State CISO · Florida
Veteran.
Scholar.
Leader.
State CISO protecting 35 Florida agencies. DSc researcher. Marine veteran. Building what's next.
About
The Practitioner-
Researcher
I didn't start in cybersecurity. I started in the U.S. Marine Corps, where I learned that discipline, structure, and mission focus aren't abstract concepts — they're the difference between success and failure. That foundation has shaped everything I've done since.
Today, I serve as the State CISO for the Florida Digital Service, leading cybersecurity operations for 35 state agencies, 107,000+ employees, and over 200,000 devices. My office oversees the statewide Cybersecurity Operations Center, enterprise architecture, engineering, and community operations.
My doctoral research at Capitol Technology University focuses on quantitative risk management using the FAIR model — moving public sector cybersecurity from subjective heat maps to defensible, data-driven analysis that executives and legislators can act on.
Credentials
Certifications
Industry-recognized credentials in security management, architecture, engineering, and analytics.
CISSP-ISSMP
Information Systems Security Management Professional
ISSAP
Information Systems Security Architecture Professional
ISSEP
Information Systems Security Engineering Professional
CISSP
Certified Information Systems Security Professional
CCSP
Certified Cloud Security Professional
GCFA
GIAC Certified Forensics Analyst
GCFE
GIAC Certified Forensic Examiner
GCIH
GIAC Certified Incident Handler
CEH
Certified Ethical Hacker
ECIH
Certified Incident Handler
ECES
Certified Encryption Specialist
CySA+
Cybersecurity Analyst+
Project+
CompTIA Project+
CSAP
Security Analytics Professional
CSIS
Secure Infrastructure Specialist
CIOS
IT Operations Specialist
ITIL
IT Information Library Foundations
Splunk Certified User
Splunk Certified User 6.x
Experience
Built Through Service
From the Marine Corps to the State CISO office — each chapter built on the last.
State Chief Information Security Officer
Florida Digital Service
Leading cybersecurity operations for 35 state agencies, 107,000+ employees, and 200,000+ devices. Overseeing a $150M enterprise modernization program, the statewide CSOC, and a four-pillar strategic plan. Progressed from Deputy State CISO to Interim State CISO to State CISO within the first year.
Progressive Security Leadership
Greater Orlando Aviation Authority
Five years protecting the 7th largest U.S. airport - $8B in assets, $800M+ annual revenue. Advanced from Information Security Analyst through Senior Analyst, Incident Response Manager, and Assistant Manager of Information Security. Led response to major cyber incidents including the KillNet DDoS attack. Achieved 92% breach prevention rate and 42% reduction in audit findings.
Information Security Analyst
Osceola County Government
Managed 85% of incoming SOC threats through prioritization, triage, and resolution. Led adoption of security operations automation, increasing analyst productivity by 25%.
Information Security Contractor
Lockheed Martin
Directed SP 800-171 compliance initiative, remediating over 2,500 devices to secure DoD contracts. Coordinated remote teams across four states to meet regulatory deadlines.
Sergeant (E-5)
United States Marine Corps
Leadership under pressure, decision-making with incomplete information, and the discipline to execute when the stakes are real. The foundation for everything that followed.
Work
Building at Scale
Key initiatives across enterprise cybersecurity and academic research.
Cybersecurity Operations Center
24/7 Statewide Threat Defense
Built and matured Florida's enterprise CSOC providing continuous monitoring, incident response, and threat intelligence across 35 state agencies.
Enterprise Security Lake
Centralized Security Telemetry
Architecting a statewide security data lake aggregating logs from 35 agencies into a unified analysis platform with OCSF standardization.
Statewide Strategic Plan
2025-2027 Cybersecurity Roadmap
Four-pillar strategy addressing community engagement, architecture modernization, CSOC maturation, and cybersecurity resiliency across state government.
FAIR Risk Research
Doctoral Dissertation
Applying quantitative risk analysis (FAIR model) to state government — the first systematic study of Monte Carlo-based risk estimation across a 35-agency enterprise.
Cybersecurity Advisory Council
Statutory Governance Body
Supporting Florida's CAC in tracking 81 recommendations across governance, workforce, and technology — bridging legislative intent with operational execution.
Insights
From the Field
Writing about what I learn as I build, break, and fix enterprise security at scale.
What Change Management Looks Like When Nobody Can Follow You
Kotter's eight steps assume you have a coalition to build. Here's what leading change teaches you when you're completely alone.
The Federated Board Deck: Presenting Portfolio Risk When Your Enterprise Is Actually Dozens of Enterprises
A State CISO can't use a single risk arrow on a board slide. Here's how to present federated agency risk without lying to the people who need the truth.
Your Blog Posts Are an Adversary's Briefing Book
How individually reasonable security leadership posts can aggregate into a reconnaissance package for anyone targeting your environment.
Contact
Let's Connect
Whether you're interested in research collaboration, speaking engagements, or enterprise cybersecurity advisory — I'd like to hear from you.