Trur Security, a veteran-owned and operated company founded in 2023, embodies my belief that security doesn't have to be a daunting challenge. I am committed to making security an integral and accessible aspect of products, emphasizing that the journey to robust protection can be a seamless and user-friendly experience. Trur Security is dedicated to enhancing the overall quality of products, employing a secure-by-design approach that ensures a foundation of resilience against potential threats. By positioning security as a feature rather than an obstacle, Trur Security aims to empower new and small companies, guiding them in constructing secure foundations for their endeavors.

Previous Experience:

  • Director - Product Security, Zillow Group (2019 – 2023):

    • Built and led a DevSecOps team, integrating automated security into Zillow Group's GitLab and SDLC environments.

    • Developed CI/CD processes for identifying and addressing security vulnerabilities, ensuring compliance with regulatory bodies.

    • Consolidated security findings into data-centric reporting, providing leadership with insights for informed decision-making.

    Target (2015 – 2019):

    • Principal Cyber Security Engineer (2016 – 2019): Led the Computer Incident Response team, deploying the Hunt Maturity Model to enhance threat detection.

    • Lead Offensive Security Engineer (2015 – 2016): Built and maintained Pen Testing procedures and standards, introducing automated testing routines.

Professional Bio:

With over 12 years of management experience in both military and civilian contexts, I am a seasoned professional known for spearheading comprehensive security initiatives that foster a culture of awareness and resilience within diverse enterprises. As the Director of Product Security at Zillow Group since 2019, I have built and led a dynamic DevSecOps team, driving the integration of security practices into the development lifecycle. My expertise lies in building intelligence-driven security programs, orchestrating the implementation of application security initiatives, and optimizing security budgets for maximum effectiveness.

Core Competencies:

  • Web Application Security

  • Team Training & Leadership

  • Vulnerability Assessment

  • Regulatory Compliance

  • Incident Management

  • Continuous Improvement

  • Security Governance

  • Cross-functional Collaboration

  • Strategic Planning & Execution

  • Risk Assessment & Mitigation

  • Vendor Management

Key Accomplishments:

  • Built and led security functions across all areas, transitioning enterprises to intelligence-driven security programs.

  • Empowered businesses to make informed decisions regarding security posture and risk tolerance.

  • Orchestrated the implementation of application security programs integrating with DevOps practices.

  • Recognized as a featured speaker on various information security topics.