I assumed previous Sr. Director's responsibilities and expanded the scope of the team, we now have over 2000 internal customers including Engineering (Software and Hardware Development), Product, Marketing, Customer Support, Finance, Incubators, Acquisitions and Business leadership teams. We absorbed previous business continuity, Cyber Security Regulatory Compliance processes, The team now leads IT Security Engineering initiatives inside the division, and across all of Bayer, including securing Crypto Currency transactions, integrating Audit with IT, Risk Management and business continuity and large scale partner integrations including Microsoft (Ag Powered Services), Global Carbon initiatives (ForGround), and with acquisitions (Combyne). All of this work is cloud based, and we secured integrations across AWS, GCP and Azure, and across multiple DevOps tools including DataDog, New Relic, Github, GitLab, Heap.IO, etc. We also integrated Security Engineering into the Scale Agile Framework (SAFe) as part of the feature and epic workflows via automation and self-service.

As Sr Manager of Product Security Engineering for Bayer, in the Crop Science business unit for the Digital Farming Solutions (DFS) and Climate Corporation, my responsibilities involve directing the team responsible for the security of a $100M+ digital division, which works with farmers to collect data from farming and other activities, processing it and giving recommendations for farming processes. We drove DevSecOps in innovative ways across Engineering and other teams. This included our Science department which includes Data science doing massive scale Artificial Intelligence and Machine Learning (AI/ML, Generative AI) processing of data for predicative analysis. This meant meeting compliance requirements for (CIS, SOC2, ISO 27001, SOX, NIST 800.53, GDPR, CCPA, PCI, etc.) and unique compliance regimes directed by the US Department of Agriculture. These USDA requirements necessitated a unique Data Governance Regime, which we implemented across our engineering and science organizations via process and controls across all three clouds.

As a Principal Consultant:Led team to meet the strict Verified by Visa requirements.Led teams to Perform Software Testing, Penetration Testing, Security Assessments, Network Design, Physical Security Checks, Third Party Liabilities Testing.Created secure on-line database driven systems for book publishers, photographers, financial firms, IT support divisions.Developed Incident Response plans.Setup Monitoring system for Intel's Answer Express system.Worked with the USDOJ with training and investigation of computer related crimes. Have also been an expert on cases concerning computer related criminal activity.Taught Computer Forensics to The State of Louisiana Auditors, Delivered Training in partnership with FBI agents to the Oregon State Bar, Northwest Department of Defense (DoD) Counter Intelligence Group, the National State Auditors Association (NSAA), United State Air Force (USAF), Portland State University.Instructor for SANS, ISSA, Misti.

Manager of the Security Engineering team for Amazon's Elastic Computing (EC2). This includes security incidents and engineering work for EC2 and its customers (including Amazon as our biggest customer).

In Azure, I automated the reporting for Compliance (FedRamp, SOX, HIPPA, etc.) for security related requirements that were covered by the Secure Design Life-cycle (SDL) as well as redefining what the SDL procedures and processes meant to a service, developed in a highly agile environment, which very different than security for a shipped or box product.

I was a founding member of the IEB Security Assurance Team, which created Secure Development processes for all of the XBOX business unites, from hardware, to firmware, to OSes, to manufacturing, to partner business transactions to games and applications on all of the previous finally to the large scale service back-end (Xbox Live) that supported all of that, for the XBox 360 and XBOX ONE. The team supported the Interactive Entertainment Business (IEB) by transforming development processes, engaging in design reviews, threat model reviews, and prescribing the security tooling, and then reporting on the efforts. I spent most of my time focusing on services, personally doing over 100 reviews, but also automating the processes when possible and determining the specification for issues such as ingestion, cataloging, reporting and engagement. This became critical as IEB merged with Windows Phone and Windows to become OSG, which meant over 700 very different services were involved.

I work in the Windows Core Networking group. Specifically I work on the Window Filtering Platform (WFP) bridging the ecosystem of ISV (firewall vendors) with the devleopment process and IPsec.

I worked on the MSRC partner outreach and security ecosystem strategist team. My main focus is CERTs, Governments, and NGOs.