Cybersecurity Professional CISSP Penetration Tester
Turning complexity into control — securing systems, people, and data at scale.
About Me
A security professional driven by curiosity, rigor, and a commitment to building defenses that last.
I am a dedicated cybersecurity professional with a strong foundation in both technical defense and strategic governance. With advanced degrees from Trine University and Davenport University, I bring a rigorous academic perspective to real-world security challenges. My work bridges the gap between technical security controls and organizational risk management — helping enterprises build resilient, compliance-aligned security programs that stand up to modern threats.
Trine University
Information Security & Technology Management
Davenport University
Cyber Defense & Security Operations
Security is most effective when built in from the start. I prioritize threat modeling, red-team thinking, and continuous assessment to stay ahead of adversaries rather than reacting to breaches.
Regulatory frameworks like NIST and ISO 27001 aren't checkboxes — they're operational blueprints. I translate compliance requirements into actionable security controls that actually reduce risk.
Technology alone doesn't secure an organization. I invest in educating teams, building security-aware cultures, and ensuring that every stakeholder understands their role in the security posture.
Areas of Expertise
Deep technical knowledge paired with strategic thinking across the full security lifecycle.
Designing layered, defense-in-depth security architectures that align with business objectives and scale with organizational growth.
Conducting authorized offensive security assessments to identify vulnerabilities before malicious actors can exploit them.
Translating complex regulatory frameworks into actionable security programs that satisfy auditors and reduce real-world risk.
Applying machine learning techniques to threat detection, anomaly detection, and security automation while securing AI systems themselves.
Collecting, analyzing, and operationalizing threat intelligence to inform defensive posture and proactive countermeasures.
Leading coordinated responses to security incidents — from initial detection through containment, eradication, and post-incident review.
Credentials
Validated expertise across security domains, governance, and offensive security practices.
CISSP
Certified Information Systems Security Professional
(ISC)²
CC
Certified in Cybersecurity
(ISC)²
Security+
CompTIA Security+
CompTIA
PenTest+
CompTIA PenTest+
CompTIA
CNVP
Certified Network Vulnerability Professional
CompTIA
CPT
Certified Penetration Tester
GAQM
IBM
IBM Cybersecurity Certification
IBM
Proofpoint
Proofpoint Security Certification
Proofpoint
XM Cyber
XM Cyber Attack Path Management
XM Cyber
9 active certifications across 5 issuing bodies
Insights
Practical perspectives on security architecture, emerging threats, and building resilient programs.
Zero Trust has become one of the most overused terms in enterprise security. Here's what it actually means and what it takes to implement it in a way that reduces real risk.
Most Zero Trust programs stall after the first phase. The reason is almost never technical. Here's how to build a roadmap that survives contact with your organization.
Machine learning in security operations creates as many false positives as it prevents. Here's how to tune your detection models and build analyst workflows that scale.
Large language models introduce a new class of vulnerabilities that traditional security controls weren't designed to catch. Here's what security teams need to understand now.
The updated framework introduces a new Govern function and expands scope beyond critical infrastructure. A practitioner's guide to mapping your existing controls to the new structure.
A penetration test is not a vulnerability scan with a human attached. Here's what a real engagement looks like from scoping to final report and what separates useful findings from checkbox compliance.
Get In Touch
Available for consulting engagements, speaking opportunities, and strategic security advisory roles.
Whether you need a security architecture review, a penetration test scoped for your environment, or a keynote that makes compliance genuinely interesting — reach out and let's talk.