Rocklin, California, United States
A seasoned leader with over 28 years in IT security and infrastructure, my career has been dedicated to safeguarding information for millions and managing assets worth billions. My expertise spans cybersecurity, digital identity verification, and risk management, developed through roles as CISO at the CA Employment Development Department and within the CA Department of Justice. Currently, I am delving into the intersection of Artificial Intelligence, including RAG, chatbots, LLMs, and other emerging technologies, with a focus on enhancing privacy and data protection. This new venture aligns with my passion for leveraging cutting-edge technology to secure sensitive information, prevent fraud, and boost operational efficiencies. My aim is to pioneer AI solutions that uphold the highest standards of privacy, integrating my extensive background in cybersecurity with innovative AI applications to offer strategic consulting services.
As the CISO for the CA EDD, I led transformative cybersecurity initiatives, significantly enhancing the department's resilience against cyber threats and ensuring the secure handling of sensitive data for millions of Californians. My tenure was marked by the successful overhaul of legacy systems, the introduction of cutting-edge technology solutions, and the establishment of robust cybersecurity frameworks that have set new benchmarks for public sector cybersecurity excellence. Key Achievements: Identity Proofing Transformation: Revolutionized EDD's identity proofing process, integrating advanced technologies to combat cyber and identity fraud. This initiative protected millions of claimants and saved the department billions in potential fraud losses. Cybersecurity Reorganization: Spearheaded a comprehensive reorganization of EDD's cybersecurity operations, including a $20 million Budget Change Proposal that added 29 staff positions and significantly upgraded our security tools and capabilities. Data Privacy and Revenue Generation: Directed the Privacy Office, managing hundreds of data sharing agreements with various entities. These efforts not only ensured data privacy compliance but also generated millions annually for EDD. Leadership and Management: Oversaw diverse teams, guiding activities across policy development, risk management, audit compliance, privacy, and more. My leadership ensured that our cybersecurity practices met and exceeded industry standards. Compliance and Policy Development: Established IT policies and standards audited and deemed compliant with NIST 800-53, CA SAM 5300, IRS Publication 1075, Cal-Secure, among others, showcasing our commitment to adhering to stringent security controls. Backup Agency Information Security Officer: Acted as the AISO for the California Labor and Workforce Development Agency, ensuring security compliance across seven departments, reflecting my ability to manage wide-ranging cybersecurity mandates.
As the Information Security Officer at the DOJ, I've led key initiatives improving public safety, data integrity, and privacy. My expertise spans legislative projects, public safety protocols, and criminal justice information security, emphasizing strategic leadership and technological innovation. Key Projects: AB 953 Implementation: Spearheaded the AB 953 project, introducing a comprehensive data management system with federated identity verification, setting new standards for data privacy in public sectors. Megan's Law: Directed the Megan's Law public information system rollout, balancing public safety with privacy rights, and establishing best practices for sensitive information management. CURES Project: Managed the CURES system's security, collaborating with healthcare entities to ensure secure data access, crucial for protecting health data against cyber threats and ensuring compliance with privacy laws. Criminal Justice Information Security: Influenced criminal justice security policies as part of the CLETS Advisory Committee and the FBI CJIS working group, ensuring secure data exchange across California's law enforcement network. Achievements: Policy Development: Instrumental in updating CJIS Security Policies, reflecting law enforcement's evolving technological needs. Security Expertise: Led the adoption of encryption, access control, and advanced identity management solutions, establishing security benchmarks in the public sector. Stakeholder Engagement: Fostered strong relationships across law enforcement, healthcare, and technology sectors, ensuring the success of projects like AB 953, Megan's Law, and CURES. Innovative Leadership: Demonstrated in digital forensics and strategic security planning, navigating complex challenges to advance data security. My contributions have not only addressed current security and privacy challenges but also laid the groundwork for future-proof, technology-driven solutions in the public sector.
As the Manager of the Office of Digital Innovation within the pioneering California Cyber Crime Center (C4), I led a dynamic team of computer forensics specialists dedicated to advancing the state's capabilities in digital forensics and cyber security. My tenure was marked by significant achievements in the development and implementation of cutting-edge forensic methodologies, directly contributing to California's robust response to cybercrime and digital exploitation. Key Responsibilities and Achievements: Forensic Innovation: Spearheaded the creation of new forensic processes for analyzing cloud data, IoT devices, and gaming systems, keeping pace with the rapid evolution of technology and cybercrime tactics. Team Leadership: Managed a team of highly skilled computer forensics specialists, fostering an environment of continuous learning and innovation. Together, we pushed the boundaries of traditional digital forensics to address emerging technological challenges. Cross-Departmental Collaboration: Played a crucial role in integrating the efforts of the eCrime unit, Network Information Security Section (NISS), and the Digital Evidence Unit under the C4 umbrella. This collaboration enhanced our collective capacity to combat large-scale identity theft, hacking, and cyber exploitation. Training and Development: Contributed to the education of law enforcement personnel through foundational classes on forensic training, significantly enhancing statewide capabilities in digital evidence handling and analysis. Cyber Accelerator Initiative: Led the Cyber Accelerator program, culminating in the Cyber Response Vehicle (CRV) creation. This mobile lab advances on-site investigation and evidence analysis. Under my leadership, the Office of Digital Innovation has set new standards for digital forensic science, significantly impacting the state's approach to cybercrime investigation and prevention.
As the lead for CA DOJ’s network engineering, I directed the strategic overhaul of our network infrastructure, essential for supporting public safety efforts across Federal, State, and Local Law Enforcement. My era marked significant network advancements, transitioning to high-efficiency digital solutions. Key Contributions: Advanced Network Architecture: Developed a robust network with state-of-the-art firewalls and intrusion systems, boosting our cyber defense and securing vital law enforcement data. MPLS Infrastructure Overhaul: Replaced the outdated ATM network with modern MPLS infrastructure, enhancing communication for over 750 law enforcement agencies, attorney general offices, and Federal public safety entities. Multi-Tenant Data Center: Created a multi-tenant data center using self-managed MPLS, improving our data management capabilities, and offering scalable, secure services to public safety stakeholders. Modernization of Legacy Systems: Transitioned from Mainframe to virtual servers and cloud solutions, making our network more agile and cost-effective, and supporting innovative law enforcement applications. Cross-Agency Collaboration: Ensured our network met the varied needs of Federal, State, and Local agencies, maintaining high security and performance standards. Impact: My leadership has revolutionized CA DOJ's network, making it more resilient and adaptable for public safety. My innovative approach has significantly advanced law enforcement communications in California, laying the foundation for future public safety technology innovations.
Manage 12 Tech Controllers that engineered and managed all communications coming in and leaving the military site. This included SATCOM, encryption, WAN/LAN, Microwave, fiber optic, phone PBX, line of site laser, and other technologies.
Network Engineer and IT Security consultant. Providing Professional Services and Staff augmentation to end customers. Campus network/ WAN design and implementation using Cisco and Juniper products. Boarder security implementations with Firewalls and IDS.