I am a Cyber Operations-focused, Service and Culture Strategist with technical chops.
I lead, unite, and redeploy exceptional Security Operations teams and programs.
My transformative spin on SAFe Agile, GTD, and rugged DevSecOps - called The Framework - has been utilized to right-size, rework, and refresh global cybersecurity deployments since 2015.
I am well-versed in threat and compliance frameworks as well as effective hiring.
I can gamify, integrate, and automate cyber services for on-prem, remote, and vendor teams.
I have extensive expertise in GRC, AppSec, CloudSec, ITSM, and risk frameworks.
A summary of my professional experience:
- I have 13 years of Security Operations Center creation and leadership experience, including 8 years as a Service lead and culture-transformation agent for Enterprise SOC and Cyber Detection & Incident Response teams.
- I have overseen multiple successful cloud transitions - including Google Cloud and Microsoft Azure - And, Iβve served as lead for ZeroTrust, Insider Threat, Vulnerability/Remediation rollouts, and engineering-focused SOC teams in some of the worldβs largest SIEM, SOAR, and Fusion SOC environments.
- My approach grows managers and leaders. Iβve provided 16 years of cyber-focused Project management, Agile team-building, and Relationship Management experience for high-profile clients, federal entities, and in Fortune 500 environments.
- My clients and bosses have relied on me for 9 years of leadership, whether forming or rehabilitating powerhouse teams throughout SecOps domains including:
Threat Intel & Detection,
Triage & Escalation,
Digital Forensics & Incident Response,
Log Analysis & Normalization,
Platform Engineering,
Application & Network Security,
Insider Threat, Insider Services,
GRC, Cyber Audit Response, and Cyber Analytics teams, as well.
Iβve helped to establish multiple global Fusion Centers.
My teams excel in both action and ownership.
- In a previous life, I spent 8 years as an IT consultant for SMB, Enterprise, FinTech, and beltway clientele. I learned how to build team resiliency and powerhouse roadmaps in chaotic, high-growth environments. I formed a vSOC for several of them in 2015.
- Iβve put together coursework on threat frameworks like Mitre Att&Ck and CKC, as well as STRIDE. I have taken lead on gap and audit assessments for PCI DSS, NIST 800-53, ISO 27001, and many others.
Iβm comfortable in the briefing room, or serving as incident commander. I know how to clear the weeds. I most enjoy building confident pilots and running the airline.
I am adept at bringing out the best in team members of all experience levels.
CAREER IN A NUTSHELL:
50% Advisory Roles
50% FTE Roles
100% Unified Teams
Roles Over Time
2014 β Present
Cyber Security Team Building, Program Overhauls,
Breach Remediation Consulting, ZeroTrust Rollouts
2014 β 2021
Manager of 24x7 SOC, SIEM, Threat Detection & SOAR teams for global FinTech
2010 β 2014
CyberThreat Intelligence Program Director
2005 β 2009
Small Business Project Manager / Division Lead
2000 β 2008
Multi-Site SysAdmin