I previously served as the Head of Global Cyber Security for Ubisoft, where I led all efforts in information security. My group protected over 20,000 employees worldwide with a vast scope (see job desc for more).
In my previous roles such as Director of Penetration Testing, I led efforts on matters of information security consulting. The gamut stretched from developing penetration testing plans for Fortune 100 companies to competing in "bake-offs" to win business against other top-tier consulting vendors.
I have also served as a Director of Operations, leading teams of highly technical Application Security Engineers and Technical Operations staff. In this role, I was an extension of (and advisor to) over 300+ security programs across many industry verticals. Under my direction, my team triaged over 22,000 vulnerabilities in 2018-2019 alone.
Personally, I love being in the trenches and performing actual assessments, but I am also adept at handling clients, architecting solutions, designing services, improving business processes, managing technical consultants, training, technical writing, marketing, and delivering solutions.
While my strengths are web, network/infrastructural, and mobile security, I have personally performed a myriad of other services and implemented them for a consultancy as a deliverable (mainframe, wireless, cloud assessment, database, OSINT, APT simulation, binary reversing, and static code analysis).
In my free time, I write for several information security publications and am a semi-regular capture-the-flag player. I speak regularly at security conferences globally (DEFCON, Blackhat, OWASP, and many more).
While I never call myself a "master" of anything, I do have a very particular set of skills; skills I have acquired over a very long career. These skills make me adept at helping businesses, finding security vulnerabilities, and leading a business to a better security posture.
- Arcanum Information Security - CEO & Hacker & Trainer (January 2024 - Present)
- Flare - Field Chief Information Security Officer (Part Time) (February 2024 - Present)
- Bugcrowd - Strategic Advisor (Part Time) (April 2024 - January 2025)
- BuddoBot - Chief Information Security Officer (January 2023 - December 2023)
- Ubisoft - Head of Security and Risk Management (July 2019 - January 2023)
- Bugcrowd - VP of Researcher Growth (October 2018 - June 2019)
- Bugcrowd - VP of Trust and Security (January 2018 - October 2018)
- Bugcrowd - Head of Trust and Security (September 2016 - January 2018)
- Bugcrowd - Director of Technical Operations (May 2015 - September 2016)
- HP Fortify - Director of Penetration Testing (November 2011 - May 2015)
- HP Fortify - Sr Security Consultant (September 2010 - November 2011)
- Bugcrowd Inc - Security Researcher, Leaderboard Position #1 (March 2014 - October 2014)
- Redspin, Inc - Sr. Security Engineer / Lead Penetration Tester (August 2009 - September 2010)
- Citrix Online - IT Generalist (March 2007 - August 2009)
