Experience

AppDynamics

• United States
• Software Development
• 700 & Above Employee

• Director, Customer Trust

  • Mar 2021 - Present

  San Francisco Bay Area

• Manager, Customer Trust / Field Security Architect

  • Jun 2019 - May 2021

  San Francisco Bay Area Providing customer confidence in the security design, implementation, and operations of AppDynamics’ products. - Leveraging relationships across Engineering, Product Marketing, and Operations to provide collateral and direct engagements to Sales and Customer Success to increase revenue and drive SaaS adoption. Team contributions to over 50% of sales revenue. - Driving technical and process improvements in product and operations to enhance security functionality to meet customer needs… Show more Providing customer confidence in the security design, implementation, and operations of AppDynamics’ products. - Leveraging relationships across Engineering, Product Marketing, and Operations to provide collateral and direct engagements to Sales and Customer Success to increase revenue and drive SaaS adoption. Team contributions to over 50% of sales revenue. - Driving technical and process improvements in product and operations to enhance security functionality to meet customer needs and reduce corporate and customer risk.



Information Systems Security Association (ISSA)

• United States
• Computer and Network Security
• 1 - 100 Employee

• Communications Director

  • Feb 2019 - Present

  Silicon Valley Elected member of the Silicon Valley ISSA Board of Directors (www.sv-issa.org), providing timely messaging to members of chapter activities through email and social media. The Silicon Valley Chapter of the ISSA (Information Systems Security Association) is the premiere Bay area organization for Information Security practitioners and industry participants. The chapter holds monthly meetings for chapter members and guests, sponsors educational opportunities for members and the community… Show more Elected member of the Silicon Valley ISSA Board of Directors (www.sv-issa.org), providing timely messaging to members of chapter activities through email and social media. The Silicon Valley Chapter of the ISSA (Information Systems Security Association) is the premiere Bay area organization for Information Security practitioners and industry participants. The chapter holds monthly meetings for chapter members and guests, sponsors educational opportunities for members and the community, is the key driver behind the popular Cornerstones of Trust Conference (http://www.cornerstonesoftrust.com/) and other local security industry and community events. For more information see the chapter website: http://www.sv-issa.org/ Show less



Crucyble

• United States
• Computer and Network Security
• 1 - 100 Employee

• Managing Partner

  • Jul 2018 - May 2019

  Silicon Valley Crucyble is an Information Security firm based in Silicon Valley, securing the future of client companies through the reduction of information security risk and cloud security services. My key contributions were in delivering quality consulting engagements, making strong business development partnerships to promote new opportunities, and standardized collateral for consistent and efficient delivery of services.



Truvantis, Inc.

• United States
• Computer and Network Security
• 1 - 100 Employee

• VP & PCI DSS QSA, Professional Services

  • Feb 2017 - Jul 2018

  San Francisco Bay Area Hands-on leader delivering security consulting for technical, compliance and governance projects and services. ● Expanded team capabilities through cross-team projects in order to provide better scaling and growth as well as improve overall knowledge and ability to leverage resources into new engagements. ● Brought in and expanded business partnerships to facilitate scaling of operations, leveraging of external partners for adjacent service and sales/business. ● Significant… Show more Hands-on leader delivering security consulting for technical, compliance and governance projects and services. ● Expanded team capabilities through cross-team projects in order to provide better scaling and growth as well as improve overall knowledge and ability to leverage resources into new engagements. ● Brought in and expanded business partnerships to facilitate scaling of operations, leveraging of external partners for adjacent service and sales/business. ● Significant contributor to the sales and marketing processes, rewriting marketing documents, bringing in new opportunities, scoping engagements and developing pricing models and proposal language to increase sales. ● Improved proposal templates and functionality to enable sales personnel to become self-sufficient for initial sales engagements enabling faster response and closure on sales opportunities. ● Hands-on engagements for policy, governance , PCI DSS QSA attestations, security program development

