In 1997 I transfered from the University of Montana to Oregon State University, having recently been turned on to computer science by my then future wife, Ginny. 

Shortly thereafter, I found the Information Security Laboratory run by Dr. Çetin K. Koç (who is now at UCSB).  They were looking for undergraduate programmers to implement hashing algorithms.  At that very moment, it was “game over,” because I’ve been a security geek ever since.

I have been involved with every level of information security - from implementing cryptographic algorithms to designing corporate security policies as a Security Officer.  But, having my roots in the lowest levels of security, my heart is always reaching for the ideal case: good policy, the implementation of which doesn’t undermine or prevent the overall security of the organization.

All too often, it seems, there are well-intended, poorly-written policies, which either create or exacerbate security problems.  This is why I love the work I do today.  I lead a high performance team of security and compliance analysts creating content for the products our company sells that can do real good in the face of so much fear, uncertainty, and doubt. 

For information on my professional profile, I invite you to view my LinkedIn profile.  I also invite you to follow me on Twitter. From time to time I’ll post something hopefully of interest to the community on my blog which has moved to Stoic Security & Compliance.