From pioneering network management solutions at IBM and Boeing to shaping global security standards at Microsoft, my career has been defined by innovation, transformation, and leadership. I thrive at the intersection of technology, business strategy, and cybersecurity, helping organizations scale their security capabilities and adapt to evolving digital landscapes. Throughout my journey, I’ve seamlessly navigated high-tech industries, entrepreneurship, and cybersecurity governance, bringing a forward-thinking approach to every challenge. Whether launching a groundbreaking Spanish food and wine import business in Singapore, driving advertising automation at Microsoft, or leading Patch Tuesday operations at the Microsoft Security Response Center (MSRC), I’ve consistently delivered impact through strategic execution and innovation.
Currently, as an active CVE Board Member and Co-chair of the Tactical Working Group, I help shape the strategic direction of the CVE program, ensuring vulnerability data is accessible and actionable for cybersecurity professionals worldwide.
Show MoreDetailed Biography
With decades of experience spanning cybersecurity strategy, vulnerability management, and security operations, I have built a career leading transformative initiatives in both the public and private sectors. From pioneering incident response frameworks at IBM and Honeywell to shaping global security standards at CVE, FIRST, and Red Hat, my work focuses on advancing collaboration, automation, and resilient security solutions.
As a CVE Board Member and as an Officer of the CVE Foundation, I contribute to expanding cybersecurity transparency and automation. My leadership in the FIRST PSIRT SIG and VulnCon 2024–2025 reinforces my commitment to empowering the security community with best practices for vulnerability management. My military and industry experience, coupled with my expertise in information sharing, incident response, and secure development, allows me to bridge the gap between cybersecurity policy and real-world implementation.
I am currently a Senior Director of Product Security and Incident Response at Red Hat, where I have played a pivotal role in secure development and incident response programs. My work extends to upstream security initiatives, including CVE, CVSS, CSAF, and PSIRTs, ensuring that security operations integrate seamlessly into business objectives.
Prior to Red Hat, I held several leadership roles across cybersecurity and risk management, including Senior Director for Security at Honeywell and Cybersecurity Strategist at IBM, where I managed vulnerability and incident coordination under the IBM X-Force. Before IBM acquired Internet Security Systems (ISS), I served as Special Assistant to the CEO, focusing on National Infrastructure Advisory Council (NIAC) challenges and assisting in the formation of the Information Technology – Sector Coordinating Council (IT-SCC). I recently returned to the IT-SCC Executive Committee as Treasurer, strengthening its industry engagement.
My career in information sharing and cybersecurity operations extends to my tenure as Operations Center Director of IT-ISAC, where I fostered coordination across sector ISACs. My commitment to cybersecurity governance also includes service on the Board of Directors for FIRST, where I held the role of Chief Financial Officer, and leadership as President of the Industry Consortium for Advancement of Security on the Internet (ICASI).
I have also contributed to national cybersecurity policy as a Commissioner for the CSIS Cybersecurity Commission for the 44th Presidency, helping develop recommendations for public-private collaboration in cybersecurity. Beyond my civilian career, I am a retired Lieutenant Colonel in the U.S. Army, bringing strategic discipline and operational leadership to my cybersecurity expertise. I hold a Master’s degree from the University of Phoenix, a Bachelor of Science in Business Administration from Rollins College, and I am a graduate of the U.S. Army Command and General Staff College.
My leadership is centered on community engagement, innovation, and the integration of security operations to support business objectives. My strategic vision continues to shape cybersecurity practices across industries, government, and international forums.