Track Record
Outcomes
Measurable results delivered across regulated financial institutions, fintech platforms, and digital infrastructure โ spanning risk reduction, AI-driven security, and regulatory compliance.
92%
Phishing Reduction
Enterprise-wide awareness program; measured against pre-program baseline over 12 months.
95%
Vuln SLA Improvement
Sev 4โ5 vulnerabilities past SLA reduced month-over-month via risk-prioritized remediation.
85%
Privacy Incident Reduction
AI-driven endpoint security reduced accidental data exposure across a 1,200+ endpoint environment. ๐ค AI
60%
MTTR Reduction
Mean time to detect and respond to technology risk events, post incident response framework overhaul.
AI-Driven Security Outcomes
๐ค AI-Powered85%
Endpoint Privacy Incidents โ
Deployed AI-driven behavioral detection across all user endpoints at DMT. Privacy incidents and accidental data exfiltration dropped 85% within 90 days of deployment.
<4hr
AI Threat Detection Latency
AI-augmented SOC workflows reduced average time from alert trigger to analyst-verified finding from 18 hours to under 4 hours across tier-1 and tier-2 incidents.
3ร
Analyst Coverage Multiplier
AI triage and auto-classification of security events allowed a lean SOC team to effectively monitor 3ร the prior alert volume without headcount expansion.
AI Governance Track Record
AI Policy
Authored enterprise AI Governance Policy (v2) covering tiered risk classification, acceptable use, incident response, and third-party AI vendor evaluation โ aligned to NIST AI RMF and emerging SEC AI disclosure expectations.
AI Risk
Evaluated and risk-scored AI security vendors (including behavioral analytics and LLM-integrated tooling) against regulated financial services risk thresholds โ operationalizing AI risk management before it became a regulatory mandate.
AI Agents
Developed enterprise accountability framework for AI agents and MCP (Model Context Protocol) integrations โ addressing the orchestration layer gap before industry standards emerged. Presented to executive leadership as a board-level risk topic.
Risk Reduction & Resilience
Vulnerability Management
95%
SLA Adherence Improvement
Built risk-prioritized vulnerability management program at Black Knight. Sev 4โ5 findings past SLA reduced 95% month-over-month. Program scaled across 150+ team members and 40+ annual audits.
Incident Response
60%
MTTR Reduction
Redesigned incident response and issue management framework. Mean time to detect and respond reduced 60%, with structured escalation paths to the Board Risk Committee on Key Risk Indicators.
Cloud Migration
0
Data Breaches During AWS Migration
Governed full enterprise migration to AWS at Black Knight โ including digital customer journeys, API ecosystems, and cloud infrastructure โ achieving zero data breaches following AWS Well-Architected risk principles.
Data Loss Prevention
DLP
Deployed Across All Channels
Designed and deployed enterprise DLP solution covering endpoints, email, and cloud environments at DMT. Integrated with SOC for real-time exfiltration alerting across all digital channels.
Identity, Access & Supply Chain
IAM Framework
Dark Matter Technologies
Led design and deployment of an enterprise IAM framework with least-privilege principles, RBAC, and automated provisioning. Eliminated standing access for privileged roles and reduced identity-related risk findings by over 70% in the first compliance review cycle.
Third-Party Risk
DMT & Q2 Banking
Integrated vendor monitoring directly into SOC operations at both DMT and Q2, providing continuous real-time visibility into third-party risk posture. Replaced point-in-time questionnaire reviews with ongoing behavioral and telemetry-based assessments.
Supply Chain Security
Black Knight
Established supply chain risk controls aligned to NIST SP 800-161 across a vendor ecosystem supporting SaaS platforms serving the VA and major financial institutions. Maintained clean audit posture across 40+ annual SOC 2 Type II and PCI DSS assessments.
Regulatory & Compliance Performance
40+
Audits Per Year
SOC 2 Type II and PCI DSS audits led annually at Black Knight โ zero material findings escalated to remediation failure.
5
Regulators Managed
OCC, FDIC, FRB, VA, and state-level examiners โ across banking and federal agency client obligations.
4
Frameworks Implemented
NIST SP 800-53, NIST RMF, PCI DSS, and ISO 27001 โ operationalized across enterprise environments, not just documented.
Regulatory Examination Track Record
โ Zero enforcement actions across 12+ years of OCC/FDIC examinations at First Federal Bank
โ FISMA compliance maintained for VA-facing SaaS platforms over a 10-year period at Black Knight
โ NIST RMF standards enforced for federal agency partners at DMT; clean third-party audit cycle
โ PCI DSS scope reduction achieved through architecture redesign, reducing cardholder data environment surface by ~40%
โ GDPR and CCPA readiness programs implemented across global digital platforms
โ Board Risk Committee KRI reporting delivered quarterly โ forward-looking, decision-grade risk intelligence
Team & Program Scale
150+
Team Built & Led
Global risk and security professionals across Black Knight โ including SOC, AppSec, GRC, and third-party risk functions.
$21M
Budget Managed
Annual security program budget at Black Knight โ allocated across tooling, staffing, compliance, and strategic initiatives.
25+
Years in Security
From CIO at a regulated community bank to CISO at publicly traded fintech โ across the full arc of modern financial services security.
3
CISO/CRISO Roles
Black Knight, Q2 Digital Banking, and Dark Matter Technologies โ each in highly regulated, complex technology environments.