Mar 2026 – Present · 2 mos · Denver, Colorado, United States · Remote

• The AIUC-1 Consortium unites security, risk, and legal leaders across industry, government, academia, and non-profits to shape AI best practices - defining how the world adopts AI agents securely and confidently

Feb 2026 – Present · 3 mos · Denver, Colorado, United States · Remote

• Lead Zenity's AI security standards and governance practice, translating the company's AI agent security research into contributions that shape global security standards and best practices.
• Drive leadership roles and hands-on technical contributions across OWASP Agentic Security Initiative, OWASP GenAI Security Project, MITRE ATLAS, and MCP/A2A protocol security efforts. Influence direction, language, and technical guidance within each body to reflect real world agentic AI risk.
• Establish feedback loops between standards work, Zenity product development, and customer needs so that security best practices inform the product and the product informs the standards.
• Build brand awareness by publishing technical blogs, co-creating content with customers, and securing speaking engagements that position Zenity as the recognized leader in AI agent security. Generate measurable pipeline influence through thought leadership tied to compliance requirements and emerging standards adoption.

Jan 2026 – Present · 4 mos · Remote

Dec 2025 – Present · 5 mos · Denver, Colorado, United States · Remote

• As a Distinguished Fellow, I advance ERQI's mission to make risk measurable and actionable by:
• ➡️ Contributing AI security and governance frameworks that quantify emerging technology risks while maintaining business context. Yes... Quantitative and qualitative measures can coexist!
• ➡️ Leading working group initiatives on AI risk measurement methodologies
• ➡️ Publishing research on defensible AI risk quantification aligned with ISO 42001 and NIST AI RMF
• ➡️ Presenting at community events on translating AI threats into board-ready risk metrics
• ➡️ Mentoring practitioners bridging cybersecurity, AI governance, and enterprise risk disciplines
• My focus: turning AI risk from speculation into evidence-based, quantifiable outcomes organizations can act on.

Aug 2025 – Jan 2026 · 5 mos · Denver Metropolitan Area · Remote

• As an Advisor to Enkrypt AI, I work with the founders and leadership team to shape strategy at the intersection of AI security, governance, and enterprise adoption.
• My role includes:
• Guiding the team on real-world CISO priorities and enterprise risk management.
• Sharing thought leadership on generative AI security, agentic AI, and compliance through events, blogs, and panels.
• Providing feedback on product roadmaps, early builds, and AI guardrail research.
• I'm dedicated to helping Enkrypt prove out its AI risk management platform and expand in key industries.

Jul 2025 – Jan 2026 · 6 mos · Denver, Colorado, United States · Remote

May 2025 – Present · 1 yr · United States

• As a GCRAI Ambassador, I turn ethical AI principles into actionable standards and guide builders on secure deployment while uniting policy leaders, engineers, and academics to keep AI safe, fair, and trusted worldwide.

Nov 2024 – Present · 1 yr 6 mos · Denver, Colorado, United States · Remote

• As a Board Member at Chambers Capital Ventures, Inc., I play a crucial role in steering the company's strategic direction. Leveraging over two decades of experience in sectors such as government, energy, eCommerce, financial services, and enterprise technology, I contribute to identifying and nurturing high-growth opportunities across franchises, real estate, securities, bonds, private equity, and liquid assets. My expertise in cybersecurity, AI, and digital transformation will be instrumental in aligning technology initiatives with corporate objectives, enhancing risk management, and driving sustainable growth for our portfolio companies.

Nov 2024 – Present · 1 yr 6 mos · United States · Remote

• I advise on developing and implementing robust AI and cybersecurity strategies for Valusync's innovative fintech platform. By leveraging industry-leading expertise, I architect comprehensive governance frameworks safeguarding user data while enabling cutting-edge personalized investing solutions.
• My responsibilities include:
• Collaborating with leadership to craft and execute tailored AI and cybersecurity strategies that protect Valusync's AI-driven technology and user assets.
• Ensuring compliance with evolving regulatory standards, positioning Valusync at the forefront of secure fintech operations.
• Guiding the integration of robust security protocols that enhance user trust and platform reliability.
• Through strategic guidance, I empower Valusync to deliver secure, customized financial services to Millennial and Gen Z investors. This role is instrumental in shaping the future of personalized wealth management, combining innovative technology with uncompromising security standards.

Jan 2024 – Present · 2 yrs 4 mos · Denver, Colorado, United States · Remote

• I am proud to serve on the board of Our Shades of Blue, a non-profit organization dedicated to inspiring and educating underrepresented youth in aviation and STEM fields. As a board member, I am committed to strategic oversight, cybersecurity, privacy, fundraising initiatives, and program development to help expand access to educational resources and career opportunities. Our goal is to empower the next generation of innovators and leaders by breaking down barriers and fostering a diverse, inclusive community. Join us in our mission to elevate potential and guide young minds towards a brighter, technology-driven future.

