I drove workforce identity strategy, vision, and product investments through the lens of user experience and how PNC can be more competitive within the financial services industry. This is through representing workforce user reality, driving executive buy in, and developing metrics to more effectively measure workforce identity friction, feature uptake, and effectively prioritize product development. Develop Zero Trust roadmap and feature set and helping communicate the end user journeys.Layout vision for future of identity for organization and move to adaptive authentication paired with passwordless.Write technical deployment & configuration plan for enabling device compliance, passwordless authentication methods, and enabling zero trust.Educate and layout plan for skilling up engineering teams on Microsoft ecosystem.

I was responsible for the user experience and policy engine for Microsoft Entra - Azure AD Conditional Access, a pivotal zero trust policy engine with over 400M MAU. My approach to product management was utilizing customer reality paired with hard data wherever possible. I would regularly leverage direct customer channels such as Customer Success, CxE, and other product groups to get direct information on customer pain points and pull out practical solutions that could be incoporated into our roadmap.I led several product focused customer advisories, crafted overall strategy for product investments, and assisted with marketing and analyst efforts across teams, as well as outreach and research (Sales, Marketing, Cross Product). I threaded the needle of practitioner experience within our team to really highlight the pain points within the product to help prioritize the roadmap and strategic product investments.I led an effort, design workshop, and hackathon team to reimagine the Conditional Access UX, with the plan to do a complete UX overhaul to alleviate the friction of implementing policies for organizations through the use of standardization and experimentation with ChatGPT/LLM to make the product easier to understand and utilize.

As an analyst I researched and covered existing and emerging technology trends across the industry. My coverage included Zero Trust, Network Analysis & Visibility, Network Security Controls, and Ransomware. The vantage point that I focused my research was on organizations being able to effectively protect themselves utilizing the tools at their disposal while enabling them to be competitive within their market by helping them adopt modern security architectures like Zero Trust. Hearing customer pain points across different sectors helped inform my research plan to target areas where organizations needed the most guidance and help. Guided Fortune 500 clients on various pieces of their security programs including education and implementation of Zero Trust Architecture, implementing different security controls, consolidation of technology stacks, process improvement, and best practices around security tooling. Helped launch new research service that is focused on offering prescriptive advice including reference architectures and the creation of new toolkits.Launched the first end user organization toolkit to help combat against ransomware (nominated for one of the top research awards): https://www.forrester.com/blogs/introducing-the-ransomware-survival-guide/ Led research on practical steps towards moving to a zero trust framework: https://www.intelligentcio.com/eu/wp-content/uploads/sites/20/2021/11/A-Practical-Gui de-To-A-Zero-Trust-Implementation-WP.pdf Advised technology vendors on what security practitioners are looking for through reviewing their roadmaps, messaging, technology, and other assets.

I was responsible for establishing a core security architecture team and grew it to 5 people. My focus was how security could enable a better user experience and give Prudential a competitive edge while maintaining compliance and increasing the security posture. I created and implemented several technology collaboration teams to break down walls between business, Prudential IT, and the Global Information Security Office.Prior to having a team, I lead the standardization and implementation of a new endpoint/cloud/network security strategy and deployment methodology covering over 50,000 employees across the Americas, Europe, and Asia.Identified significant overlap in security policy application (Group Policy), overlap in security tool functionality causing significant endpoint performance issues as well as security gaps (10 minute boot time to 2 minutes and device control, detection, and lack of security policy gaps), and opportunities to modernize and enforce realtime compliance with security policy (migrated from group policy to Intune, implemented configuration drift remediation utilizing configuration manager, and device compliance utilizing a combination of Intune & Conditional Access).Consolidated security stack down from 3 vendors to 1 while increasing visibility, remediation, detection, orchestration, and automation capabilities driving increased security posture on over 100,000 Windows, macOS, iOS, and Android devices through thorough review/update of policy and utilizing native security capabilities where possible.Architected & engineered Microsoft 365 E5 Security POC, design, and deployment defining requirements, configurations, testing strategy, and settings that were to be used across Microsoft ecosystem (Entra ID, Intune, Defender for Endpoint, Defender AV, as well as plan to migrate from existing products minimizing security gaps working closely with engineering teams.

At Covanta I had the opportunity to both modernize their endpoint management strategy, help start their security program from the ground up, while creating an effective pathway to migrating strategic systems to the cloud. I was a point person for strategic projects to see how we could utilize net new technology capabilities to competitively win large contracts with different states and municipalities. Implemented improvements to security program as it relates to policy creation, stronger policy enforcement, and other security initiatives. Implemented more stringent security and scanning policies and implemented broader security measures across client computing, server, and mobile computing environments.Point person for identifying new and emerging technologies, building out requirements, conducting pilots, and making recommendations for purchase. Mitigated Windows XP risk through deployment of 3rd party product to lockdown, segment, and secure access to workstations and plant/facility control systems.Deployed/Architected McAfee ePO environment to replace Forefront and Symantec for endpoint protection rolling out anti-malware and newly adopted HIPS capabilities. Maintained SCCM 2007/2012 environments through application packaging and deployment, secondary DP deployment, task sequence modification/creation, modified and created Windows 7/8.1/10 wim's and built into OSD, utilized Powershell deployment toolkit for newer package creation.Planned/Deployed/Migrated users to Office 365 & Box from an on-premises Exchange 2010 environment and on-prem file shares, deploying Office Click-to-Run, and developing/conducting training/internal marketing.Implemented mobility roadmap and standardized support for Apple, Android, and Windows Phone. Architected and deployed MDM (Airwatch) solution to manage all mobile device configurations, security, and support for BYOD. Added support for Apple DEP/VPP to supervise all corporate owned iOS devices.