(NYSE: BILL)

ForgeRock (NYSE: FORG) delivers modern and comprehensive identity and access management solutions for consumers, employees and things to simply and safely access the connected world. Joined the company pre-IPO.Member: Audit Committee.Acquired by Thoma Bravo (August 2023)

Acquired by Cisco (August 2023)

Acquired by Akamai (April 2023)

Acquired by Harness (January 2023)

Acquired by Delinea (January 2024)

Over the past decade SecureWorld has emerged as one of North America's most vital cybersecurity conference, providing globally relevant education, training and networking for cybersecurity professionals on a regional level. SecureWorld provides more content and facilitates more professional connections than any other event in the cybersecurity industry. Established in 2002, SecureWorld offers many different continuing professional education sessions over two days in 14 cities throughout the United States. The Bay Area Advisory Board is a critical compenent of the SecureWorld Conference.https://www.secureworldexpo.com/bay-area/advisory-board

As Senior Director of Security Operations & Strategy at Palo Alto Network, responsible for creation, coordination and execution of the security strategy at Palo Alto Networks. Creating the vision and leading a best-in-class Security Operations Center both in form and function. Responsible for all security education and awareness initiatives.Responsibilities for Security Operations function:- Creating an incident response, incident management, and threat intelligence function- Create the concept of attack and defend by forming a Red Team-Blue Team function- Design & manage an innovative and world class physical security operations center- Lead a penetration testing team- Drive improvements in Palo Alto Networks products by providing feedback from being a first model customer back into products- Partner with industry experts for breach responseResponsibilities for Strategy & Business Operations function:- Manage a information security budget- Run business operations for the security organization- Create project and program management function, ensuring delivery to budget and timelines- Recruit talent from senior leadership to deep technical experts- Chief of Staff and advisor to CISO-- Risk Management engagement to identify key risks in company and prioritize the risks to drive a Governance, Risk, Compliance strategyResponsibilities for Security Education & Awareness function:- Develop the security awareness strategy and roadmap including a full security education program and frequent communications- Run phishing awareness program by training employees through phishing simulations- Create a roadmap of key security education topics that align with key risks to the company- Security policy awareness and communications- Partner with HR to develop employee skillsets in security and uplift new hire orientation content in security

Leads enterprise-level initiatives specific to application security efforts and an advanced security strategy, understanding and deploying cloud security. Integrates security into mobile applications, designs threat modeling into all application development processes. Creates & implements an effective, sustainable, enterprise-wide SDLC process while staying on top of current & emerging cyber threats, and effective vulnerability management.• Leads the Product Security Team and Security Education Initiatives serving millions of customers worldwide.• Leads technical team of 15 both nationally and internationally, while leading across packaged, cloud and mobile secure software development.• Manages department budget of $5 Million.• Strategic lead on all Mergers and Acquisitions relating to security.• Security strategy includes: cloud based products, mobile applications, and designing security threat modeling.• Stays apprised of current and emerging cyber threats, and effective vulnerability management. • Sets overall security strategy, including; architecture and design consultations, threat modeling, training, presentations, holistic platform architecture and design. • Drives security initiatives, leverage experience and expertise to advise on risk exposure and mitigations. Lead incident handling, advise on and ensure proper risk and business need trade-offs. • Collaborate with legal on a number of initiatives, acquisition due diligence and drive and deliver large-scale strategic security priorities through experience and influence.

Information Security Officer for Intuit Health Group and Demandforce. Created and executed Business Unit (BU) specific security strategies aligned with BU requirements/priorities, security program and regulatory requirements. Contributed directly to developing and delivering security solutions for the BUs. Recognized as strategic, trusted partner that intelligently manages risk to delight customers, enable the business, provide innovative security solutions, and protect the Intuit brand. Viewed as the security expert across the organization and with external stakeholders. • Developed a strategic security roadmap for multiple BUs. • Lead information security risk assessments and management. • Coordinated the development and delivery of education and training programs on infosec and privacy matters.• Actively monitored new and emerging security and privacy related technologies, trends, issues and solutions and assessing their applicability to Intuit key business initiatives and business strategies. • Identification and implementation of initiatives based on roadmaps. • Strong cross-organizational, matrix management, and program management skills• Provide advice and consulting to executive management and BUs in the development, implementation, and administration of information security and privacy policies and procedures, the infosec infrastructure and on security and privacy related issues. • Managing risk to an acceptable level through shared vision with business leaders.• Lead information security risks assessments.

