Executive security leader for financial services, healthcare, fintech, and critical infrastructure. I build security organizations that turn technical risk into measurable business outcomes, and embed protection into platforms before they ship rather than after.
Cyber-physical convergence and security for operational environments, with protection engineered into platforms upstream of deployment.
AWS, Azure, GCP, Kubernetes, secure SDLC, DevSecOps, CI/CD security, and AI security governance for enterprise adoption.
Detection engineering, SIEM, SOAR, incident response, threat intelligence, and vulnerability management at large scale.
Encryption, DLP, data activity monitoring, identity, and vendor and supply-chain risk across regulated environments.
Board and executive reporting, audit readiness, and regulatory alignment across FINRA, PCI-DSS, SOC 2, HIPAA, NIST, and ISO 27001.
Standing up security functions from zero, scaling leadership teams, and running security due diligence through acquisition.
I learned security on a particle accelerator. At 17, I was accepted into an internship at a national physics lab expecting to work alongside physicists, since I wanted to be an astrophysicist at the time. Instead I was paired with the head of network engineering. There was no separate "security" job in those days; if you ran the network for the accelerators, you secured them too.
The stakes were physical, not just digital. The same family of accelerator technology was moving into hospitals to treat cancer, where a misconfiguration doesn't cause a data breach, it can push the wrong settings to a machine pointed at a patient. That is where security designed upstream comes from for me. When failure is physical, you don't bolt security on at the end. You design it in from the start.
B.A. Physics · Lake Forest College