About
I'm a believer.
I believe a secure enterprise starts with its people. My goal is to foster secure habits through hacking the human bean to develop good security habits.
I believe good design changes lives and good education saves lives. To that end, I do security and awareness with a dash of visual design.
Work Experience
Cribl powers Security and IT as the ultimate data engine. At Cribl, I’m part historian, custodian, and strategist: crafting docs, creating content, and persuading teams to engage—all to build clarity and shape the game plan for conquering the next fiscal year. And the year after that.
Lead metrics-driven security training, policy creation, and user portal management. Collaborate across teams to deliver and promote training on security, SDLC, and data privacy.
Craft communications, visualize metrics with Brand/Marketing, and drive engagement via blogs, presentations, and Slack. Developed Risk Governance runbooks and launched an intern program.
2017 - 2021
-
Sat on the Cyber Security Assurance team; ran SOC 2 annual certification. Built Risk Register prototype in Jira, drafted enterprise risk, SOC 2 & COSO kbase in Confluence for end users and auditors. Contributed to FedRAMP documentation.
-
Wrote related security documentation and runbooks. Ran risk and SOC 2 education.
2016 - 2017
-
Operationalized and documented IT processes for automation.
-
Admined Atlassian stack of tools: Jira, Confluence, Fisheye, Crucible. Wrote and published end user support kbase articles.
Projects
A short talk, What I Learned at SANS Security Summit, and it took off. Short, actionable, and still relevant three years later. Spoiler: the problem is (still) humans.