Chief Information Security Officer
Senior leader focused on building highly functional assurance and engineering teams across multiple technology domains. 30+ years of experience covering all aspects of product security at scale across Microsoft, AWS, and Google. Contributed foundational elements to the Secure Development Lifecycle (SDL/SDLC), “Patch Tuesday”, Threat Modeling concepts/tooling and more. Currently leading the Android Product Security efforts across all phases of the security development lifecycle. These efforts protect 3+ Billion users across hundreds of device manufacturers and network operator partners. This includes all aspects of incident response, ecosystem engagement, secure coding practices, enterprise security policy, network security, Red Team, Android device security requirements, pen testing, etc. My team operates one of the largest bug bounty programs in the world. Previously I led Amazon Web Services (AWS) EC2 Windows Product Management. Defined vision and road map for a billion dollar P&L. Before that I led the Microsoft Digital Rights Management (DRM) product. Responsible for digital content protection across Windows, Phone, XBOX (360/XBox One), as well as the developer platform (PlayReady) used by over 1200 partners. Delivered protected content support for Windows 8.1 and XBOX One, iOS, and Android. Prior to this role I was the leader of the Windows 8 Networking team. Responsible for Network Security, Seamless Connectivity, DirectAccess (remote access/access control product), and cross premise hybrid cloud connectivity. This includes technologies such as Windows Firewall, IPsec, TCP/IP v6, and related components. Earlier, I had leadership roles in the Microsoft Security Response Center (MSRC) / Secure Windows Initiative (SWI) groups. Had multiple leadership roles in the MSRC over 4 years. Handled hundreds of security investigations, incident response, shipping over 1 Trillion security updates, and other various internal security projects. Helped to create the “patch Tuesday” concept. Built the SWI Tools organization to scale the SDL process across Microsoft. Delivered Microsofts first Threat Modeling Tool to the world.
- Company Name: Coinbase
- Job Title: Chief Information Security Officer
- Start Date: March 2022
- Company Industry: Internet
- Location: Kirkland, Washington, United States
Founded in June of 2012, Coinbase is a digital currency wallet and platform where merchants and consumers can transact with new digital currencies like bitcoin, ethereum, and litecoin. Our vision is to bring more innovation, efficiency, and equality of opportunity to the world by building an open financial system. Our first step on that journey is making digital currency accessible and approachable for everyone. Two principles guide our efforts. First, be the most trusted company in our domain. Second, create user-focused products that are easier and more intuitive to use.
Other Active Role:
- Company Name: GSMA
- Job Title: Deputy Chair, Device Security Group
- Start Date: September 2021
- Company Name: Google
- Job Title: Director of Android Security Assurance (Response/Product Security)
- Start Date: August 2015