Leading an innovative team on a mission to launch Risk Management into the AI era. Evolving Enterprise and Product Security teams with full code to cloud coverage. Our AI-Continuous Threat Exposure Management solution ingests millions of threat signals across the deep and dark web - and leveraging our data fabric and AI Native stack we contextualizes real-time intelligence to your unique risk posture. #ShiftEverywhere that matters, with the premier CTEM (Continuous Threat Exposure Management) platform covering 200+ global threat actors and enriching your workflow with Exploit Intelligence, Vulnerability Intelligence, and Threat Intelligence.

Elected member of the Silicon Valley ISSA Board of Directors (www.sv-issa.org).The Information Systems Security Association (ISSA) is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications and peer interaction opportunities that enhance the knowledge, skill and professional growth of its members.Our chapter is the premiere Bay Area organization, comprised of over 250 Silicon Valley Information Security Staff, Consultants, Managers, Executives, and other business professionals. Our members come from Small Businesses and Fortune 100 companies. Our demographics are diverse, yet we share the common thread that we understand the criticality of Information Security as an enabler of today's key business objectives and the improvements that will come tomorrow.

▪ Host high engagement webinars with a 38 million audience reach across top industry partners such as Axios, SC Media, DarkReading, and The Register.▪ Secure dozens of UK/US media placements with a potential reach of hundreds of thousands of readers expanding the brands presence. ▪ Acting thought leader for the organization during public-facing engagements with the press, preparing and delivering technical analyses of critical security events as they emerge.▪ Successfully curated and delivered engaging and informative content that educated and inspired a global audience about the latest advancements in cybersecurity technology, and emerging threats - resulting in increased customer engagement and 7 figure pipeline growth.

▪ Role reports directly to Chief Security Officer▪ Acting thought leader for the organization to public facing entities, news outlets, and inquiries▪ Manage Global team of Product Security Engineers and Penetration Testers to coordinate risk analysis and vulnerability management across multiple complex technical product offerings.▪ Single point of contact to oversee all PSIRT areas for Organization, owning the Official responses to inquiries from public and internal stakeholders.▪ Function as a Subject Matter Expert on behalf of the Organization on Public Facing engagements with Press.▪ Prepare and deliver technical analyses of Critical Product Security Incidents to Executive Leadership and create and update internal process/procedures to leverage analysis and enable increased internal efficiency. ▪ Lead gap assessment of policies, procedures, and standards to increase the robustness and defense-in-depth across all product lines to support business SSDLC goals.▪ Build cross functional team with CSIRT to enhance perimeter security through DHS Cyber Hygiene Initiative.▪ Co-Sponsor and executor of information system security control assessments and audits aligned to NIST CSF; identify and outline system shortcomings and risks and spearhead the development and implementation of appropriate security solutions. ▪ Develop PSIRT playbook to build in measurable quality that can be tracked via KPIs.▪ Manage Product Security KPIs, metrics, and trends, present quarterly to executive leadership.

• Build and develop a dedicated Product Engineering Security team and integrate the core of the internal Threat Intelligence Team, PSOC, and PSIRT team. • Manage expanding attack surface, including private cloud, public cloud, and cloud native attack surface. • Initiate DevSecOps by Integrating security into CI/CD pipeline and all phases of the build Lifecycle (pre-commit/commit/acceptance/production/peer code review). • Coordinate FDA aligned Post-Market Cyber Vigilance risk analysis and vulnerability management across multiple complex technical product lines; collaborate with members of the cybersecurity team to bolster and maintain security. • Leverage interpersonal and communication skills to work effectively and cross-collaboratively with upstream/downstream colleagues across the company’s internal Business and Engineering teams. Work together to build and deliver secure solutions to ensure patient safety. • Execute routine information system security control assessments and audits; identify and outline system shortcomings and risks and spearhead the development and implementation of appropriate security solutions. • Prepare and deliver technical analyses and create and update internal documentation, leverage analysis to enable an increase in internal efficiency while maintaining security. • Manage multiple competing projects and timelines simultaneously while ensuring consistent on-time, under-budget project completion and surpassing all pressing business requirements. • Design and implement policies and procedures to increase the robustness and defense-in-depth across all product lines.

• Provide comprehensive on-going leadership and support for 10+ incoming analysts on necessary tradecraft skillset.• Execute critical risk assessments to discover incidents based on knowledge of adversary tradecraft, techniques, procedures (TTP's), review violations of computer security procedures and develop mitigation plans.• Utilize Splunk to efficiently extract threat indicators from multiple devices to enrich correlation of observed logs, guide proactive hunting efforts, and conduct security audits to identify vulnerabilities.• Leverage threat intelligence gathered through OSINT or TIPs, analyzing threat data and enriching with context to enable mitigating actions, and develop and implement crucial security concepts.• Hunt L3/L4 egress session traffic to identify C2 activity by stacking network metadata such as IPs, port numbers, JA3, and session length/duration and correlating against TIP for enrichment while conducting regular reviews and skilled maintenance of security.• Perform risk analyses to identify appropriate security countermeasures by investigating signature and behavioral detections to support mission of NASA's Security Operation Center, enhancing findings with OSINT correlation to support analysis.• Analyze encrypted network traffic at a high level and using HX ETDR solution to provide corresponding low-level contextual information to support investigations and monitor Distributed Denial of Service attacks against E-Root DNS.• Monitor use of data files and regulated access to protect secure information and develop plans to safeguard computer files against modification, destruction or disclosure.

• Monitored NASA agency reports and Security Operations Center systems to detect and prevent malicious activity.• Established and integrated numerous security-related policies and guidelines to analyze security events and quickly identified relevant incidents and threats.• Performed relevant incident data analysis, correlated with multiple sources for mitigation, and produced high-quality reports to efficiently disseminate information.• Earned recognition for providing process and procedure improvements in incident handling and response support for the agency and overall enhancing efficiency.• Guided customers and directed resources through intelligence-based response process while addressing security and business continuity concerns in a professional manner.• Conducted forensic analysis utilizing FireEyeHX to investigate potentially compromised appliances.• Scrutinized overall environment and developed thorough and comprehensive incident reports. • Collaborated with various levels of division management personnel to discuss quality and analysis.

• Led team to receive NASA Ames Contractor Award for Excellence by obtaining a record breaking 97% satisfaction rating and received an Acknowledgment of Excellence by the Chief of our Division in support of our mission.• Supported the recruitment, selection, training, and development of 6 skilled junior Cyber Risk Analysts while monitoring for top productivity and efficiency as the Root Level Linux Administrator. • Developed and tested system programs to enable more fluid user experience within the context of Federal Constraints. • Conducted in-depth system problem analysis, including initial analysis of system or network problems, and escalation to reboots of high-performance supercomputers, dumps, and kernel debugging.• Recommended improvements in security systems and procedures to improve efficiency and effectiveness of team members by overseeing metrics while constantly pushing for goal-oriented growth and tracking.• Served as leader for several initiatives including leading a customer-oriented team of Engineers and System Admins to deliver around the clock support of Pleiades for approximately 1500 Scientists and Researchers world-wide.• Researched complex technical issues and provided resolutions while consistently meeting deadlines and requirements for all projects.