May 2023 – Present · 3 yrs · United States

May 2020 – May 2022 · 2 yrs · Denver, Colorado, United States

May 2019 – Aug 2023 · 4 yrs 3 mos

May 2018 – Present · 8 yrs · Greater Denver Area

• RockCyber is a leader in cybersecurity services and solutions, providing comprehensive services tailored to meet the dynamic needs of businesses. Our services ensure robust security frameworks, compliance, and resilience against cyber threats.
• Services:
• ➡️ Virtual CISO: Strategic leadership and guidance for your cybersecurity programs.
• ➡️ Virtual CAIO: Strategic leadership and guidance for your AI programs.
• ➡️ AI Governance: Develop and manage AI governance programs to ensure responsible AI use.
• ➡️ AI Risk Assessment: Identify and mitigate risks associated with AI technologies.
• ➡️ Business Continuity as a Service: Ensure business operations continue amid disruptions.
• ➡️ Compliance Services: Achieve and maintain regulatory compliance.
• ➡️ Cybersecurity Assessments: Comprehensive evaluations of security posture.
• RockCyber empowers organizations with the expertise and tools needed to protect their digital assets and ensure operational continuity.

Jan 2016 – Sep 2018 · 2 yrs 8 mos · Denver, Colorado, United States

• Marathon Petroleum acquired Markwest Energy. Responsible for post M&A activity of the IT and OT cybersecurity programs.

Jun 2015 – May 2017 · 1 yr 11 mos · Greater Denver Area

• The Annual Rocky Mountain Information Security Conference (RMISC) is jointly held by the Denver ISSA and ISACA chapters, and is the only conference of its kind in the Rocky Mountain region.
• Appointed by the ISSA Denver Chapter Board of Directors to serve as the ISSA Chairman for the Rocky Mountain Information Security Conference.

Feb 2015 – Dec 2018 · 3 yrs 10 mos · Denver, Colorado, United States · Remote

• As a Board Member at SoundFi, I was involved in shaping the strategic direction of this innovative company at the forefront of immersive audio technology for cinema and personal entertainment. My focus on strategic partnerships, consumer safety, technological advancements, and market expansion supports SoundFi's mission to revolutionize how audiences experience audio. We aimed to enhance viewer engagement and satisfaction across various platforms by integrating cutting-edge audio solutions.

Jun 2014 – Sep 2018 · 4 yrs 3 mos · Greater Denver Area

• As the de facto Chief Information Security officer (CISO), I held the most senior Information Security position at MarkWest (a now $28B market cap, midstream energy company, as a result of the Marathon Petroleum combination). I had the ultimate responsibility for setting the tone and direction for all aspects of Information Security in the organization (both traditional IT, and OT such as SCADA).
• Oversaw all aspects of Information Security in the organization (both traditional IT, and Operational Technologies, including SCADA
• Established enterprise Information Security Program focusing on the Top 20 Critical Security Controls and leveraging the NIST Cybersecurity Framework and developed/managed $4 million budget.
• Spearheaded $30M IT integration project upon $18B acquisition by Marathon Petroleum.
• Reviewed, approved and implemented Marathon Petroleum’s Cloud Security Standard, and implemented it at MarkWest
• Developed a risk-based framework, based on the NIST Cybersecurity Framework, to evaluate, communicate, and prioritize the remediation of threats and vulnerabilities faced by MarkWest
• Managed IT Security Team and ensure ongoing technical training to ensure the team stayed abreast of current trends
• Led IT risk assessments, audits and security incident investigations, ensuring industry best practices and regulatory requirements were followed
• Implemented processes and methods for auditing and addressing non-compliance to Information Security standards; facilitated migration of non-compliant environments to compliant environments
• Conducted assessments to ensure compliance with standards and currency with industry security norms.
• Managed and participated in the planning and implementation of the security administration of all IT projects
• Oversaw selection of security applications and systems
• Made recommendations and led in the changes to work methods and procedures to make them more effective or to strengthen security measures.

May 2013 – May 2017 · 4 yrs · Denver, CO

• Solutions By Design has been designing, building, and supporting solutions for the federal government and commercial enterprises for over 20 years. Key responsibility is to provide strategic and technical advisory services for federal government proposal response.
• Member of winning proposal team for a recently awarded, multi-million dollar contract that provides cyber security services to the U.S. Department of Homeland Security
• Define strategy to support technical proposals as related to defined functional areas, including ensuring that the management plan that is compliant with RFP instructions, conditions, and notices
• Identified key nd qualified technical staff. To include:
• o Program Expert(s)
• o Program Manager and or Task Leads
• o Any other key personnel
• Assist in staffing allocation to ensure proper staffing model is utilized
• Assist in attaining key target rates
• RFP Color Review participation
• Competitor Analysis
• Assist in contacting key government decision makers