• Sr. Director, Professional Services

  • May 2016 - Feb 2017

  San Jose, CA Led the professional services team, providing guidance and hands-on leadership to deliver quality engagements across a variety of industries. Services included: * Technical testing (vulnerability scans, penetration testing, red team exercises, etc.) * Security program creation and remediation (policies, processes, technical architectures and security controls) * Security compliance and governance analyses against standards: ISO27001, PCI DSS, CIS Controls, SOC 2, HIPAA * PCI DSS… Show more Led the professional services team, providing guidance and hands-on leadership to deliver quality engagements across a variety of industries. Services included: * Technical testing (vulnerability scans, penetration testing, red team exercises, etc.) * Security program creation and remediation (policies, processes, technical architectures and security controls) * Security compliance and governance analyses against standards: ISO27001, PCI DSS, CIS Controls, SOC 2, HIPAA * PCI DSS Attestations



NICE Actimize Xceed

• United States
• Computer and Network Security
• 1 - 100 Employee

• Director, Security & Operations

  • Nov 2011 - Apr 2016

  Mountain View, California Joined the company with a primary focus on Security. Subsequently expanded my position to also include responsibility for SaaS Platform Operations, IT, Customer Support, and internal Automation. Key contributions: * Established company-wide Security Program, including Business Continuity, Risk Management, Policy, Security Architecture Review, Compliance, and Awareness Training, etc. * Successfully completed and maintained SOC2 Type II attestation covering Security, Availability, and… Show more Joined the company with a primary focus on Security. Subsequently expanded my position to also include responsibility for SaaS Platform Operations, IT, Customer Support, and internal Automation. Key contributions: * Established company-wide Security Program, including Business Continuity, Risk Management, Policy, Security Architecture Review, Compliance, and Awareness Training, etc. * Successfully completed and maintained SOC2 Type II attestation covering Security, Availability, and Confidentiality and annual Safe Harbor privacy certification * Integral part of customer engagement for Sales RFP/contracts and on-going due diligence and audit processes as related to Security and product Operations. * Cross-functional leader, driving Change Management, architectural and process improvements, and strategic cross-team engagements Show less



Brocade

• United States
• Computer Networking Products
• 700 & Above Employee

• Senior Information Security Analyst

  • Jun 2010 - Nov 2011

  Member of small team responsible for global information security. • Coordinated all aspects of security engagement with the Global IT Infrastructure and Operations team, including architectural reviews, leading security projects, and providing security guidance for the team. • Led security awareness and training effort to establish annual training program across employees and contract workers. • Drove Mobile Device Management program to improve security controls across smartphones… Show more Member of small team responsible for global information security. • Coordinated all aspects of security engagement with the Global IT Infrastructure and Operations team, including architectural reviews, leading security projects, and providing security guidance for the team. • Led security awareness and training effort to establish annual training program across employees and contract workers. • Drove Mobile Device Management program to improve security controls across smartphones and tablet computers in use for Brocade email access. • Improved documentation and workflow for Incident Management process to streamline work efforts and reduce overall cost. Show less



Security Mentor

• United States
• Computer and Network Security
• 1 - 100 Employee

• Editor /Sales (Contract)

  • Mar 2010 - Aug 2010

  Performed security lesson reviews of content and presentation to ensure technical accuracy and clarity of information.



The Security Consortium

• Trusted Advisor (Contracted projects)

  • Feb 2010 - Jun 2010

  Responsible for all product and project aspects of customer engagements to meet contractual expectations and maintain product quality. • Performed review and wrote analysis documents of new security products for customers to analyze if the products fit their intended purpose and to determine if security implementations met the design goals. • Responsible for security reviews of customer environments to meet PCI compliance as well as general security best practices.



