Together let's measurably improve your business outcomes by enhancing your cybersecurity strategy.

Innovative leader with three decades of experience at the very forefront of cybersecurity across US Gov, DoD, Fortune 100, Financial Services, and several cybersecurity product companies I have seen what great can look like.

I will help you achieve more predictable outcomes, faster.

more about me

About

Experiences

Innovation:
I've been fortunate enough in my career to be with innovative cybersecurity companies such as ArcSight, NetWitness, Cloudera, VisibleRisk, JASK, and Optiv. Many times in my career I've been a part of the growth where these companies helped define or redefine an entire category or domain.

Responsibility:
As a senior executive I've been operationally responsible for the technical controls around security operations, incident response and more for some of the complex and heavily regulated organizations like EDS, US DoJ (JSOC), and JPMorgan Chase.

Mentorship:
I've also invested, mentored or advised many cybersecurity startups over the years as well as performed due diligence for investors, acquiring entities or private equity firms.

I am here to serve you.

Cybersecurity Product Leadership

Cybersecurity Product or Services Companies:    

- Technology and Business Strategy (CPO, CTO or Advisor)    

- Go To Market Strategy  / Product Market Fit

- Partnership and Alliances Strategy    

- Executive Leadership

- Independent Board Member

Due Diligence

Investors (VC or PE) or acquiring entities    

- Due Diligence    

- Competitive Analysis    

- Investment Selection Strategy

Security, Risk, and Privacy

Extensive experience across Financial Services, Retail, Government, Healthcare, High Tech, Social Media Firms:    

Senior Executive Roles such as:

     - Chief Information Security Officer (CISO)

     - Chief Product Officer (CPO)

     - Chief Technology Officer (CTO)

     - Chief Executive Officer (CEO)

- Strategy and Operational Leadership across:

     - Security Operations

     - Incident Response

     - Insider Threat

     - Threat Intelligence    

     - Risk Management

     - Vulnerability Management

     - Cyber Resilience

     - Risk, Strategy, and Governance

     - Technical Control ownership

     - Compliance, Regulatory, and Audit.

- Also highly experienced with the following:

     - Cybersecurity expertise w/Board of Directors

     - Technology and Services Rationalization

     - Vendor and Partner Management

     - Mergers and Acquisitions (M&A)

     - Hybrid Cloud and Multi Cloud Solutions (AWS, Microsoft Azure, Google Compute)

     - Advanced Data Engineering and Data Analytics (ML and AI)

     - SIEM, SOAR, UBA, XDR, SASE, SSE, Security Operations, Threat Modeling, Detection Engineering.

I benefit from extensive and balanced set of experiences.

Shifting from running Operations to running Product strategy as technology has evolved has allowed me to keep pace with change and help my clients keep pace with the threats they face.

In my career I've seen Threat Detection move from analysis being dominated by SED/AWK/GREP to a decade of SIEM, SOAR, XDR and now into AI led analytics techniques. I've seen the evolution from Mainframe to Blockchain, Cloud, Hybrid, and Multi Cloud.

Together we can use my lessons learned to help accelerate your path to market.

Founder

September 2023
-
December 2100
RiskOne

RiskOne - Integrated Cyber Defense Operations.

As an advisory firm RiskOne provides fractional CISO and Applied Cyber Defense services for your organization.

RiskOne also supports cybersecurity product and services companies with Fractional CXO services.

CTO

July 2021
-
July 2023
Optiv

Provided strategic and visionary executive leadership for product, research, development, and partner management for $3.5B cybersecurity firm to deliver cutting-edge solutions to 6000 clients. Aligned innovation with Optiv's roadmaps based on client and partner data by initiating VC portfolio integration program.

●       Directed product management team to implement roadmaps of 100+ service offerings across 10 cybersecurity domains.

●       Showcased exceptional technical acumen to re-platform data and analytics from federated instances into unified delivery mechanism serving 100M+ Managed Services business.

●       Raised symmetrical growth and boosted alignment by deploying data-driven prioritization across over600 partners and pivoting team’s focus toward highest growth outcomes achieving over 20% growth in prioritized areas.

●       Maximized over 15%of top-line revenue by launching and modernizing innovative products.