Jan 2013 – Jan 2014 · 1 yr · Englewood, CO

• Responsible for overseeing Agilent's Threat Management program, covering proactive planning and prevention, as well as reactive detection and remediation for a $7B organization.
• Oversaw Threat and Vulnerability Management program, covering proactive planning and prevention, as well as reactive detection and remediation for a $7B organization.
• Advised executive leadership of evolving threats, vulnerability risks, technology trends in the information security landscape, and outlined recommended courses of action.
• Developed strategy and RFP requirements for next-generation Security Operations Center.
• Created and operationalized Security Incident Handling guidelines and procedures.
• Standardized security logging infrastructure throughout the global enterprise.
• Managed external security vendors

Jan 2011 – Jan 2013 · 2 yrs · Westminster, CO

• Global provider of systems integration, systems engineering and professional services to Government and commercial sectors.
• Responsible for global Security and Network Operations Center (SNOC) for a 24,000 user organization spread across 280 locations globally
• Served as the single point of contact for management of all significant security incidents
• Oversaw Vulnerability Risk Management and FISMA compliance across multiple security boundaries, including policy exceptions and defining recommended courses of action for vulnerability remediation
• Developed System Security Plans
• Established procedures to monitor for Advanced Persistent Threats.
• Worked closely with US-CERT, DHS (and its other agencies) and federal law enforcement agencies to coordinate cyber security intelligence sharing and investigations.
• Implemented a security metrics and analytics framework to quantify effectiveness of the SNOC.
• Used ITIL principles to drive improvements in security/network monitoring tools increasing number of devices being monitored by 20X, decreasing Mean Time to Restore by 30% and saving $1.5M.
• Report all incidents and violations to client, ensured proper investigations and active monitoring of more than 12,000 servers, switches, routers, IDSs, firewalls and enterprise-wide antivirus solutions.
• Authored the USCIS Transition Policy for security and network tools which has decreased Engineering to Operations transition time by 50%.
• Architected GDIT’s “SOC/NOC as a Service” offering using Cloud and Virtualization best practices, and established the IT Risk Management program for the service
• Served as an SME and Technical Writer for Cybersecurity related RFP solicitations

Jan 2005 – Jan 2011 · 6 yrs · Scottsdale, AZ

• World’s largest online marketplace.
• Led Network Security team in multiple projects and managed up to $1M including establishment of Security Operations Center for one of world’s largest eCommerce organizations.
• Led Network Security team in multiple projects and managed up to $1M including establishment of Security Operations Center for one of world’s largest eCommerce organizations.
• Architected and implemented new security measures using Enterprise Security Standards such as SABSA/TOGAF.
• Worked with third party auditors to ensure SOX and PCI DSS regulatory compliance.
• Worked closely with US-CERT and the FBI to coordinate cyber security intelligence sharing and investigations.
• Developed strategy to mitigate Advanced Persistent Threats.
• Analyzed and defined requirements for adopting new security technologies such as DDoS protection, Intrusion Detection, Firewalls and Certificate Authorities.
• Managed third party vendor relationships.
• Led security team on technology integration of Mergers and Acquisitions including Skype and Shopping.com saving approx. $1M annually.

Jan 2004 – Jan 2005 · 1 yr · Tempe, AZ

• IT and professional services provider helping clients improve operations and profitability.
• Served as primary liaison to Honeywell team for design and implementation of their Security Operations Center.
• Thought leader in the area of risk management and improving relevancy of the discipline throughout the organization.
• Reduced average time to incident resolution 50% within 30 days of becoming operational.
• Recommended ways to mitigate network security incidents, and performed cyber investigations.

Jan 2004 – Jan 2004 · 0 mo · Tempe, AZ

• Engineering services company providing product design, testing/certifications consulting.
• Senior Network Security Consultant
• Designed and implemented specifications for complex security systems in accordance with Sarbanes-Oxley and Gramm-Leach-Bliley standards.
• Forecasted network traffic and capacity and recommended network modifications reducing costs 15% while improving service.

Jan 2003 – Jan 2007 · 4 yrs · Mesa, AZ

• Planned and taught Essentials of Network & Information Security, Cyber Forensics, Oracle Architecture and Administration, Oracle Backup & Recovery, UNIX Security, Advanced UNIX and Linux Systems Administration.

Jan 2002 – Jan 2004 · 2 yrs · Gilbert, AZ

• Startup technology consultancy providing data-analytic services.
• Led team of network, system and database administrators in designing technology infrastructure, performing cyber investigations and serving as technical point of contact for large customers.
• Designed and implemented systems security program using NIST and NSA Information Assurance Methodology as framework – increased uptime led to ~$250K in revenue.
• Increased network and server capacity by 200% by deploying and securing 24x7 data center.

Jan 2000 – Jan 2002 · 2 yrs · Las Vegas, NV

• A leading provider of facility and real estate management software solutions (acquired by IBM).
• Led teams of database developers and contributed hands-on for developer of online, integrated workplace management systems. IBM has acquired the firm.

Jan 1998 – Jan 2000 · 2 yrs · Las Vegas, NV

• • Led projects including conversion of Unclaimed Property application from AS/400 RPG to Oracle client-server and a custom Job Absence reporting system.

Jan 1998 – Jan 1999 · 1 yr · Las Vegas, NV

• • Software Quality Assurance for a B2B eCommerce firm.