Résumé

Owner and Director July 2021 - Present
Confluence Consulting Ltd

At Confluence Consulting Ltd, we specialize in guiding organizations to fortified cybersecurity through comprehensive services including red-teaming, adversary simulation, and offensive cybersecurity training.

• Mentoring, managing and providing performance metrics for organizations preparing for MITRE ATT&CK evaluations.
• Providing red-teaming, adversary simulation, threatmodeling and offensive cyber-security training.
• Producing network and memory detection evasions for select customers.

Solutions ArchitectApril 2022 - January 2023
Sophos Ltd

At Sophos Ltd, a global leader in next-generation cybersecurity, my role as a Solutions Architect was central to strategizing and developing robust cybersecurity solutions encompassing Attack Surface Management, Vulnerability Management, and Penetration Testing as a Service initiatives.

• Conducted strategic market analysis and technical evaluations, laying groundwork for Attack Surface Management, Adversary Emulation, and Penetration Testing as a Service services.
• Designed processes for in-house ASM, VM and PTaaS service offerings.
• Led offensive tool development for adversary emulation, SE training and sales enablement.
• Established cyber ranges for M&A evaluations, playbook development, NDR R&D and sales enablement.
• Assessed service alignment with standards such as HIPAA, PCI-DSS, ISO 27001, SOC 2, and GDPR, providing actionable insights to align offerings with these standards.

Security Technology StrategistApril 2015 - July 2021
Sophos Ltd

In my tenure as a Security Technology Strategist at Sophos Ltd reporting directly to the CTO, I played a crucial role in steering the technical direction of the Network and MDR engineering teams, aligning strategic visions with executive leadership, and fostering talent through mentorship and coaching.

• Provided executive leadership by directing technical evaluations for M&A initiatives and fostering engineering talent.
• Provided strategic vision and technical direction to the Network and MDR engineers.
• Key contributor to the organizational design, change management and initial operations of the MDR service.
• Played a key role in defining technical vision and re-architecting of Sophos’ NGFW product.
• Reported to the CTO and collaborated closely with the VP of Product on vision and roadmaps.
• Developed and authored executive reports summarizing compliance standards such as HIPAA, PCI-DSS, ISO 27001, SOC 2, and GDPR. Evaluated the applicability of current offerings to these standards and provided actionable insights
• Directed Sophos’ network security and MDR 3rd party evaluation partnerships.

Solutions ArchitectMay 2014 - November 2015
Impact Effect Systems Inc

Serving as a Solutions Architect at Impact Effect Systems Inc, I bridged the gap between business requirements and technical solutions, steering the alignment and execution of engineering projects to meet business objectives.

• Collaborated with senior management to ensure alignment of business requirements with technical solutions.
• Oversaw the execution of engineering projects, ensuring alignment with business objectives.
• Provided reporting and operational forecasting to the business development and platform architecture teams.

Vulnerability Research ManagerMay 2012 - April 2015
Sophos Ltd

At Sophos Ltd, my role as Vulnerability Research Manager involved establishing engineering best practices, development methodologies, quality standards and SLAs for networking threat research, detection development, devOps and release teams.

• Established engineering best practices, development methodologies, quality standards and SLA for networking threat research, detection development, devOps and release teams.
  
• Ensured timely and high-quality delivery of software releases.
• Developed curriculum and coordinated training of offensive and defensive security techniques.

Principal Threat ResearcherAugust 2006 - May 2012
Sophos Ltd

As a Principal Threat Researcher at Sophos Ltd, I orchestrated advanced threat intelligence collection and steered the response to emerging security threats, safeguarding organizational and client interests.

• Orchestrated advanced threat intelligence collection.
• Managed both the process design and implementation of security responses to current and emerging threats.
• Led both SophosLabs’ Apple Threats Research and Sophos’s Network Intrusion Research engineering groups in developing and delivering cutting-edge software solutions.
• Contributed key changes to both endpoint and network detection and remediation engines.

Intrusion Detection and Protection ResearcherSeptember 2005 - August 2006
Fortinet Inc

At Fortinet Inc, I was a key contributor to the development and implementation of intrusion detection and prevention technologies.

• Guided the development, testing and implementation of intrusion detection and prevention technologies.
• Identified emerging offensive computing technologies, and developed identification and detection technologies.

Security ConsultantMay 2002 - September 2005
STB Technologies/Confluence Consulting Ltd

As a Security Consultant, I played a critical role in enhancing clients’ cybersecurity awareness and responses through guided technology exploration and strategic advice.

• Oversaw real-time responses to security events, directing departmental budgeting and organization-wide budget planning.
• Provided Incident Response, Malware Analysis and Forensics Services.

Systems EngineerAugust 2001 - May 2002
Mountain Equipment Co-op

At Mountain Equipment Co-op, I managed the deployment, operations, and management of enterprise-wide intrusion detection systems across Canada, securing the organization’s vast network infrastructure.

• Oversaw the deployment of intrusion detection and anti-virus systems nationwide, enhancing the organization’s cybersecurity posture