Responsible for the coordination of global security strategy, enabling more effective communication and understanding of security issues across eBay's global business units. Established security strategies for eBay’s 30+ adjacent businesses and conducting global businesses (China, India, Australia, Korea, Germany, England, ect.)• Defined and drove a security culture within and across eBay that enabled the agility and innovation critical for success. • Responsible for managing the GIS Communications & Training team, including the security awareness program, and all security trainings (annual awareness training, secure coding training). • Managed the PMO for the Global Information Security Team (responsible for eBay plus 30+ adjacent businesses around the globe). • Managed budget and resource allocation to ensure appropriate funding of the Global Information Security priorities and successful completion of the business plan. Oversaw the completion of 20 large projects across major business units (product development, information security, Information Technology, Finance, Marketing, etc.).

Responsible for security communications, awareness, training, and strategy for the eBay Marketplace, Corporate IT environments and approximately 30 adjacent businesses. • Collaborated with teams within and outside the Global Information Security team to provide effective communications and trainings. • Provided education to teams and help develop sustainable training programs. • Redesigned the Global Information Security website with collaboration from the Global Information Security team and help maintain the site. • Became an expert at using SharePoint for Communications and Training needs as well as for the Global Information Security team. • Drove customer facing education and communications and training efforts. Create and carry out customer service center information security training strategy.

Member of Global Information Security Policy, Awareness & Compliance team with responsibility for policy development, adoption, and compliance tracking for the eBay Marketplaces, corporate IT environments and approximately 30 adjacent businesses. Assessed current compliance and worked collaboratively with teams to influence policy compliance and adoption company-wide. • Worked with IT and business support teams to influence policy compliance and adoption across global organization. • Worked as a member of team to develop new policies and standards as appropriate and drive awareness across the organization. • Handled internal requests to review new technology projects for adherence to security policies and standards.• Provided consulting and education to mitigate risks and develop compliance strategies. • Designed and lead implementation of security tools to improve monitoring and compliance functions.• Assessed, remediation with compliance in the infrastructure and application environments (Unix/Windows OS, Firewalls, Routers/Switches, Databases, and security technologies such as IDS, IPS). • Drove implementation of security/ compliance tools (e.g. Vontu, Skybox, NetIQ, TripWire, and Archer). Created presentations and communications regarding difficult technical issues to non-technical audiences.• Delivered projects at a global level (South Korea, China, India, Germany, Netherlands, Canada, England, etc.).

Created, implement and document security policies, Acted as primary point of interface with Wal-Mart corporate IT security. Monitored current incidents and threats, ensuring that the enterprise remained protected. Evaluated new technologies and presented findings/recommendations to management. Drove vulnerability assessments, evaluated business and technical requirements, and communicated security risks to non-technical business owners.• Provided 24/7 on-call security operational support for the production Web environment, Patch Management, Password/Key Management, Certificate Management and resolved business/customer support issues. • Vital role in the areas of design, operation, implementation and maintenance of Wal-Mart’s Web properties, Security design and revised security plan to meet current business needs & compliance regulations. • Selected, prototyping and implementation of applications and technical solutions to business problems. • IT Audit & Compliance – PCI.

Performed activities associated with the security controls and monitoring of firewall configurations within the utility. Maintained documentation to support results of monitoring and follow-up activities for unauthorized modems. • Established controls/ policies and evaluated activities associated with network security. • Developed/Testing of various SOX controls. IT Audit & Compliance. • Technical writing of procedures and standards and other controls. IDS, Symantec ESM, Team lead for IA-CMM compliance. – Network Security, Security Management, Operations Security, Communications.

Duties include web designing, data analysis, generating queries and reports, import data into spreadsheets, Internet connectivity, and networking. Tested programs for security related bugs and input verification, related to failure analysis and prevention, life prediction and engineering analysis of structures and mechanical components. Created Java/C++/Visual Basic programs to test application components. Wrote test plans and test cases, regression testing. – Application and System Development, Network Security