Summary

Strategic security professional with extensive experience driving product and cloud security initiatives, championing the integration of security throughout the SDLC, and aligning risk reduction with customer trust and business outcomes. Proven ability to lead cross-functional teams, guide risk-informed decisions, and influence senior leadership to help deliver secure, scalable solutions that meet customer needs. Trusted partner to engineering organizations with deep expertise in vulnerability management, compliance, and secure design, with a strong customer-first mindset.

Professional Experience

Adobe

Principal Security Partner (Technical Program Management) Apr 2024 – Aug 2025

• Led security program management across three cloud business units (29 services including GenAI), defining program intake criteria, review cadence, and escalation paths across engineering, product, and executive stakeholders.
• Worked with engineering teams to integrate threat modeling, secure code review, and automated testing into existing SDLC workflows, contributing to reduced repeat vulnerabilities and improved security consistency.
• Developed and maintained operational dashboards (Jira, Databricks, Power BI) to provide visibility into vulnerability trends, testing coverage, and compliance signals used in leadership reporting.
• Facilitated product risk exception reviews in partnership with Security Risk Management, helping define submission criteria, assess risk levels, and track inclusion in the enterprise risk register.
• Partnered with Sales and Product teams to track completion of required compliance activities (SBOM, FedRAMP, SOC 2) and address customer security and compliance questions.
• Improved annual security planning cycles by formalizing stakeholder feedback loops; implemented 80% of requested changes, improving engagement and roadmap adoption for FY2026.

Product Security Manager, Strategic Remediation Sep 2022 – Mar 2024

• Owned the Strategic Remediation Program, leading security initiatives from discovery and planning through coordinated remediation execution to reduce systemic product security risk across multiple cloud business units.
• Conducted root cause analysis on cross-product vulnerabilities (e.g., dependency confusion, account takeover), using data-driven insights to identify systemic trends and prioritize remediation efforts across affected products.
• Maintained visibility into the product security risk portfolio for remediation initiatives, coordinating cross-team execution and ensuring alignment with enterprise risk management and compliance objectives.
• Provided executive-level visibility into remediation progress, risk reduction, and emerging trends through regular status reporting and leadership briefings.
• Led a team responsible for remediation planning, tracking, and follow-through, setting priorities and ensuring consistent execution across multiple product organizations.

Senior Cloud Security Engineer, Risk Management Mar 2022 – Aug 2022

• Evaluated and quantified product security risk across Adobe’s Creative Cloud product portfolio.
• Conducted product risk assessments with Security Partners and provided mitigation recommendations to product teams.
• Presented product risk findings and recommendations to senior security leadership and key stakeholders.

Information Security Manager / Sr. InfoSec Analyst Jul 2019 – Apr 2022

• Managed the customer security engagement program for Digital Media, leading a team of four analysts and coordinating cross-functional stakeholders (Legal, Sales, Product) to streamline customer security responses and accelerate enterprise deal cycles.
• Simplified and communicated how Adobe’s security and compliance controls align with major frameworks (ISO 27001, NIST, SOC 2, GDPR), supporting customer assurance needs and enterprise purchasing decisions.
• Handled customer-requested penetration testing engagements by coordinating handoff between the internal testing team, aligning test scope with customer expectations, and ensuring visibility into remediation progress and reporting.
• Presented quarterly business reviews at Security All Hands, highlighting operational metrics (response volume trends, ARR impact) and progress on customer trust and assurance initiatives to global leadership.

Sr. Information Security Analyst, Sales Security Engagement Jul 2019 – Apr 2022

• Delivered 200+ enterprise customer security questionnaires and inquiries annually within a 10-day SLA, supporting global sales teams and accelerating enterprise deal cycles.
• Maintained and continuously improved Adobe’s internal compliance knowledge base, increasing response accuracy and consistency across regions and reducing duplicated effort.
• Conducted annual global security enablement sessions for ~300 sales professionals, improving self-service adoption of internal assurance tools (Knowledge Base, Trust Center, Wiki).
• Partnered with Product and Security Marketing teams to author and update security and compliance-facing customer content.

CERT - Software Engineering Institute

Internship --> Cybersecurity Engineer 2016 – 2019

• Previously held a Top Secret/SCI clearance (expired).
• Developed and delivered cybersecurity training programs to enhance resilience within U.S. Government agencies, gaining direct experience supporting the Public Sector business.
• Configured and managed 65 systems to ensure peak performance during live simulations and Capture the Flag exercises.

Taco Bell

IT Specialist 2014 – 2015

• Supported 60+ restaurant locations, resolving issues to minimize downtime and ensure PCI-DSS compliance.
• Used MySQL and Excel to analyze operational data and inform business decisions.

Volunteering

ISACA (2025 - Present) — CISM Certification Working Group Volunteer

US Peace Corps (2010 – 2013) — Information Technology Educator and Program Manager

Education

Carnegie Mellon University – Heinz College
Master of Information Systems Management, Info Security (2015–2017)
• Paul D. Coverdell Peace Corps Fellow
• Public and Non-Profit Career Opportunities Award

Skills

Certifications

• AWS Certified Cloud Practitioner – Nov 2024
• Certified Information Security Manager (CISM) – Mar 2024
• Nuts and Bolts of OAuth 2.0 - Nov 2023
• Certificate of Cloud Security Knowledge (CCSK) – Dec 2020
• Software Security Practitioner (SSP) – May 2020