I started AllThreats in 2009 because I was tired of watching organizations spend millions on security products they couldn't operate, sold to them by vendors who had never responded to a real breach.
After 22 years in this industry — starting as a network admin, then IR analyst, then CISO at a major healthcare network after leading the response to a 4.2 million patient breach — I knew the only way to build something different was to start it from scratch.
What I'm most proud of isn't the company's growth or the clients we've landed. It's the careers we've built. 72% of our senior roles are filled internally. Analysts who joined us fresh out of school are now leading practices. People who felt burned out and undervalued at other firms have found something different here.
I try to be the leader I wish I'd had earlier in my career — honest about what's hard, clear about direction, and genuinely invested in the people doing the work.
If you're a practitioner who wants to do real work in a place that takes care of you — let's talk.
Founded AllThreats with a team of 6 practitioners. Scaled to 1,200+ employees across 4 offices. Built the ThreatMap platform, launched the AT Rising early career program, and established the practitioner-first operating model. Directly accountable to employees, clients, and our PE partners at Ironbridge Capital.
Rebuilt the security program following a major breach affecting 4.2M patient records. Implemented zero-trust architecture, established a 24/7 SOC, and led the regulatory response with HHS OCR. Experience with breach response at scale directly shaped AllThreats' IR methodology.
Handled incident response for Fortune 500 clients. Specialized in financial sector breaches and nation-state attributed intrusions. Led a team of 8 analysts.
I joined AllThreats 11 years ago as their first hire with a formal operations background. At the time, we had 40 people and were figuring out how to scale without losing what made us different.
I built our Professional Services practice from a 3-person team to what is now 400+ consultants across 4 offices — and my proudest moment wasn't any single client engagement. It was when our first cohort of junior consultants grew into senior leaders.
I care deeply about pay equity and compensation transparency. I championed our open salary bands initiative and the annual third-party pay equity audit. Uncomfortable conversations about fairness are not optional — they're leadership work.
Women in cybersecurity: my DMs are always open. I've mentored 30+ people through career transitions in this field and I have strong opinions about which firms are worth your time and which ones aren't.
Responsible for all operational functions including PS delivery, people operations, finance, and legal. Executive sponsor of pay equity audit initiative and internal mobility program.
Scaled the consulting practice 10x. Implemented delivery quality frameworks, analyst development curriculum, and the utilization model that prioritizes analyst wellbeing over billable hour maximization.
I spent my first decade in this industry at Big 4 consulting firms and hated every day of it after year 3. Brilliant colleagues, constantly being overworked, underinvested in, and shuffled between accounts like billing resources.
I joined AllThreats 8 years ago as a Director of Incident Response because a colleague told me it was different. She was right.
I now run a 300-person consulting practice and I spend most of my time thinking about one question: what does this analyst need to become the best version of themselves? I try to have that conversation with every person on my team at least quarterly.
A few things I'm proud of: the AllThreats IR methodology (I wrote the first version in 2017 and we've updated it 9 times since). The mentorship program that came out of conversations I started with Sofia (CPO). The fact that 6 of the 8 people who reported to me directly when I was a Director are now Directors or above themselves.
Open to conversations from practitioners thinking about their next move. Be honest with me and I'll be honest with you about whether AllThreats is a fit.
Lead AllThreats' full consulting and IR practice. Responsible for delivery quality, analyst development, utilization strategy, and client relationships across 600+ active engagements per year.
Led incident response and forensic investigation practice. Worked on some of the largest retail and financial sector breaches of the 2010s. Excellent technical work, increasingly difficult organizational environment — the comparison to AllThreats has been stark.
I've been a cybersecurity recruiter for 9 years and I've worked at places that treated recruiting as a numbers game and places — like AllThreats — that treat it as an integrity function.
The difference is night and day. At my previous employer, I was incentivized to fill seats. At AllThreats, I'm incentivized to make matches that last and that don't result in a candidate accepting a role that isn't what I described.
I will always tell you the truth about what a role is and what it isn't. If I think you'd be a better fit at a different company, I will tell you. If AllThreats isn't ready for what you need, I'd rather lose a hire than mislead someone into a situation they'll regret.
Currently hiring for threat intelligence, incident response, and MDR roles. If you're a security professional curious about AllThreats — even just exploratory — reach out. I'm happy to have an honest conversation about whether it could be a fit.
Own full-cycle recruiting for threat intelligence, MDR, and incident response practices. Focus on diverse candidate sourcing, structured interview design, and candidate experience. Average time-to-fill: 22 days. Offer acceptance rate: 91%.
Cybersecurity-focused agency recruiting. High-volume, metric-driven environment. Learned a tremendous amount about the industry and what candidates are actually looking for. Left to find somewhere I could recruit with more integrity and less pressure to hit placement numbers at any cost.
I'm a threat intelligence analyst specializing in APT attribution and malware reverse engineering. I've been at AllThreats for 6 years — started as a junior analyst straight out of my BSCS program and have been promoted twice.
This is the first place in my career where being neurodivergent hasn't been a liability. AllThreats' AT Minds ERG was one of the first things that made me feel like I belonged here — and the accommodations I've received (flexible schedule, quiet space policies, async-first communication norms) have made me a significantly better analyst.
I've published 8 external threat intelligence reports and presented twice at SANS CTI Summit. None of that would have happened without the time and support AllThreats invested in my development — including fully funding my GREM, my GCTI, and two conference trips.
If you're a junior analyst who is neurodivergent and wondering whether this industry has space for you: yes, and AllThreats specifically is a good place to ask that question.
Lead analyst for APAC-attributed nation-state threat actors. Primary author of AllThreats' quarterly Dragon Sector (PRC-nexus) threat landscape report. Specialties: malware reverse engineering, C2 infrastructure tracking, attribution methodology.
7 years at AllThreats. Started as a SOC Analyst I. Now I manage a team of 18 analysts across two shifts and am co-lead of BLKST, our Black employee ERG.
My career path here has not been linear, and that's been a feature, not a bug. I moved from SOC to detection engineering and back to SOC management because AllThreats actually encourages that. The internal mobility program isn't a checkbox — it's the reason my career looks the way it does.
I'm most passionate about analyst development and preventing burnout. I've watched the staffing model at too many SOCs crush talented people. We don't run that model here. When one of my analysts is struggling, that's a management problem, not a performance problem, until I've exhausted every resource I have to understand why.
Proud HBCU grad (Howard University, B.S. Computer Science). Proud Chicagoan. Proud of what I've built here.
Manage 18-analyst SOC team supporting AllThreats' MDR client base. Responsible for shift scheduling, analyst development plans, detection rule quality, and client escalation handling. Run weekly team retrospectives and monthly mental health check-ins.