Currently on a partial career break. Advising startups, including Astrix Security, Kumo.ai, WorldEx Lab, Pomerium, and Anzenna. I'm also exploring topics around cybersecurity ethics, artificial intelligence, impact of regulation and enforcement action on the practice of cybersecurity, and the ecosystems of cloud and open source security.

Leading the InfoSec, Security Engineering, and Reliability Engineering teams for Confluent's event-streaming platform and cloud products.Some highlights include:• Responsible for building the security program and controls to get Confluent ready for its June 2021 IPO, including leading internal and external response of a critical security incident just prior to the offering.• Engineering leader for the most impactful revenue and consumption-unlocking features in Confluent Cloud in 2022, including Role-Based Access Control, OAuth, and Audit Logs. The projects were challenging due to their horizontal nature and retrofit required for all existing Confluent Cloud features.• Owner of technical engineering diligence for Confluent's first post-IPO acquisition of Immerok in January 2023, jumpstarting Confluent's entry into the stream processing space with Apache Flink.• Built a comprehensive uplevel of Confluent Platform and Cloud security, including regular security patch releases for the on-prem product, and reducing attack surface, improving secrets management, change control, removal of standing access and introduction of just-in-time access, and supply chain security. • External face of security for Confluent's customers, providing assurance of Confluent's security practices as well as negotiating security terms in multiple-million USD contracts, including the first cloud ISV deal for a US government agency and several financial institutions.• Member of Confluent's executive team, with reports to the audit committee and board of directors.

At Google Nest, we are building the connected and helpful home, including smart displays, speakers, Chromecast, thermostats, wifi, and security & safety equipment. I'm responsible for security and privacy and committed to earning every user's trust in how we build our products and operate our services.

Attempting to thoughtfully embody the core principle of "Members First" at LinkedIn, I was responsible for leading our global teams responsible for member security (Trust & Safety) and information security (House Security). I was also part of the Information Risk Management Council and security leadership team of our parent company, Microsoft.I've built out our application, infrastructure, consulting, and operations security practices and evolved them to address a rapidly changing threat landscape and taking into account LinkedIn's incredible growth over that time period.Currently tackling exciting challenges around building trustworthy products where privacy and security is top of mind for our customers and members, while continuing to learn how to build great security teams.

Responsible for Matasano's security consulting practice in the Western and Midwestern regions. In 2012, the regional practice made up over 70% of Matasano's annual revenue.Sales highlights include achieving an average of 42% year-over-year growth for the region, tripling the number of high-value accounts with a 100% retention rate, and doubling the number of active accounts. Accomplished all of the above without any dedicated sales staff.Operations highlights include opening Matasano's Mountain View office, growing the consulting practice from three consultants in the region in 2009 to fifteen in 2013, and maintaining practice scheduling and customer resourcing.Execution highlights include discovery of hundreds of vulnerabilities in client applications and networks, including numerous show-stoppers. Authored Matasano's web application penetration testing and threat modeling methodologies, presented at Black Hat Briefings in 2012 on Ruby for Penetration Testers, reinvigorated internal knowledge sharing and training programs within Matasano, and acted as the primary application and network security advisor for a handful of clients engaged with Matasano.

Security researcher and internal consultant for ABN AMRO's Global Corporate Information Security Office.Specialization in penetration testing, application security, and electronic crime investigation and countermeasures.

Performed numerous consulting engagements for @stake/Symantec clients, including network and application penetration tests, product penetration tests, network design, application design and architecture assessments, operating system build reviews, operational policy and compliance assessments, and strategic security consulting.Development of new service offerings and the refinement of existing service offerings in Symantec's professional services portfolio.

See Symantec description above. Symantec acquired @stake in October 2004.

Managed a team of 18 system and network administrators, operators, and analysts, handling both administrative and technical management tasks.Responsible for evaluating and implementing security architecture for trading systems and networks, improving existing systems, and generating new business opportunities by deploying and architecting secure trading networks.

I performed technical consulting engagements for Securify'’s security practice. I also built Securify’'s internal security office for their managed service offering.

Responsible for the system design and architecture, security, and system administration for Peapod’s electronic commerce network, including consumer web servers, database servers, warehouse management systems, corporate IT systems, mail servers, and firewalls. Supervised two additional system administrators and architects.