eBay

• United States
• Technology, Information and Internet
• 700 & Above Employee

• Sr. Mgr, Information Security

  • Jul 2008 - Aug 2009

  Leader of team within Security Operations responsible for policy and standards development; awareness and training; and information security compliance. • Matured team through cross-training and process development to ensure that all functional areas would be covered in event of short or extended absences. • Established policy and standards development process and review board within Information Security team to strengthen content and enforceability. • Built relationships with other… Show more Leader of team within Security Operations responsible for policy and standards development; awareness and training; and information security compliance. • Matured team through cross-training and process development to ensure that all functional areas would be covered in event of short or extended absences. • Established policy and standards development process and review board within Information Security team to strengthen content and enforceability. • Built relationships with other internal functions (e.g. IT, Operations, Legal, and other Information Security teams) to improve collaboration and adoption for policies and standards. • Worked with Global Legal Compliance team to promote and expand annual awareness training to include contractors and other temporary staff. • Interfaced with key business functions to understand their environments and perform security assessments. • Created Information Security Awareness strategy, focused on improving individual and management commitment to information security. Provided security messaging on an as-needed basis to support incident response and threat management process. • Led PCI compliance and Sarbanes-Oxley security related controls testing across eBay.com and adjacent business functions. Show less



Cisco

• United States
• Software Development
• 700 & Above Employee

• Manager, IT Risk Management

  • Oct 2006 - Apr 2008

  Coordinated interactions between IT teams and audit organizations to review operational and security practices, including ensuring resource availability, facilitating on-site visits, and resolving any issues found. • Negotiated and influenced teams to establish appropriate level of policies, processes, and controls to improve operations, security and legal compliance. • Developed and documented roles and responsibilities between internal audit team and the IT Risk Management organization… Show more Coordinated interactions between IT teams and audit organizations to review operational and security practices, including ensuring resource availability, facilitating on-site visits, and resolving any issues found. • Negotiated and influenced teams to establish appropriate level of policies, processes, and controls to improve operations, security and legal compliance. • Developed and documented roles and responsibilities between internal audit team and the IT Risk Management organization to improve collaboration and increase effectiveness. • Prepared and led quarterly risk reporting sessions for IT executive staff to raise awareness and increase support and funding of audit and security issues and initiatives. • Successfully built Customer Compliance initiative to facilitate compliance to contracts and improve consistency of responses to security questionnaires. • Reviewed contracts related to handling of customer confidential data; created standard clauses for negotiation purposes.

• Manager, Diverse Business Information Security

  • Apr 2005 - Oct 2006

  Led team to establish partnerships between central, corporate security organization and divisional IT support teams. • Championed cultural change in the central security organization to adopt new oversight models and adjust policies and processes to accommodate a variety of implementation approaches. • Evaluated security practices and determined integration strategies with new acquisitions and other non-centrally supported IT teams. • Provided technical staff to these IT teams to… Show more Led team to establish partnerships between central, corporate security organization and divisional IT support teams. • Championed cultural change in the central security organization to adopt new oversight models and adjust policies and processes to accommodate a variety of implementation approaches. • Evaluated security practices and determined integration strategies with new acquisitions and other non-centrally supported IT teams. • Provided technical staff to these IT teams to improve security of key projects and drive a common level of security across the overall organization. • Educated business partners and senior management on security issues unique to the diverse business environments.

• Manager, Information Security

  • Mar 2002 - Mar 2005

  Leader for team providing global security architecture design, consulting and education to internal support organizations for applications and networks, application service providers (ASPs) and partner networks; overall security policy documentation and ownership; and technical writing support and awareness for extended team. • Improved global process consistency through formalization of documentation and processes. • Grew staff through restructuring team along technology tracks… Show more Leader for team providing global security architecture design, consulting and education to internal support organizations for applications and networks, application service providers (ASPs) and partner networks; overall security policy documentation and ownership; and technical writing support and awareness for extended team. • Improved global process consistency through formalization of documentation and processes. • Grew staff through restructuring team along technology tracks, creating team lead role and aligning staff to appropriate responsibilities. • Negotiated and influenced the acceptance of a $1M multi-year contract for security tools support and maintenance. • Improved cross-team collaboration through staff rotations. • Partnered with development teams to improve security and usability of Cisco products. • Regularly sought after as speaker for customer engagements in formal presentations, site visits and working sessions to share security best practices and strategy.

