• Leading end-to-end security for Intel’s Tiber AI Cloud, a cloud platform providing customers access to the latest hardware, software and AI accelerators. https://cloud.intel.com• Defining a strategic plan for security and our team, mapping it to various frameworks and working towards SOC 2 compliance.• Leading over arching security architecture, working at all levels of the stack from data centers, SDN and networking, hardware bring up, hypervisors, storage and large scale Kubernetes deployments.

• Leading company-wide threat modeling and security architecture review program for all high-risk, software projects (embedded systems to cloud). Increased review clarity and developed a training program, resulting in a 5x increase in findings with a potential cost avoidance of $30M+ annually.• Spearheaded a year-long, cloud security transformation involving a virtual team across twelve organizations. Identified and prioritized 24 critical security gaps. Developed a comprehensive, two-year roadmap, gaining CISO and Sr VP of Product Security buy-in for the initiative.• Developed a company-wide, cloud security architecture guide focusing on AWS and Azure. Reduced architectural findings by 75% and accelerated time-to-market by providing clear guidance on security best practices, training, monitoring, DevOps, and resource optimization.• Created a hands-on, threat modeling training program with twelve instructors in seven geographic areas scaling security awareness across the company.• Collaborated with cloud-focused M&A teams to identify and address security integration challenges, leading to a new, M&A security governance approach, accelerating the integration process.• Contributed software and service expertise for: Corporate security exception approvals, M&A team, Security Training program, SDL Technical Review group, Security Tools group, Cloud Security Initiative working group, REST API Testing working group and Hardware Security Architecture Review forum.• Co-founded an enterprise-wide software penetration testing team. Provided initial technical leadership and mentorship to build a high-performing team that has grown to 40+ professionals.

• Joint led product development security for Intel's largest software business unit, at its peak overseeing security for over 7,000 engineers and 400 projects.• Transformed product security compliance by establishing an audit and metrics program, increasing security compliance from ~60% to nearly 100%.• Led and grew a high-performing security team of over 50+ Security Champions and Product Security Experts, expanding security expertise across the organization. Developed and executed a comprehensive training program to enhance team numbers and ensure consistent compliance and resource accessibility.• Served as primary escalation point for all PSIRTs, driving incident response, triage, and prioritization. Collaborated with teams to expedite issue resolution and improve incident response efficiency.• Led business unit’s efforts for three, high-impacting security events, coordinating teams, central security and PSIRT to mitigate risks and ensure business continuity.

• Technical leader on central team responsible for company’s Secure Development Lifecycle policies, design and requirements.• Championed a corporate initiative to define and provide guidance for SDL for Agile, DevOps/CD, and Cloud deployments.• Defined a secure development framework and InfoSec engagement process for fast-moving teams building cloud services. This process allowed five security architects to scale and review over eighty cloud products a year.• Provided security advice and consulting to numerous teams (Cloud, Endpoint, IoT, Network).• Wrote guides and documents for: IBM AppScan, REST API testing with Burp Suite, SDL in Agile Development, and co-authored XSS mitigation and architectural recommendations. The AppScan guide increased usage effectiveness 4.5x across the company, increased scan quality and findings before deployment, and resulted in multi-million dollar savings.• Pen tested and audited multiple products, correlating findings with weaknesses in secure development lifecycle implementation. Assisted teams in understanding implications and how to address issues.

Security Architect for AnyConnect and Identity Service Engine• Integrated SDL processes with Agile development cycle, conducted security investigations, architectural and design reviews, threat modeling, requirements analysis, security training, vulnerability testing, and incident response.• Developed security and architectural design for MDM, AWS services, guest access portals, device on-boarding, PKI, and other features.• Performed in depth analysis and hardened VPN communication protocols for both AnyConnect and ASA firewall.• Analyzed Software Defined Networking (SDN) architecture and security model, presented and patented architectural solutions that allow security fixes to be deployed in hours as opposed to months.• Designed and patented a zero-sign-on solution that seamlessly and securely integrates network identity into the single sign-on flow.• Co-inventor of the nvzFlow protocol.• Organizer, presenter, trainer, and served as master of ceremonies for the annual Cisco internal security conference (SecCon).• Investigated multiple side-channel and crypto attacks in OpenSSL, developed mitigations, and wrote internal white papers and presentations on the findings.

• Led multiple DoD research programs from proposal to successful customer demonstrations.• Discovered a class of vulnerabilities in software reconfigurable communication devices. Demonstrated security concerns and solutions to AFRL and NSA representatives, which led to the multi-billion dollar JTRS program being put on hold.• Developed a cryptographic emulator and rebuilt an embedded IP stack's implementation of IPSec.• Conducted multiple threat assessments leading to security requirements and architectural design choices.

Responsible for the company's point-of-sale identification service solution's software and database architecture and development.

Device drivers, embedded development, bourne shell scripting, mapping software