Feb 2025 – Present · 1 yr 3 mos

Oct 2024 – Present · 1 yr 7 mos

Mar 2023 – Present · 3 yrs 2 mos

Feb 2023 – Feb 2026 · 3 yrs

Jul 2022 – Dec 2023 · 1 yr 5 mos

Feb 2022 – Feb 2025 · 3 yrs

• (NYSE: BILL)

Jul 2021 – Aug 2023 · 2 yrs 1 mo

• ForgeRock (NYSE: FORG) delivers modern and comprehensive identity and access management solutions for consumers, employees and things to simply and safely access the connected world. Joined the company pre-IPO.
• Member: Audit Committee.
• Acquired by Thoma Bravo (August 2023)

Feb 2021 – Apr 2023 · 2 yrs 2 mos

• Acquired by Akamai (April 2023)

Oct 2020 – Aug 2023 · 2 yrs 10 mos

• Acquired by Cisco (August 2023)

Sep 2020 – Jan 2022 · 1 yr 4 mos

Jun 2020 – Jun 2024 · 4 yrs

Mar 2020 – May 2022 · 2 yrs 2 mos

• Acquired by Delinea (January 2024)

Jan 2020 – Jun 2024 · 4 yrs 5 mos

Oct 2019 – Mar 2022 · 2 yrs 5 mos · San Francisco Bay Area

Sep 2019 – Jan 2023 · 3 yrs 4 mos

• Acquired by Harness (January 2023)

Apr 2019 – Sep 2020 · 1 yr 5 mos · Palo Alto, California

Oct 2018 – Apr 2019 · 6 mos · San Jose, California

Apr 2018 – Oct 2018 · 6 mos

Nov 2015 – Mar 2018 · 2 yrs 4 mos

• As Senior Director of Security Operations & Strategy at Palo Alto Network, responsible for creation, coordination and execution of the security strategy at Palo Alto Networks. Creating the vision and leading a best-in-class Security Operations Center both in form and function. Responsible for all security education and awareness initiatives.
• Responsibilities for Security Operations function:
• Creating an incident response, incident management, and threat intelligence function
• Create the concept of attack and defend by forming a Red Team-Blue Team function
• Design & manage an innovative and world class physical security operations center
• Lead a penetration testing team
• Drive improvements in Palo Alto Networks products by providing feedback from being a first model customer back into products
• Partner with industry experts for breach response
• Responsibilities for Strategy & Business Operations function:
• Manage a information security budget
• Run business operations for the security organization
• Create project and program management function, ensuring delivery to budget and timelines
• Recruit talent from senior leadership to deep technical experts
• Chief of Staff and advisor to CISO
• Risk Management engagement to identify key risks in company and prioritize the risks to drive a Governance, Risk, Compliance strategy
• Responsibilities for Security Education & Awareness function:
• Develop the security awareness strategy and roadmap including a full security education program and frequent communications
• Run phishing awareness program by training employees through phishing simulations
• Create a roadmap of key security education topics that align with key risks to the company
• Security policy awareness and communications
• Partner with HR to develop employee skillsets in security and uplift new hire orientation content in security

Dec 2017 – Nov 2018 · 11 mos

Aug 2013 – Nov 2015 · 2 yrs 3 mos · Mountain View, CA

• Leads enterprise-level initiatives specific to application security efforts and an advanced security strategy, understanding and deploying cloud security. Integrates security into mobile applications, designs threat modeling into all application development processes. Creates & implements an effective, sustainable, enterprise-wide SDLC process while staying on top of current & emerging cyber threats, and effective vulnerability management.
• Leads the Product Security Team and Security Education Initiatives serving millions of customers worldwide.
• Leads technical team of 15 both nationally and internationally, while leading across packaged, cloud and mobile secure software development.
• Manages department budget of $5 Million.
• Strategic lead on all Mergers and Acquisitions relating to security.
• Security strategy includes: cloud based products, mobile applications, and designing security threat modeling.
• Stays apprised of current and emerging cyber threats, and effective vulnerability management.
• Sets overall security strategy, including; architecture and design consultations, threat modeling, training, presentations, holistic platform architecture and design.
• Drives security initiatives, leverage experience and expertise to advise on risk exposure and mitigations. Lead incident handling, advise on and ensure proper risk and business need trade-offs.
• Collaborate with legal on a number of initiatives, acquisition due diligence and drive and deliver large-scale strategic security priorities through experience and influence.

Oct 2012 – Aug 2013 · 10 mos · Mountain View, CA

• Information Security Officer for Intuit Health Group and Demandforce. Created and executed Business Unit (BU) specific security strategies aligned with BU requirements/priorities, security program and regulatory requirements. Contributed directly to developing and delivering security solutions for the BUs. Recognized as strategic, trusted partner that intelligently manages risk to delight customers, enable the business, provide innovative security solutions, and protect the Intuit brand. Viewed as the security expert across the organization and with external stakeholders.
• Developed a strategic security roadmap for multiple BUs.
• Lead information security risk assessments and management.
• Coordinated the development and delivery of education and training programs on infosec and privacy matters.
• Actively monitored new and emerging security and privacy related technologies, trends, issues and solutions and assessing their applicability to Intuit key business initiatives and business strategies.
• Identification and implementation of initiatives based on roadmaps.
• Strong cross-organizational, matrix management, and program management skills
• Provide advice and consulting to executive management and BUs in the development, implementation, and administration of information security and privacy policies and procedures, the infosec infrastructure and on security and privacy related issues.
• Managing risk to an acceptable level through shared vision with business leaders.
• Lead information security risks assessments.