●       Achieved more than 10% increase in margin by executing product enhancement initiatives.

Executive Director, Product Owner

May 2019
-
August 2021
JPMorgan Chase & Co.

Oversaw various aspects of security operations andservices involving data engineering, log management, analytics, SIEM, forensics,DLP, incident response, and insider threats to protect organizational data andsystems against potential threats.  

●       Responsible fordriving innovation to improve firm's detection and response capabilities inhighly regulated environments.

●       Accelerated businessexpansion and assured seamless execution of multiple M&A projects, and key modernizationefforts such as Blockchain, hybrid and multi-cloud adoption, AI Initiatives, andgeographic business expansion by expertly and efficiently managing cybercontrols.

●       Minimized over 30Moperational costs by driving architecture enhancement and re-engineeringefforts.

●       Increasedresiliency and uptime for security analytics platform and data elements fromunder 90% to over 99.999% by designing and implementing advanced systems andbackup solutions.

Independent Advisor

November 2007
-
May 2019
Mentor / Advisor

Supervised security vendors and F500 security teams to boost enterprise visibility, security intelligence, and incident response capabilities as vigilant Virtual CISO. Conducted in-depth assessments of technology assets, systems, and infrastructure to facilitate informed investment decision-making while offering technical due diligence services for various VC and PE Firms.

Advisor/Consultant:

Independent advisor supporting cybersecurity vendors, acquiring entities or investors with strategic initiatives, due diligence efforts or product / market advice.

- SourceFire

- Bluecoat

- ThreatGrid (acquired by Cisco)

- AlienVault (acquired by AT&T)

- Alertlogic

- Streetcred Software

- FactorChain (acquired by Sumologic)

- Niara

- JASK

Cyber Defense Operations roles:

Consulting services to serve the operational need for an experienced leader focused on cyber defense operations, enterprise visibility, security operations, security analysis, security intelligence, incident response capabilities, maturity and risk reduction.

- F100 Retailer

- F10 Global Entity

- Department Level US Gov Entity (US DoJ)

- F100 Defense Firm

- F200 Chemical Firm

- Social Media

- Speaker at over 150 various conferences (IANS, SANS, BSides, vendor forums and more)

VP Product

September 2017
-
February 2019
JASK

Spearheaded whole product lifecycle from conceptualizationto market launch using effective product management skills to achieve businessgoals. Built and cultivated strong connections with industry analysts, investors, and press to augment company's visibility and demand for products and services.Helped secure increased valuation for additional venture investments.

●       Enhanced efficiency of security operations and significantly mitigated cybersecuritythreats by integrating ML/AI technologies into detection and response tools.

●       Supervised andguided product and engineering teams to pinpoint and deploy productimprovements based on customer feedback aimed at elevating customersatisfaction and ensuring delivery of world-class products.

●       Guaranteed successful product launches by formulating strategic plans, setting productlaunch timelines, and managing budgets, obtaining first $2M in ARR in the firstquarter of product availability.

Cybersecurity Leader

April 2016
-
September 2017
Cloudera

Managed Cloudera's global Big Data and advancedanalytics strategy by developing innovative cybersecurity use cases incoordination with customers and partners as cybersecurity subject matter expert.

Showcased active involvement in launch of Apache Spot and multi-vendor cybersecurity solutionsby leveraging deep understanding of latest cybersecurity technologies, resultingin over $10M in cybersecurity-related revenue for Cloudera.

Founder and CEO

August 2010
-
August 2014
VisibleRisk

Headed VisibleRisk as CEO until acquisition by Click Security and subsequently by AlertLogic. Established cybersecurity detection and response startup and developed network visibility and staticanalysis platform along with associated MDR offering to pinpoint and minimize advanced attacks on clients' networks.

●       Attained $2M infirst year with 100% renewal rates by nurturing relationships with key clients and delivering unparalleled efficiency and cost-effectiveness to valued clients.

●       Reduced over 50% of client’s costs from other service offerings by designing distinctive and scalable machine learning-based security analytics capability.

Services Leader

June 2010
-
April 2011
NetWitness

Spearheaded range of professional services, including incident responses, tailored product service offerings, strategicpartner development, team leadership, and effective service management.Provided result-driven governance to maintain service excellence of NetWitness up to acquisition by EMC/RSA.

