Provide strategic technical and corporate development advice regarding Quantum Knight's CLEAR cryptosystem to government and national critical infrastructure customers. CLEAR (Computational Layer for Encrypted Access Restriction) delivers unparalleled enterprise data security and authenticity to address growing Cyber, Quantum, and AI-related threats.

Shifting data talkers to data walkers...

Trava exists to protect small and midsize businesses from the potential damage of cyber threats. By integrating assessment, mitigation, and insurance into one, convenient cyber risk management platform, Trava enables business owners and IT professionals to operate secure, productive businesses without fear of interruption or loss caused by cyber incidents. Whether you run a business or provide support services to small and mid-market clients, Trava can help you manage cyber risk in a new—and better—way.

I am responsible for establishing and managing the overall global security GRC organization, at Salesforce in order to assure that a common well understood security policy is universally followed by the whole company; that an effective process for cataloging risk; managing and approving risks is implemented; and that a comprehensive highly automated program for ensuring that all of our systems and processes are compliant with our security controls is in place. Our team is the single source of accountability for the state of security at Salesforce.More specific accomplishments by GRC pillar include:Governance:- More than 70 specific security standards published with associated platform specific control implementation guidelines - Implementing MetricStream M7 Integrated GRC PlatformRisk Management:- Tier 1, Tier 2, and Tier 3 risk assessments and risk registers managed to tolerance or mitigation- Annual NIST CSF Maturity Assessments mapped to planning and investment strategy- Security Accountability Performance Matrix for Senior execsCompliance:- ~31 different security certifications audited multiple times per year (SOC2, ISO 2700x, HIPAA, PCI, HITRUST, FedRAMP, DOD IL4, CS Gold, C5, IRAP, ASIP Sante, NEN 7510, UK Cyber Essentials)- Compliance Mergers & Acquisitions function quickly assesses acquisition readiness to meet Salesforce standards for security certifications- Common control framework to maximize efficiency of control management & evidence gathering while minimizing burden on engineersGRC Integration & Enablement:- GRC Issues and Exceptions Management - Recognized as the single source of truth for all security related issues & exceptions within Salesforce, while driving accountability for resolution- Exceptions are documented with action plans and risk assessments approved and accepted by the appropriate level of management - Continuous security monitoring automates evidence gathering and anomaly detection of security controls

Responsible for trust and security for entire Marketing Cloud product life cycle from strategic planning, through product development, to product delivery and compliance assurance across 5 product lines/platforms. (>$1B revenue/>$6B investment) - Global Security Operations (FW, IDS/IPS, WAF, SIEM) - Detection & Response - Program Management - Compliance (SOC2, ISO, SOX, HiTrust) - Product Security - Risk Management - Security Engineering - Customer Facing Security Support (RFP, Pre-Sales, Post-Sales) - Security Assurance

Responsible for: - Product strategy, development, management, and delivery - Professional services organization - Internet of Things (IOT) Strategy, Framework, and Architecture - Trust, Compliance, and Security

Responsible for all aspects of security and reliability of over 22,000 global servers for a ~$1B business as well as: - Network Engineering- End User Computing- Deliverability- Privacy & Compliance

- Served as Task Force Officer on National Security and Criminal Cyber Squads - Filled role as lead Cyber Investigator on numerous financially-related and criminal cyber intrusion cases - Reverse engineered malware to identify sources and attack methodology

- Achieved ISO27001:2005 and 2013 certifications for SaaS Cloud environment - Developed and implemented NIST 800-37 based Risk Management Program - Developed and implemented business continuity & disaster recovery program

Developed the following programs: - Network Engineering - Information Security - CyberForensics - Purdue Malware Lab - Malware Reverse Engineering