Jan 2012 – Aug 2019 · 7 yrs 7 mos · Santa Clara, CA

Sep 2010 – Sep 2012 · 2 yrs

• Responsible for the coordination of global security strategy, enabling more effective communication and understanding of security issues across eBay's global business units. Established security strategies for eBay’s 30+ adjacent businesses and conducting global businesses (China, India, Australia, Korea, Germany, England, ect.)
• Defined and drove a security culture within and across eBay that enabled the agility and innovation critical for success.
• Responsible for managing the GIS Communications & Training team, including the security awareness program, and all security trainings (annual awareness training, secure coding training).
• Managed the PMO for the Global Information Security Team (responsible for eBay plus 30+ adjacent businesses around the globe).
• Managed budget and resource allocation to ensure appropriate funding of the Global Information Security priorities and successful completion of the business plan. Oversaw the completion of 20 large projects across major business units (product development, information security, Information Technology, Finance, Marketing, etc.).

Aug 2009 – Sep 2010 · 1 yr 1 mo

• Responsible for security communications, awareness, training, and strategy for the eBay Marketplace, Corporate IT environments and approximately 30 adjacent businesses.
• Collaborated with teams within and outside the Global Information Security team to provide effective communications and trainings.
• Provided education to teams and help develop sustainable training programs.
• Redesigned the Global Information Security website with collaboration from the Global Information Security team and help maintain the site.
• Became an expert at using SharePoint for Communications and Training needs as well as for the Global Information Security team.
• Drove customer facing education and communications and training efforts. Create and carry out customer service center information security training strategy.

Mar 2009 – Aug 2009 · 5 mos

• Member of Global Information Security Policy, Awareness & Compliance team with responsibility for policy development, adoption, and compliance tracking for the eBay Marketplaces, corporate IT environments and approximately 30 adjacent businesses. Assessed current compliance and worked collaboratively with teams to influence policy compliance and adoption company-wide.
• Worked with IT and business support teams to influence policy compliance and adoption across global organization.
• Worked as a member of team to develop new policies and standards as appropriate and drive awareness across the organization.
• Handled internal requests to review new technology projects for adherence to security policies and standards.
• Provided consulting and education to mitigate risks and develop compliance strategies.
• Designed and lead implementation of security tools to improve monitoring and compliance functions.
• Assessed, remediation with compliance in the infrastructure and application environments (Unix/Windows OS, Firewalls, Routers/Switches, Databases, and security technologies such as IDS, IPS).
• Drove implementation of security/ compliance tools (e.g. Vontu, Skybox, NetIQ, TripWire, and Archer). Created presentations and communications regarding difficult technical issues to non-technical audiences.
• Delivered projects at a global level (South Korea, China, India, Germany, Netherlands, Canada, England, etc.).

Aug 2006 – Mar 2009 · 2 yrs 7 mos

• Created, implement and document security policies, Acted as primary point of interface with Wal-Mart corporate IT security. Monitored current incidents and threats, ensuring that the enterprise remained protected. Evaluated new technologies and presented findings/recommendations to management. Drove vulnerability assessments, evaluated business and technical requirements, and communicated security risks to non-technical business owners.
• Provided 24/7 on-call security operational support for the production Web environment, Patch Management, Password/Key Management, Certificate Management and resolved business/customer support issues.
• Vital role in the areas of design, operation, implementation and maintenance of Wal-Mart’s Web properties, Security design and revised security plan to meet current business needs & compliance regulations.
• Selected, prototyping and implementation of applications and technical solutions to business problems.
• IT Audit & Compliance – PCI.

Jul 2004 – Aug 2006 · 2 yrs 1 mo

• Performed activities associated with the security controls and monitoring of firewall configurations within the utility. Maintained documentation to support results of monitoring and follow-up activities for unauthorized modems.
• Established controls/ policies and evaluated activities associated with network security.
• Developed/Testing of various SOX controls. IT Audit & Compliance.
• Technical writing of procedures and standards and other controls. IDS, Symantec ESM, Team lead for IA-CMM compliance. – Network Security, Security Management, Operations Security, Communications.

Jun 1997 – Jun 2000 · 3 yrs

• Duties include web designing, data analysis, generating queries and reports, import data into spreadsheets, Internet connectivity, and networking. Tested programs for security related bugs and input verification, related to failure analysis and prevention, life prediction and engineering analysis of structures and mechanical components. Created Java/C++/Visual Basic programs to test application components. Wrote test plans and test cases, regression testing. – Application and System Development, Network Security