• Manager, Strategic Architecture and Technology Services

  • Nov 2000 - Mar 2002

  Lead for departmental proof of concept lab and project manager to establish architecture and operational requirements for internal product deployments. • Influenced first inclusion of IT operational and security requirements into product Solutions Requirements Definition (SRD) for video conferencing products. • Initiated a major lab environment retrofit to establish new service level agreements with lab clientele, create new physical layout, and expand existing space.

• Manager, Networking

  • Apr 1997 - Nov 2000

  Manager for all aspects of LAN and Internet operations for Cisco's internal corporate network at the San Jose, California and Research Triangle Park (RTP), North Carolina campuses. • Increased team size from 5 to 16 staff members over two years, while simultaneously expanding the network (from 6 to 70 buildings) and improving network availability. • Successfully managed budget of over $2 million annually. • Designed and oversaw installation of cabling infrastructure for all US… Show more Manager for all aspects of LAN and Internet operations for Cisco's internal corporate network at the San Jose, California and Research Triangle Park (RTP), North Carolina campuses. • Increased team size from 5 to 16 staff members over two years, while simultaneously expanding the network (from 6 to 70 buildings) and improving network availability. • Successfully managed budget of over $2 million annually. • Designed and oversaw installation of cabling infrastructure for all US corporate campuses. • Frequently requested as presenter for customers at Executive Briefing Center to share networking best practices.

• Network Engineer

  • May 1994 - Mar 1997

  Technical lead for team responsible for daily operations of the engineering network, including all levels of design, development and support. • Personally maintained all aspects of corporate Internet connectivity, including firewalls, DNS and EIGRP and BGP routing infrastructure. • Designed and implemented a wide variety of network models to support global Engineering organization based on FDDI, Ethernet, and ATM technologies.



Northern Research Institute (Norut)

• Research Services
• 1 - 100 Employee

• Research Scientist

  • 1992 - 1994

  Tromsø, Norway • Developed and implemented a network transport protocol to support multimedia applications using a telemedicine video-conferencing system as a test platform. The research emphasis of this project was to provide reliable multi-peer connections through the use of network multicast facilities, along with the ability to synchronize data channels (e.g. voice and video). • Evaluated WAN solutions to enhance the Tromsø Satellite Station’s distribution of satellite imagery to its customers… Show more • Developed and implemented a network transport protocol to support multimedia applications using a telemedicine video-conferencing system as a test platform. The research emphasis of this project was to provide reliable multi-peer connections through the use of network multicast facilities, along with the ability to synchronize data channels (e.g. voice and video). • Evaluated WAN solutions to enhance the Tromsø Satellite Station’s distribution of satellite imagery to its customers. • Advisor for students doing semester and thesis projects at the University of Tromsø. Show less



CSC

• United States
• Information Technology & Services
• 700 & Above Employee

• Network Engineer

  • Jun 1990 - Oct 1992



NASA Ames Research Center

• United States
• Aviation and Aerospace Component Manufacturing
• 700 & Above Employee

• Network Engineer

  • 1989 - 1991

  Mountain View, California



University of Oregon

• United States
• Higher Education
• 700 & Above Employee

• Network Engineer

  • Aug 1989 - May 1990

  Eugene, Oregon Area



Sparebanken Vest

• Norway
• Banking
• 500 - 600 Employee

• Consultant

  • Dec 1987 - Jul 1988

  Bergen Area, Norway De facto system administrator. Complete charge of all aspects of a microVAX/VMS and PC network, including software installation, design and implementation of backup utilities, and database software management. Trained systems staff in basic VAX/VMS and DECnet management