML Product Security Strategy & Innovation - AI Governance, partnering with Ethics, Legal, Data Protection & Privacy, and Compliance Teams. - Security Research & Innovation (Experiments, Inventions, and Patents) - Provide AI/ML Training & Mentoring Opportunities to Product Security Architects, Engineers, and Developers.
Founding Co-lead for the Agentic Security Initiative (ASI) of the OWASP Gen AI Security Project. The Initiative explores the emerging security implications of agentic systems. In addition to the security risks posed by Classical AI (Pre-Generative AI) and Generative AI systems, such as those identified in the OWASP Top 10 for Large Language Model Applications, Agentic AI systems present unique security risks due to their Planning, Reflection, Refinement, Long-Term Memory Access, and Tool access capabilities. The group will focus on producing practical and actionable guidance to help developers and engineers secure Agentic AI implementation in the enterprise.
Senior Security Architect and Team Lead for the US Product Security Architecture Group responsible for defining security requirements, executing secure design reviews, and threat modeling of products under the Network Security (NGFW), Secure Access Service Edge (SASE), Cloud-Delivered Security Services (CDSS), Cloud Management Platform (CMP), Attack Surface Management (ASM), and Cyber Threat Intelligence product portfolio. Responsibilities: - Threat Modeling Service Co-Lead for Palo Alto Networks products and services. - Trusted Machine Learning (ML) Research Initiative Lead for secure design, development, deployment, and governance of ML Models. - Partner with cross-functional teams to deliver widely impactful security initiatives. - Mentor and guide fellow security architects on effectively facilitating, communicating, and executing impactful security initiatives.
Director of Application & Product Security responsible for SaaS Application Security Strategy, Design, Architecture, Innovation, and People Development. - Product Security Standards - Data Protection & Privacy Compliance Evaluation - Security in the SDLC (Tools, Techniques, Processes) - Threat Modeling & Penetration Testing - Security Training for Developers - Innovation (R&D, PoCs, MVP, Patents)
Lead Application Security Architect responsible for modernizing application security, adoption of Secure Software Development Lifecycle (SDLC), and managing application security engineers.
Principal Security Architect embedded in software design, development, and engineering for SAP Customer Experience (CX) - Sales Cloud and Sales Performance Management (SPM) SaaS Products. Responsibilities: - Product Security Strategy, Design & Architecture - Product Security Testing/Penetration Tests (Bug Bounty Programs, etc.) - Product Security Incident Response (PSIRT) - Product Data Security & Privacy Engineering (PII, GDPR) - Security Research and Innovation
I was Five9's first hire Security Engineer who progressed through the ranks. I reported to the CISO and later on to the VP of Cloud Ops leading the Global SaaS Platform Vulnerability Management Program, Product and Application Security, Cloud Legal & Compliance (PCI-DSS, HIPAA, FTC, CPNI, CALEA), and Cloud Security Research & Innovation (Cloud Security Alliance (CSA) Research Participation)