ON THE LIGHTER SIDE OF THINGS , WE

INSIDE AND OUTSIDE THE OFFICE .

What would you describe as your most memorable achievement in the cybersecurity industry ?

I ’ ve been honoured that a number of organisations have taken a chance on me , my skills , my talents and my abilities to be their security leader . For many of these organisations , I was the first security leader who built the foundations of the security program , expanding the program to include incredibly talented security , GRC , privacy and IT professionals .

Notably , being asked to be Drata ’ s CISO has been one of the highlights of my career . Being a CISO at a security company demands more from a security person than any of the prior CISO roles I ’ ve had , including heavy involvement in product , marketing , sales , customer success , strategy , and – scariest of all for me – being up on stage presenting in front of large audiences !

Aside from professional achievements , a personal accomplishment of mine is being able to share what I do with my family . When we take family road trips with our kiddos , they all look forward to catching up on the latest Darknet Diaries podcast episode together !

What first made you think of a career in cybersecurity ?

I was born in the GRC space , starting my career at Ernst & Young ’ s Seattle office helping a number of Seattle-area technology companies start , accelerate and assess their GRC programs . From there , I moved over to AWS to help be part of the founding AWS Compliance team with incredible people , defining how GRC practices apply to the newly available ‘ cloud ’. Early in this journey , I realised how foundational a well operating GRC program has on a well-rounded and robust security program .

After helping six products go through the FedRAMP authorisation process at Adobe , I realised I wanted to set out to become a security leader . I joined a fintech company where that journey included a deep dive into the technical security engineering and operations aspects that not many GRC team members have the opportunity to do .

This is what really fuelled the passion I had inside of me for hardcore security – all still while not neglecting all of the GRC and customer-facing , trust-building abilities I had accrued during the first part of my career . Unsurprisingly , my mechanicalengineering-wired brain is wired to dissect how everything works around me .

This ability applied to technology , organisations and processes seemed to make a pairing that has been inseparable to the point of loving security space with like-minded people who use this same ability to protect and defend our organisations .

What style of management philosophy do you employ in your current position ?

My style of management philosophy has been an on-going journey of discovery , but is rooted in being collaborative , inclusive , transparent ,

My mechanicalengineeringwired brain is wired to dissect how everything works around me .

WWW . INTELLIGENTCISO . COM 67