Mar 2025 – Present · 1 yr 2 mos

• This role is the culmination of six years operating across engineering, product management, and information security at Alteryx — moving deliberately to wherever security leverage was highest at each stage of the company's growth. I built the product security program from its first line of policy to a mature cross-functional function, drove cloud product security through two major acquisitions, embedded security into the enterprise product roadmap, and now serve as the only leader-level individual contributor on the CISO's direct staff.
• Serve as the only IC-level leader on the CISO's direct staff — no direct reports, full strategic scope — leading by influence across all InfoSec domains
• Developed the InfoSec department's 2026 strategic pillars — GRC engineering, data security, IAM maturity, and AI security foundations — and secured buy-in across the full InfoSec leadership team
• Drive tool rationalization, cross-functional efficiency, and roadblock removal across security verticals; serve as a forcing function for PCI compliance including controls documentation, audit tooling, and direct auditor engagement
• Built vulnerability management automation: ticket ingestion, backlog prioritization, and SLA tracking integrated with engineering team workflows
• Identify and surface program gaps across security domains; plug into individual teams as a hands-on technical contributor when and where needed

Sep 2022 – Mar 2025 · 2 yrs 6 mos

• Consolidated product security strategy, DevSecOps, and architecture functions back into the InfoSec organization under a single program — bringing together the full scope of security work built across prior roles
• Continued enterprise customer-facing security conversations — translating security posture into commercial terms to unblock cloud product adoption at strategic and high-value accounts
• Refined and expanded SSDLC coverage and tooling; deepened threat modeling standards and ensured continuous security review coverage across cloud and hybrid product lines
• Iterated the product security roadmap and served as the primary security voice in product planning and architecture reviews across 50+ engineering teams

Jun 2022 – Sep 2022 · 3 mos

• Embedded within the Product Management organization — a deliberate move made in partnership with the Chief Product Officer — to drive the enterprise security roadmap from inside the business rather than alongside it
• Built and drove the security roadmap enabling enterprise customers to adopt Alteryx cloud products with minimal security friction; led customer conversations, responded to security questionnaires, and translated technical risk into adoption-blockers the business could act on
• Returned to InfoSec following a CISO transition that consolidated security functions; brought the DevSecOps team and product security strategy back under the information security organization

Aug 2021 – Jun 2022 · 10 mos

• Embedded security within the engineering organization to build a security presence during a critical growth period post-Trifacta acquisition
• Controls-focused engagement to achieve SOC 2 Type 2 and ISO 27001 certification for Alteryx's new cloud product — documentation, tooling, scripting, and direct auditor engagement

Jan 2021 – Aug 2021 · 7 mos

• Promoted from Principal Security Architect following consolidation of security functions into the InfoSec organization after Alteryx's first CISO hire
• Led foundational program-building: secure SDLC design, vulnerability management program, threat modeling standards, and security architecture review processes
• Conducted threat modeling and security design reviews for major product features including the Alteryx Data Connection Manager
• Built the operational processes to translate security tooling findings into actual risk reduction — making engineering teams effective partners in remediation rather than recipients of findings

Aug 2020 – Jan 2021 · 5 mos

• Moved from the engineering organization to the InfoSec team as part of the company's first formal security consolidation
• Focused on security design and threat modeling for product features; led architecture reviews for cloud and on-premises product capabilities
• Continued to function as the primary product security resource while the broader security organization scaled

Jan 2020 – Aug 2020 · 7 mos

• Joined Alteryx as one of the first product security hires, embedded within the engineering organization
• Established the product security function from scratch — building credibility with engineering peers, positioning the security team as consultants and subject matter experts rather than gatekeepers
• Owned security tooling and drove early adoption of application security scanning across the engineering organization
• Laid the cultural and operational groundwork for the formal product security program that followed