About Me

Seasoned cybersecurity leader with 20+ years of experience bridging technical expertise and business acumen. Passionate about building high-performing security cultures, delivering impactful solutions aligned with organizational goals, and elevating the industry approach to data security and privacy. Proven track record in global companies, combining diverse experiences in technology, law, and leadership to drive innovation and results.

Professional Experience

Pure Storage, Director of Security Operations

• Mar 2019 – Dec 2024
• Santa Clara, CA
  Responsibilities
• Create and oversee a global Security Operations team for a $4B enterprise with 6000+ workers.
• Identify and build security capabilities that can deliver on business and customer requirements.
• Direct a team of 3 managers and 15 individual contributors.
• Maximize a $7.8M budget in order to deliver on all the requirements of a full SecOps program.
• Prepare presentations and deliver Security Operations updates to the Executive Team and Board.
  Accomplishments
• 100% staff retention over the course of 9 \textonehalf{} years.
• Mobilized and orchestrated multiple teams to respond to major cybersecurity incidents.
• Weaponized OKRs, budgets, and risk assessments to extend the security program and protect the company from liability, growing my team by 300% while other teams remained flat.
• Having a legal background enabled me to create a clear reporting structure for SEC filings and incident notification.

Pure Storage, Information Security Manager

• May 2015 – Mar 2019
• Mountain View, CA
  Responsibilities
• Instantiate a security program supporting a pre-IPO startup through to $1.5B in revenue and 3000 workers.
• Evaluate, acquire, implement, and operationalize foundational security technologies aligned to NIST and ISO 27001 frameworks.
• Meet customer and industry expectations for an enterprise-level security program.
  Accomplishments
• Wrote, obtained approval, and published NIST-aligned policies, along with yearly attestation by employees.
• Implemented vulnerability management, EDR, security awareness, incident response, SOAR, and forensics.
• Created a light GRC program in order to perform TPRM and meet GDPR compliance.
• Deployed innovative approaches to address traditional security controls, making them palatable for an engineering culture.

Aruba Networks, Security Architect

• Feb 2014 – May 2015
• Sunnyvale, CA
• Responsible for designing and executing the objectives of Aruba's InfoSec Program.

Juniper Networks, Incident Response Lead

• Dec 2008 – Feb 2014
• Sunnyvale, CA
• Hired, trained, and led a SOC team to investigate and respond to cybersecurity incidents.

Education

Pure Storage Internal Training, Leading at Pure

• Intensive eight week leadership course for VPs and Directors.
• Participation requires Executive VP sponsorship and a selection committee.

Case Western Reserve University, JD in Law

• A focus in cyberlaw and intellectual property, including working in the IP clinic.

University of Texas, BA in English Literature

• Minors in German and Mathematics.

Memberships and Community Engagement

• Member of the Florida Bar Association (Retired)

• Member of the Evanta governing body

• Member of Infragard

• Member of the Information Security Leadership Foundation

• Member of ISSA

• Reviewing CISM material

Presentations and Achievements

• Building multi-AI agent systems with CreewAI - Certificate of completion

• Using Password Cracking to Meet the NIST Password Guidance - BSidesPDX

• Not Your Grandpa's Password Policy - BSidesLV