Security Architecture for Products That Can't Afford to Fail.
I've led FDA-regulated PKI at Dexcom and built mobile forensics security at Magnet Forensics. Now I work with digital health companies building regulated products and hospitals managing connected medical devices under FDA's post-market cybersecurity guidance.
Focused engagements. Real architecture.
Not compliance theater. Security that actually works in regulated, high-stakes environments.
Security Architecture Review
End-to-end review of your product's security posture. Threat models, trust boundaries, and gap analysis against FDA and NIST frameworks.
PKI & Certificate Strategy
Architecture and requirements for certificate lifecycle management in regulated environments. Designed for live deployments, not just compliance checkboxes.
Fractional Security Advisory
Embedded security leadership without the full-time overhead. Show up at the design table, not just the post-breach review.
Connected Device Security for Hospitals
Assessment and remediation planning for clinical engineering and IT teams managing connected medical devices under the FDA's 2023 post-market cybersecurity guidance.
Two clients, one area of depth.
Digital Health Companies
Series A–C companies building FDA-regulated products. Pre-submission or post-market. Teams that need security built in, not bolted on.
Regional Hospitals
Clinical engineering and IT teams at community and regional hospitals managing connected device fleets. FDA's 2023 post-market guidance created obligations most smaller hospitals weren't staffed to answer.