I'm thrilled to lead our incredible team at PhishCloud, delivering real-time intelligence directly to users, streamlining phishing management, and reducing response times for IT and security teams worldwide. Along with our incident response and assessment services, we're committed to empowering organizations with the tools they need to stay ahead of evolving threats.

Lead efforts in IoT and industrial data security partnerships at Splunk. Responsible for consulting on all IoT security engagements with customers and partners. Drive technical partnerships in the IoT space. Consult on data analytics and machine learning projects. Conceptualize and develop new apps with partners.

Lead on efforts related to IoT and industrial data security at Splunk. Responsible for consulting on all IoT security engagements with customers and partners. Drive technical partnerships in the IoT space. Consult on data analytics and machine learning projects. Conceptualize and develop new apps for Splunk with a wide range of security use cases including hunting, data analytics and IoT.

Led product management decisions and design decisions for vulnerability management and industrial control systems products. Successfully led product teams in adding multiple new features and improvements including the addition of over 500 ICS signatures. Worked closely with clients in order to understand vulnerability management requirements and translate into product requests. Produced and published product updates and blog posts. Support pre and post sales teams in customer interaction.

Co-Founder of SpearPoint Security acquired by Cylance. Led technical delivery efforts for all projects in the western half of the United States. Manage direct reports for prevent and response services. Developed and delivered cutting edge ICS Security training courses for clients and conferences. Established the embedded and medical device security assessment practice at Cylance, bringing in over a million dollars in revenue in less than a year. Managed partnership relationships and contract negotiations for several high profile partnerships.

Perform red team security testing and consulting from an attackers perspective.

Co-Founded and led SpearPoint Security to a successful, high profile exit (covered by Reuters and several other media outlets). Led the technical design efforts for software used to identify vulnerable Industrial Control Systems (ICS) and embedded devices on enterprise networks. Led day to day efforts in marketing, client relationships, technical product design, sales, operations, and strategy.

Black Lodge Research is a non-profit organization focused on promoting and encourage technical, scientific, and artistic skills through individual projects, social collaboration, and education. We have a shop area that is open for working on projects and a class room for training and presentations.My role is to help run the space and provide leadership to the organizations management team.

Responsible for designing and implementing an enterprise vulnerability management program; Perform penetration testing to identify technical vulnerabilities in systems, applications, and networks using commercial and open source tools; Perform automated and manual web application assessments on applications written with JavaScript, JAVA, PHP, .NET, and other platforms; Perform technical risk assessments and evaluate enterprise applications, technical controls, and business processes for compliance with Corporate Policies & Standards, PCI, and CPNI; Manage quarterly PCI scanning activities including scan notifications, configurations, and reporting using Qualys and other scanning tools; Research and provide guidance on vulnerabilities identified within the corporate network to all levels of technical staff and management; Participate in incident response and security event management activities; Evaluate and test vendor solutions for security products.

Perform technical risk assessments and evaluate enterprise applications, technical controls, and business processes for compliance to Corporate Policies & Standards. Perform penetration testing to identify technical vulnerabilities in systems, applications, and networks; Recommend appropriate mitigation plans based on findings during risk assessments and penetration tests; Communicate vulnerabilities, mitigation plans, and overall risk posture of applications and environments to senior management; Perform security reviews of functional specifications, design specifications, and requirements catalogs when engaged by the System Development Lifecycle process; Evaluate technical compliance associated with regulatory requirements, including the Gramm-Leach Bliley Act (GLBA), PCI, and Sarbanes-Oxley Act (SOX); Lead efforts for security training for fellow staff members; Research new tools and techniques for penetration testing and share them with team members; Participate in developing new policies and standards within the organization to improve security posture.

Implement and update security related features for UNIX and Windows servers and workstations. Manage a tier III security support system queue for verifying proper authorization in a role based environment. Audit existing and evaluate requests for new firewall rules in a large corporate environment. Create proper documentation and procedures for security related systems to comply with PCI requirements. Participate in PCI process approval teams for security solutions products. Research and evaluate solutions for security compliance tools and make recommendations for security solutions. Evaluate and create operating system hardening procedures for UNIX and Windows systems. Write shell scripts for improving user management and security processes for UNIX servers. Participate in other security related roles as required.

Responsible for ensuring minimal downtime of a multi system environment in support of US Air Defense; Setup and manage encrypted communications circuits in support of Homeland Defense programs; Manage encrypted telephones, and secure internal communications devices; Perform network audits for existing infrastructure, and assist in designing future upgrades; Designed and implemented Microsoft Access databases for configuration management, network auditing, and network management; Setup, maintain, and monitor SNMP (SNMPc, CiscoWorks, and HP OpenView) systems for security related, and other critical events