Cybersecurity & Management Professional · Zero Trust
I help organizations reduce exposure of the data and systems they depend on — on‑premises or cloud‑hosted — and build security programs that protect information assets while advancing business objectives.
Be prepared for the next event, and you will have achieved 50% of readiness.
As a cybersecurity professional, I manage the risks that reduce the exposure of data and information resident on systems — whether on‑premises or cloud‑hosted — from unauthorized access.
My approach pairs deep technical security with management discipline: I understand both the packets and the policies, the controls and the KPIs that prove they work. The result is security that is measurable, defensible, and aligned with the business.
Let's establish a business relationship that protects your information assets and supports your objectives.
Core competencies spanning security architecture, risk, cloud, and the management discipline that turns technical work into business outcomes.
Designing Zero Trust architectures across user identity, device posture, and applications — securing modern, perimeter‑less environments.
Implementing the NIST Risk Management Framework and data‑privacy programs that are auditable and aligned to regulatory expectations.
Securing workloads, applications, and infrastructure across AWS, Microsoft Azure, and Google Cloud as organizations migrate to and operate in the cloud.
Target‑Based Execution with SMART outcomes — process management, resource alignment, and KPIs that build efficient, scalable systems.
Engagements that protect technology assets and move objectives forward — from strategy through implementation and ongoing assurance.
Target‑Based Execution (TBE). I work with you to define requirements, resources, and timelines — setting the stage for strategic alignment with SMART outcomes.
Zero Trust applied across user identity profiles, device posture (IoT, mobile, servers, workstations) and applications — a unique matrix that traditional approaches can't manage alone.
Process management, resource allocation, and KPIs are the foundation of efficient systems — no matter how complex. I understand the difference between logs and metrics.
Certified in Risk & Information Systems Control (CRISC) and Data Privacy (CDPSE). I adopt the Risk Management Framework to categorize, control, assess, authorize, and monitor.
As organizations move workloads and infrastructure to the cloud, I implement and manage the controls that keep them secure — backed by AWS (SAA, Security Specialty), Azure (AZ‑500, SC‑100) and Google Cloud (Professional Cloud Security Engineer) certifications.
Azure Virtual Desktop delivers virtualized Windows desktops and apps securely in the cloud for the enterprise. I deliver it with two defining certifications — AZ‑500 and AZ‑140.
A perspective on what must be actioned to protect your environments — translating the technical reality into governance leadership can act on.
Designing and implementing bespoke security controls inside a proprietary platform where off‑the‑shelf tooling didn't fit.
A real‑world account of detecting a ransomware incident and driving recovery — what worked, what was learned, and what to harden next.
Let's establish a business relationship that protects your information assets and supports your objectives. Tell me about your environment and what you're trying to achieve.
Occasional notes on Zero Trust, cloud security, and turning risk into readiness.