About me
Experienced cybersecurity and GRC leader with over 15 years’ of experience in ensuring the organization’s security needs align with their business and operational needs. Believer in high-impact, value-driven controls. Enforcer of prudent security culture. Able advocate in boardroom and executive presentations.
Experience in senior roles with residence in United States, Europe, Canada, and most recently the Persian Gulf region. Highly adaptable.
Certifications include the CISSP, C|CISO, CySA+, and UK and European IT Risk Management certifications. Additional US/DoD credentials include the IAM and IEM certifications from the U.S. National Security Agency. Lastly, the CompTIA Project+ and CTT+. Committed lifelong learner.
Hands-on experience with leading frameworks and standards, including ISO 27001 and 27002, NIST Cybersecurity Framework, CIS Critical Security Controls v8, and PCI DSS. Have assisted in SOC-2 attestations.
Actively supports the next generation of cybersecurity professionals by mentoring new graduates entering the field. Regularly contributes as a speaker and panelist at conferences, with a strong passion for building meaningful professional connections and communities. Published author of several cybersecurity books (see Publications on LinkedIn profile).
Outside of work, a fun dad, good husband, and a decent baker.
LinkedIn