●       Orchestrateddiverse array of offerings encompassing product consulting, incident response services, and subscription-based Operations & Maintenance (O&M)alongside advanced analysis activities to ensure business success.  

●       Raised revenue and margin growth for NetWitness and partners by attracting and retaining potentialofferings.

CEO

October 2007
-
December 2009
Decurity

Developed Decurity from single-person consulting organization to world-class business by provisioning thought leadership. Positioned Decurity as attractive prospect in cybersecurity market, leading to acquisition by RSA.

●       Increased company awareness among Security Technology Vendors, Financial Analysts, Security Industry Analysts, US Government Security Teams, and Fortune 100 teams across world by strategically managing cybersecurity operations.

●       Delivered security operations services to esteemed clients, including US Department of Justice, Best Buy, and Northrup Grumman with strong commitment to safeguarding client’s critical assets and enhancing cybersecurity posture.

●       Drove company value, innovation, and market recognition, resulting in achieving 3M in first year to F50 Clients.

Practice Director

March 2003
-
October 2007
ArcSight

I was with ArcSight from very early in its growth phase (v 1.0) through the transition to a public company. At ArcSight I had the opportunity to work alongside and learn from fantastic executive, development, services, marketing, and sales teams. For our highly complex clients at ArcSight, I was directly able to participate in the growth and maturity of not only a technology, but a set of products, and an entire market we helped establish (SIEM, SOAR, UBA).


Other Roles while at ArcSight:
Practice Director - Consulting (Global Team), Practice Director Security Operations, Security Strategist, Principal Consultant, Enterprise Architect, Senior Consultant, Senior Instructor/Course Developer.

Managed Services Lead

June 2000
-
August 2001
Para-Protect and EDS

Para-Protect: Managed Consulting efforts related to Network Security (IDS/IPS/FW) and internal processes for Security Operations, Incident Response.

EDS: Founded Global Security Operations Center (GSOC) and was the Technical Director for that capability supporting Fortune 50 and US Government clients with their outsourced detection and response needs.

Acted as Virtual Deputy CISO for F50 Organization.

Product Support: Built out homegrown SIEM to manage alerts from ISS, Enterasys Dragon, and NFR systems until we could adopt a commercial SIEM tool.

AFCERT IRT

March 1999
-
June 2000
AFCERT

Contracted member of the US Air Force Computer Emergency Response Team (AFCERT), Incident Response Team (IRT) and Security Analyst protecting 144 US Air Force Installations from a Network Defense perspective.

Operations: Incident Response efforts to support secure and recovery efforts, as well as Law Enforcement and Intelligence initiatives across the world to protect US Air Force interests.

Product Support: Provided feedback and requirements to CIDS/CDS/ASIM tool developers. (Detection, Analytics, Workflow Tooling).

Intelligence Analyst

January 1993
-
January 1999
United States Air Force

Active Duty Intelligence Linguist and Intelligence Analyst.

Supported tactical and strategic intelligence capabilities to support US and International Intelligence and Military entities with Counter-Narcotics efforts.

This included tracking various groups across their respective Tactics, Techniques, and Procedures to correctly attribute activities and help contextualize and prioritize interdiction efforts.

Information Security: Information Systems Security Officer (ISSO). Trained others on computer security concepts.

My Skills

In my career spanning many key Cybersecurity domains I've grown from the entry level analyst through the ranks to executive officer. I have all the bruises to prove it and an unyielding desire to further enhance the art of the possible in cyber.

As a leader in the business I maintain a very deep understand the client needs to keep pace with their business. As a technologist I fully grasp the evolving technology landscape and given my product background I understand the intersection and need for constant improvement.

Given the experiences and balance over the course of my career I can operate equally effectively as a Chief Technology Officer (CTO), Chief Product Officer (CPO), Chief Information Security Officer (CISO), or Chief Information Officer (CIO).

Contact

I look forward to connecting with you and learning how I can best serve you, so your business can get to market faster!

Please use the calendar below to schedule 30 minutes 1:1 with me and we can discuss the best path forward.

LinkedIn: securityprofessional
Twitter: @rockyd