2016 to Current: Independent Consultant for small, entrepreneurial companies looking to scale and grow their companies. 2005-2016: C Level executive repressible for security operations and the information security programs of a $6 million dollar managed security services company.
Associates degree in Industrial marketing. Bachelor’s degree in Technical Training. Master’s degree course work in Organizational Development. 1st 20 years, I worked as a mechanical technician for power plants, manufacturing complexes, commercial facilities and health intuitions. I took care of the equipment and systems; also did extensive systems troubleshooting. Next 15 years, I worked in Operations for commercial service companies. I built service programs, developed service offerings, managed service groups, designed company-wide workflows and directed multiple performance improvement initiatives. Last 15 years, I’ve worked with and for small, entrepreneurial companies. Some were startups, some were managed services. I worked “in the business” on the day-to-day activities as well as “on the business” with strategic and tactical initiatives.
On a regular basis, I'll look over petitions by different organizations on issues that interest me. About 50% of the time, I’ll sign the petition . On occasion, I’ll follow-up with an email to select legislators that are my local or national representatives. Only money donated to a political campaign was to Marianne Williamson during the 2019-2020 primaries. Maybe $100.
Currently not an active member of any groups or associations.
From 1994-2016, I managed commercial service operations groups primarily serving Colorado businesses and customers. The commercial service business can be quite challenging, given the many different situations and types of people you have to deal with on any given day. My role was to serve the customer to the best of my ability by getting the right techs to the job without putting the customer or business in jeopardy. Being transparent with people defused quite a few emotionally charged situations. Since 2016, I’ve been working as a strategic advisor to small, entrepreneurial companies who want to scale and grow their business. My primary role is to determine their current company status, listen to their desired business goals, and then create a clear line of sight to their targets, often using a “road map”. There is a lot of potential confusion and mischief with helping an organization define their current status and their desired goals, especially in small organizations where the Founders are still involved with the business. You need patience and well-honed listening skills to guide them towards articulating the purpose of their business and why they do what they do. Many of the standard business protocols, while informative, rarely serve a small business because a fair number of them were designed for and used by large organizations. They are overly complicated and often not relevant to the small business environment. That’s were I step in and help mold good business and operational practices to service their specific business environment. I start with where they are at and build upon that.
If there ever was a time where knowledgeable people with a sense of fairness and balance need to step up and help this country—now is that time; I am that kind of person. We need to make sure any government sponsored activity is conducted with so that its focus remains centered on the benefits to the everyday citizen. We have to acknowledge and go beyond our biases to build a cohesive effort that serves the people. That’s what I am great at, that’s what I would bring to the commission on Day 1.
I rarely react because I’ve trained myself to receive incoming information, consider it and then respond. I’m aware of my biases and can go beyond them to adopt the bigger picture as the guiding principle. When there is a disagreement or difference of opinion, it never gets resolved through a rigorous defense or active manipulation of the involved data or people. Differences of opinion get resolved by acknowledging those differences and finding common ground between the groups based on what really matters for the outcome of the activity.
Over the last 15 years, I’ve performed many information security audits for over two dozen organizations using a variety of different industry or regulatory standards. There’s the “letter of the regulation or standard” and there is the “intent” behind the individual controls. Given not all information and data environments are equal, you have to be very skillful in interpreting a control from a standard to see if it is needed and then being properly applied in a company’s specific data environment. A fair number of times the gray area of the standard and the customer’s lack of knowledge on the standard or the control has to be dealt with—before you attempt to assess its applicability and then its effectiveness. Some of these controls, if not properly assessed and implemented, can cost millions of dollars and can cause massive personal privacy exposure in the event of a data compromise. At the same time, a number of the controls could have an adverse impact on a company’s business operations and budgetary restrictions, if hastily applied. Deep listening to the client supplemented with plan speaking often resolves the issue in a way that balances the need for security with the need for a well-run and profitable operation. That’s the science and the art of data security compliance. It doesn’t have to be grueling or adversarial engaged; it should be a collaborative effort that people can participate in with dignity.