About Me.

I am an accomplished, business focused cybersecurity executive with over fifteen years of experience building and leading high performing security programs. Operating primarily within highly regulated sectors, I specialize in translating complex technical challenges into strategic business initiatives that protect enterprise assets and enable organizational growth. I excel at securing executive and board level buy-in, managing multimillion dollar budgets, and building highly specialized technical teams from the ground up. My strategic philosophy acknowledges that the modern cybersecurity landscape has shifted from reactive to active or proactive posture driven by the convergence of advanced AI tools, geopolitical tensions, and professionalized cybercrime. To combat these modern threats, I bridge the gap between technical operations and business objectives to craft holistic, risk informed security strategies.

In my most recent executive role as Director of Security Operations from July 2022 to October 2024, I defined and implemented the security strategy and roadmap for a 35,000 node enterprise, balancing innovation and risk in close partnership with IT and business stakeholders. I ensured alignment with strict regulatory and industry frameworks, including NIST, ISO 27001, SOC2, and HIPAA. I directed the design of a comprehensive Cyber Event Response program, which included 24x7 monitoring, threat intelligence, vulnerability management, and digital forensics. I successfully recruited and mentored a core cybersecurity operations team, scaling the unit from one to fourteen in-house specialists and fostering a culture of continuous learning.

Under my leadership, the organization launched a formal vulnerability management program that achieved a 90.9% SLA remediation rate, drastically reducing stale vulnerabilities from 700,000 to near zero. Additionally, I deployed best in breed enterprise endpoint detection and formal logging systems, while overseeing operations for managed security service providers and leading security consulting services. As a trusted advisor, I guided the leadership team and board members on security risks, trends, AI initiatives, and incidents, ultimately earning multiple executive awards of excellence for my programmatic implementations.

Prior to my most recent executive position, I held critical leadership roles within the global biotechnology and pharmaceutical sectors between June 2018 and July 2022. Advancing to Manager of Cyber Incident Response, I directed global cyber incident response operations across corporate, cloud, and Operational Technology (OT) networks. I managed both in house security analysts and outsourced Digital Forensics and Incident Response (DFIR) services to investigate unauthorized access and complex cyber events. My proactive approach included leading red and blue team exercises, overseeing the global threat intelligence program, and implementing formal incident response processes across global teams spanning multiple international regions. My execution of an Insider Risk Program and my defense of a partner pipeline against ransomware earned me official letters of recognition.

During a distinct period from September 2019 to February 2020, I took my expertise to Copenhagen, Denmark, serving as a Senior Cyber Security Architect. There, I acted as the primary interface between business units and engineering teams to define cybersecurity requirements for a Zero Trust environment. I led incident response activities for European operations and architected security designs, detection content within the SIEM, and playbooks based on risk evaluations and daily threat intelligence.

My foundational career includes highly technical engineering and architectural roles. Serving as a Senior Security Analyst and Engineer from January 2016 to June 2018, I engineered and implemented enterprise-wide security solutions, including Network Access Control (NAC), Endpoint Detection and Response (EDR), and email security systems. I led in-house analysts and supported managed security operations center teams during critical events, standardizing response activities through comprehensive playbooks. Earlier in my career, between 2014 and 2016, I directed analyst teams, evaluated client infrastructures to identify security gaps, and engineered custom security tools for both in house and remote environments. Notably, I developed new client service offerings, including formal Cyber Incident Response and Vulnerability Management programs. My foundational leadership and technical experience began in 2012, where I maintained endpoint security solutions and oversaw a critical network expansion project ensuring compliance with strict Department of Defense (DOD) security requirements.

Underpinning my extensive practical experience is a solid educational and credentialed foundation. I hold a Bachelor of Applied Science in Information Systems Security and an Associate of Applied Science in Computer Networking Systems, both earned with honors in Knoxville, Tennessee. Committing to continuous learning, I have achieved highly respected industry certifications, including the Certified Information Security Manager (CISM) in 2026 and the Certified Information Systems Security Professional (CISSP) in 2025. I have also completed advanced continuing education, such as a program on AI and Cybersecurity Strategies for Resilience and Defense, AI Security Essentials for Business Leaders, and specialized training in Cloud Security and Security Leadership. I remain highly engaged in the broader cybersecurity community as an active member of regional technology forums, InfraGard, SANS, CompTIA, the ISC(2) regional chapter, OWASP Gen AI, and CoSAI.

At the forefront of cybersecurity, my work focuses deeply on proactive security. My expertise encompasses developing robust strategies for securing complex enterprise environments, and then implementing those programs with deep technical experience, I am also actively engaged with advanced AI-driven cyber defense concepts to move from reactive defense to active and predictive defenses.

As a continuous innovator, I am constantly exploring new ways to synthesize and share my professional expertise with blog posts and articles. I am working to advance my speaking engagements and volunteer for cyber related projects as much as time will allow me to.