Work
Outcomes That Move The Business
21+ years scaling security, DevOps, and platform teams. Real outcomes — HITRUST certifications, AI governance programs, vendor risk at scale — not slideware.
Request More Info
Case Studies & Practice
Deep dives on the programs and decisions behind the outcomes.
Experience
Case studies
Cloud, DevOps & infra
Fintech & finance
Now
Open Source
Code that's shipped to production.
GitHub repos
Writing
Field Notes On Security & Velocity
Essays, briefings, and short notes on what's actually working in security, AI governance, and high-velocity engineering teams.
Subscribe
Long Form
Essays and deep dives on security, AI, and growth.
All posts
Table of contents
By topic: AI & Governance
By topic: Security & GRC
By topic: Cloud & DevOps
By topic: Fintech & Finance
Short Form
AI news with my takes and the newsletter.
AI news + my takes
Newsletter archive
Subscribe
Get new pieces in your inbox or your reader of choice.
Email newsletter
RSS feed
JSON feed
AI
AI, Hands-On Not Hand-Wavy
Curated AI news with my takes, plus the free calculators and tools I use with CIOs and AI architects every week.
Explore the Tools
News & Commentary
What's shipping in AI, with an operator's take.
AI news + my takes
Interactive Tools
Calculators and pickers you can use right now.
All free tools
AI ROI calculator
LLM cost estimator
Model picker quiz
Ask & Search
Query my work directly or search the whole site.
Ask Michael (AI)
Search the site
About
Operator, Advisor, Builder
Security executive, UC Berkeley MICS, board advisor, and builder. Here's the background, credentials, and personal context behind the work.
Read Full Bio
Background
Bio, education, and how I got here.
Bio
Now
Credentials
Degrees, certifications, and advisory roles.
Education & certifications
Elsewhere
Open source and code outside of work.
GitHub
Connect
Let's Build Something Together
Intro calls, strategy sessions, advisory engagements, or a quick question — pick the channel that fits and we'll go from there.
Book a Call
Work Together
Start a conversation or book time directly.
Contact form
Book time
Direct Channels
Email and LinkedIn are the fastest ways to reach me.
Email
LinkedIn
Recruiters & Boards
The 60-second one-pager and advisory & board interest.
Executive one-pager
Advisory & board interest
Resume (PDF)

One-pager Book a Call

Open to advisory and board conversations — exploring advisory and board roles alongside my work as VP of Security & DevOps at SavvyMoney.· Open to: Advisory engagements (AI governance, security, platform) · Board roles — forward-looking interest, not a current seat

See details →

Michael
York

VP, Information Security & DevOps

Strategic Focus

Enterprise AICloud & DevOpsSecurity & Governance

Bridging legacy stability and future intelligence. Leading organizations through the transition from digital-first to AI-native.

I lead information security and DevOps at SavvyMoney, a fintech platform serving 1,500+ financial institutions as they deliver credit and financial-wellness products to the people they serve. My work sits at the intersection of three things that don't always get along: moving fast, staying secure, and proving it to auditors, regulators, and demanding partners. I came up through security and risk — holding the CISSP, CISA, CISM, and CRISC — but I also own DevOps, so I don't treat security as something that happens to other people's systems. I'm responsible for the pipelines, the cloud architecture, and the uptime as well as the controls that protect all of it. That dual mandate shapes how I think: the best security makes the business faster and more credible, not slower and more annoyed. Lately I spend a lot of time on AI — as a threat and as a tool — and on the controls layer underneath it: audit trails, scoped tool authority, and the boundary between an output a system can act on and one that needs a human first.

20+

Years in Security & DevOps

CISSP · CISA
CISM · CRISC

Industry Certifications

View Full Profile

About

I lead information security and DevOps at SavvyMoney, a fintech platform serving 1,500+ financial institutions as they deliver credit and financial-wellness products to the people they serve. My work sits at the intersection of three things that don't always get along: moving fast, staying secure, and proving it to auditors, regulators, and demanding partners.

Explore

Work & case studies

Real outcomes from real programs.

Field notes on security, AI, and growth.

Curated AI news with my takes.

Advisory, intros, and collaboration.

Latest writing

Featured case studies

Let's work together

Advisory engagements, fractional security leadership, or just an intro call.

Book time Send a note