My passion is to make information security accessible and achievable to any organization. I have worn many hats in my career to provide value to the ever-evolving tech landscape, including program manager, governance analyst, incident responder, CISO's Chief of Staff, Global Security Assurance Director, and now, consultant. I have a Master's of Science in Cybersecurity, and am a Certified ScrumMaster and SAFe 4 Agilist.
My mission is to make the daily lives of security leaders less daunting, so that we can all stay connected to WHY this space is so meaningful to us.
After working in a large software organization for many years, I began to feel that I lost touch with my "why." I worked with multiple career coaches and mentors to realign with my purpose in this industry. Ultimately, I realized that my unique strength is found in building bridges between people and technology, especially when change, clean-up, and transformation are required. I founded SecurityLex in order to live that purpose and share it with others.
I have learned through experience that protecting our personal and business information is as much an effort in cultural development as it is a technological advancement.
Whether you are looking to protect your business from cyber threats, remediate following an incident, or implement compliance controls, your technical success starts and ends with your people. My services allow you to balance the attention on the technical needs of your organization with the dependency on a superstar team.
We all want better, yet we resist change. What's that about? At least when it comes to security, we can be strategic with how, when, and where we implement [technical and cultural] change for the better. By developing the right approach, unique to each organization and environment, we can enact significant changes that both empathize with the employee experience while thwarting the ability of threat actors.
As a seasoned security practitioner across various domains, I provide strategic and operational security leadership where companies may need an interim, part-time, or fractional Chief Information Security Officer.
For SMBs, start-ups, or enterprises without a full-time CISO, my vCISO services will provide dependable, attentive security council. Our partnership will differentiate your organization with proactive, on-demand, and affordable security leadership.
For CISOs and other Tech Execs: You have a lot on your plate, and I bet not all of it should be yours (alone) to handle. "Leave it with me" is what you will hear from me often. I will work with you to understand your point of view, challenges, and goals so you can focus on the 'top right quadrant' with a reliable sidekick to keep momentum on everything else.
My Virtual Chief of Staff (vCOS) services include strategy development, defining and measuring KPIs/KRIs, human resources management and talent acquisition oversight, budget planning, and preparing for key engagements with Boards and other stakeholders.
When you know what needs doing but you don't have the bandwidth to oversee all the moving parts in parallel, you need a senior program manager who can provide the necessary structure and governance to activate your strategy. I can join an existing program management office to add burst capacity or work independently to coordinate top level priorities across your leadership team.
You're a great leader, your team is talented, and a strong program manager like me can help you demonstrate it.
Let's replace the old adage that "users are the weakest link," with "users are our first line of defense." As security leaders, it is our duty to enable employees with the knowledge and resources to treat security as a shared responsibility. Training does not need to be boring! I never expected that my hobby for the arts and graphic design would become an asset in my tech career, but when it comes to security awareness training, the creative touch makes a big difference.