Leading the PSIRT function for Meraki products and services.

The IoT Security Initiative is an open-knowledge security project to advance the state and availability of forward-thinking security guidance for the OEMs, Service Providers, and Network Operators which are creating and operating IoT and M2M solutions - from devices out in the field, to the backend cloud and network services they are connected to.

Oversaw the product security management and S-SDLC support for the Building Automation & Controls, Industrial Cooling, and Hitachi subsidiary product segments, which supported multibillion-dollar revenue.Managed a global team of product Security Architects who supported product and engineering teams with security architecture and advisory support throughout all secure software and system development lifecycle phases. Grew product security management from 8 to 15 loosely, ad-hoc managed products and components with one legacy-supporting Security Architect to over 80 tracked products and components and 4 new global Security Architects in year 1.Provided support and managed input into the Supplier Security Review and Product Security Incident Response programs and processes related to the product scope.

Worked to ensure the company's mobile, M2M, and IoT products and services shipped with adequate and effective security in place. Helped establish security strategy and roadmaps around AT&T's Internet of Things initiatives. Responsible for the development and operation of a product security validation program for AT&T IoT and next-gen. Created the IoT device security validation and testing approach and program for AT&T's FirstNet business.Oversaw end-to-end vulnerability testing as a team lead; supporting all component layers; device to cloud. Responsible for establishing and developing embedded device security testing capabilities; tooling and training procurement; managing third-party professional service firm penetration testing projects - from scoping to the final report. Identified training needs, tools, and resources in support of advancing skills and capabilities of vulnerability/penetration testing team members.Worked with product teams to address security and privacy needs in mobile, M2M, and IoT offerings end-to-end; helped guide and develop security requirements for future solutions. Would ideate new security solutions in support of IoT products and services. Support product teams with establishing security tools and activities as part of the SDLC, and advise with remediation activities. Provided advisory support to senior leadership in the CSO, Legal, and IoT-Solutions orgs on technology threat, vulnerability, and risk to AT&T mobility and end-to-end IoT products and operations; conducted analysis on likelihood and impact; advised and recommend on the course of action, as well as mitigation and remediation of security vulnerabilities.Provided cybersecurity support to industry trade group IoT and Mobility security sub-team initiatives as an AT&T representative: CTIA, CTA, ioXt, GSMA, Auto-ISAC, NIST; and provide support to AT&T Legal, Regulatory Policy teams for mobile and IoT security in relation to industry efforts.