Tech Nerd, Infosec Focused, Outdoor Enthusiast, Family Man

about Me.

Over my career, I have held both internal and consultative roles helping clients and employers reduce risks and improve their security programs. I have led or am leading engagements including penetration testing, vulnerability analysis, security audits and security program development. I hold my CISSP as well as certifications on ISO/IEC 27002 and AWS Certified Solutions Architect.

Currently I lead the US security architecture team for BBVA. My responsibilities include establishing an enterprise security architecture framework as well as designing and developing processes to ensure that proper security architecture is implemented within projects in the US. This includes working with many teams to develop security and governance baselines. Our team is also heavily focused on establishing and improving the governance and security within AWS infrastructures.

Presentations.

We understand your requirement and provide quality works.

Social Media.

Blog

Some thoughts...

The Capital One Breach And What We Should Really Be Talking About

I’m not going to try and write anything regarding the attack vector, Erick Johnson did that well here: https://ejj.io/blog/capital-one I’m not going to give an executive overview, Krebs did that well here: https://krebsonsecurity.com/2019/08/what-we-can-learn-from-the-capital-one-hack/ I really just…

The Assumed Breach Model – A Practical Approach Part 3

In Part 1 of this series I gave a brief overview of the assumed breach model of security. In Part 2, I dove into some details about major components to implementing the assumed breach…

#Spectre and #Meltdown – What do we do?

Seems like now about every 6 months or so every asks this same question about some new vulnerability. The answer should be the same, do the same thing you should have been doing before…