Bio

I didn't fall in love with cybersecurity because of the checklists. I fell in love with it because every broken system has a story — and if you tell that story wrong, nothing gets fixed.

I learned that early, working vulnerability engineering in federal and DoD environments where the gap between what analysts knew and what leadership understood could cost more than a budget cycle. I spent years building bridges across that gap: in GRC consulting, in pre-sales and post-sales engineering, in boardrooms trying to explain why "critical" means something different than "urgent." Eventually, I stopped waiting for someone else to build a better framework for doing it and wrote one myself.

That's where the Saga Framework came from — a methodology for turning security findings into narratives that executives actually act on. It's also where the Dreaming Tower Archives came from: a world-built fantasy series where the Glitchborne are APTs, the Cipher Monks handle cryptography, and every chronicle teaches a real security concept to someone who never thought they'd care about one.

Today I'm a Senior Solutions Engineer at PlexTrac and the founder of Basilisk Security Consulting. I work with organizations to design security programs that hold up under audit and board scrutiny. I speak at conferences on how practitioners can stop writing for analysts and start writing for the people who control the budget. And I'm building toward the kind of Field CTO role where I can do both at scale.

The throughline has always been the same: find what's broken, build what's missing, teach people to run it without me.

What I Focus On Now

Right now, my work centers on a few core themes:

• Turning pentest and vulnerability data into real remediation programs
• Designing workflows that help security teams move from findings to fixes
• Acting as the voice of the customer in product and platform strategy
• Teaching security teams and executives how to communicate risk clearly
• Exploring creative ways to make security more human and more memorable

Career Direction

I’m building toward a future in Field CTO and security evangelism roles focused on product strategy, customer advocacy, and industry education. My goal is to help shape how security tools are built, how risk is communicated, and how teams design programs that scale beyond compliance.

Resume

  • Strategic field engineer working across enterprise pre sales, customer adoption, churn recovery, and product strategy.

    • Lead complex enterprise demos, POVs, and executive technical sessions across vulnerability management, pentesting, and exposure management programs

    • Serve as technical owner for strategic and at risk accounts, stabilizing relationships through workflow redesign, retraining programs, and executive advisory sessions

    • Recover and retain churn risk customers by diagnosing adoption failures and rebuilding remediation and reporting workflows aligned to operating models

    • Partner closely with Product and Engineering to influence roadmap features in remediation, reporting, CTEM workflows, and platform usability

    • Design and deliver customer success webinars, bootcamps, platform training videos, and enablement programs used across customers and GTM teams

    • Author technical blogs, competitor analysis, and sales battlecards supporting product positioning and market education

  • Supported commercial and federal accounts at a high growth cybersecurity startup. Led technical demonstrations, POV deployments, RFI submissions, and customer workflow alignment across DoD and civilian agencies.

  • Primary federal and DoD field engineer covering mobile threat defense, federal financials, and systems integrators.

    • Led pre sales and post sales technical strategy across multiple federal territories

    • Presented at major DoD cyber conferences including AFITC, Fort Detrick Cyber Day, and AFCEA West Indo Pacific

    • Served as board representative for the Lookout Foundation and program lead for the Day of Shecurity virtual conference

  • Founder and lead consultant providing governance, risk, and compliance advisory services to federal and commercial clients.

    • Delivered executive advisory, policy development, and risk program design for large scale federal security programs

    • Advised the United States Air Force FIAR CISO Program on POA&M modernization, risk tolerance strategies, and enterprise risk governance

    • Built executive dashboards and reporting programs for multi tier risk visibility

  • Supported vulnerability remediation, POA&M lifecycle management, and compliance operations for United States Coast Guard Cyber Command programs.

  • Focus: Governance, risk, and compliance management, policy management, executive engagement, and audit support

    • Progressed from intern to senior analyst within the corporate information security team

    • Led corporate POA&M executive briefing program and delivered regular updates to CISO, CIO, and senior leadership

    • Supported OIG and GAO audits, security control assessments, and enterprise policy governance

    • Built security awareness training and executive level reporting programs

Education

MS, Cyber Forensics - Stevenson University (2021)

BS, Cyber Security - University of Maryland, University College (2013)

BS, Computer Network & Security - University of Maryland, University College (2013)

Patent

Device-based Security Scoring

US-11537721-B2 · Issued Dec 27, 2022

Writing, Speaking, and Media

I regularly write and speak on topics including exposure management, remediation workflows, pentest reporting, product strategy, and security storytelling. My work includes technical blogs, customer success webinars, bootcamps, podcasts, and conference presentations focused on helping teams bridge the gap between findings and fixes.

Writings
Media & Talks