Seasoned security practitioner with 13+ years of experience building foundational security programs within high-growth technology organizations. Proven track record of delivering innovative products and solutions that drive business success. Expertise in building and motivating high-performing security programs and teams.- Designed numerous bespoke security programs to meet the needs of a broad range of clients, including emerging technology and fintech organizations. - Devised and rapidly executed on security program strategies that provided immediate capacity in product security, incident response, and vulnerability disclosure. - Provided strategic advisory services including assessment of policy, process, and operations to yield improved organizational resilience for a broad range of clients. - Supported risk and compliance efforts across a variety of organizations in rapidly changing regulatory environments, and engaged in sales enablement activities that demonstrated robust security controls and practices.- Successfully launched several new service offerings to support organizations building security programs for the first time.- Delivered transformative security trainings focused on threat modeling, operational security, and education and awareness for at-risk organizations and teams.

I protect people from blockchains, and blockchains from people.

Security lead for a distributed, fault-tolerant, replicable state machine.... or in short, a blockchain.• Architected vulnerability coordination policy with a safe harbor for security researchers, and launched the first fully public bug bounty program in the blockchain industry.• Developed incident response program, and responded to an incident that coordinated the first-ever hard fork of a decentralized BFT network in less than 24 hours.• Created an ecosystem security maturity model for decentralized network operators, and launched the first-ever adversarial testnet program to measure security and operational maturity.• Implemented privacy-preserving corporate security controls that enabled partners to safely integrate with core development teams, code repositories, and infrastructure.• Owned security strategy and all security communications for Tendermint and CosmosSDK codebases, including security messaging for the launch of the Cosmos Network and its services.

Security program manager and security communications consultant for technology clients of all sizes.• Architected usability-focused policy, consumer product strategy, and security program strategy.• Created coordinated vulnerability disclosure policy, process and vulnerability rewards programs.• Identified security best practices and established controls to reduce security risks.• Changed negative perceptions of security teams by implementing relationship building engagement programs to foster trust among organizations and stakeholders.• Implemented awareness programs, developed curriculum and metrics, and delivered generaland role-based trainings for organizations of all sizes.• Prolific speaker and writer who delivered keynotes at major cybersecurity events on 4 continents.

Practice lead and subject matter expert at a high-stakes public affairs firm serving Fortune 500 clients. - Performed gap analysis on IT infrastructure, business operations and external web properties.
- Built security roadmap and translated complex security operations into actionable business objectives.
- Developed digital security education program strategy to drive adoption of cybersecurity habits and business processes for internal teams, external partners, and at-risk clients.
- Advised strategic communications, messaging and content for international cybersecurity summit designed to foster collaboration among private industry and government organizations.Speaking engagements included O’Reilly Security NYC, O’Reilly Security Amsterdam and RSA 2017.Named one of the Top 20 Women in Information Security by Cyberscoop.

Security advocate and product evangelist for a password manager for individuals, families, and teams.- Translated complex authentication, encryption and security concepts into simplified, jargon-free language and usable product UI/UX for enterprises and consumers using 1Password for Teams.
- Managed launch projects between security, product, marketing, development and documentation teams.
- Drove continuous improvement of security communications efforts through whitepapers, videos, website content, security trainings and delivering talks at speaking engagements.
- Developed security awareness presentations and practices for product adoption for external organizations-- Presented at industry, community and academic conferences including RSA Conference, Shmoocon, Passwords2015 Cambridge, Infosec Southwest 2016, PasswordsCon 2016, and TechSummit Amsterdam. -- Collaborated with CSO Online, OntheWire, Threatpost, the Daily Dot, Motherboard, Vice Broadly and Mashable as an expert on consumer security, consumer safety, and privacy issues.