Work
Outcomes That Move The Business
21+ years scaling security, DevOps, and platform teams. Real outcomes — HITRUST certifications, AI governance programs, vendor risk at scale — not slideware.
Request More Info
Case Studies & Practice
Deep dives on the programs and decisions behind the outcomes.
Experience
Case studies
Cloud, DevOps & infra
Fintech & finance
Now
Open Source
Code that's shipped to production.
GitHub repos
Writing
Field Notes On Security & Velocity
Essays, briefings, and short notes on what's actually working in security, AI governance, and high-velocity engineering teams.
Subscribe
Long Form
Essays and deep dives on security, AI, and growth.
All posts
Table of contents
By topic: AI & Governance
By topic: Security & GRC
By topic: Cloud & DevOps
By topic: Fintech & Finance
Short Form
AI news with my takes and the newsletter.
AI news + my takes
Newsletter archive
Subscribe
Get new pieces in your inbox or your reader of choice.
Email newsletter
RSS feed
JSON feed
AI
AI, Hands-On Not Hand-Wavy
Curated AI news with my takes, plus the free calculators and tools I use with CIOs and AI architects every week.
Explore the Tools
News & Commentary
What's shipping in AI, with an operator's take.
AI news + my takes
Interactive Tools
Calculators and pickers you can use right now.
All free tools
AI ROI calculator
LLM cost estimator
Model picker quiz
Ask & Search
Query my work directly or search the whole site.
Ask Michael (AI)
Search the site
About
Operator, Advisor, Builder
Security executive, UC Berkeley MICS, board advisor, and builder. Here's the background, credentials, and personal context behind the work.
Read Full Bio
Background
Bio, education, and how I got here.
Bio
Now
Credentials
Degrees, certifications, and advisory roles.
Education & certifications
Elsewhere
Open source and code outside of work.
GitHub
Connect
Let's Build Something Together
Intro calls, strategy sessions, advisory engagements, or a quick question — pick the channel that fits and we'll go from there.
Book a Call
Work Together
Start a conversation or book time directly.
Contact form
Book time
Direct Channels
Email and LinkedIn are the fastest ways to reach me.
Email
LinkedIn
Recruiters & Boards
The 60-second one-pager and advisory & board interest.
Executive one-pager
Advisory & board interest
Resume (PDF)

One-pager Book a Call

Open to board advisory and board seats — 2H 2026, then CY 2027–2028.· AI governance, security, and platform · Forward-looking interest — not a current board seat

See details →

Executive

One-pager

Focus, certifications, and frameworks at a glance — the dual build-and-protect security and platform mandate, AI and security as the forces shaping the next decade, and how to open an advisory or board conversation.

Outcomes that matter

Holds CISSP, CISA, CISM, and CRISC, plus AWS Solutions Architect (Professional and Associate), AWS Security, Advanced Networking, and Big Data specialties; UC Berkeley MICS.
Built a security program scoring above the industry average on the NIST Cybersecurity Framework.
Achieved and sustained SOC 2 Type II attestation and operates under a CSA STAR Level II continuous-audit posture.
Designed and runs a multi-region AWS architecture with warm-standby disaster recovery.
Runs the dual build-and-protect mandate — DevOps and information security under one roof — across the platform.
Stood up AI governance for financial services: a design-time 'act vs interpret' boundary for automated decisions, mapped to NIST AI RMF, ISO 42001, and the incoming CCPA ADM rules.
Focused on the two forces defining the next decade of technology leadership: AI and security. Contact: michael@ypro.dev.

How I operate

Lead with a written narrative; meetings are for decisions, not status.
Hire for trajectory and judgment; coach for ownership.
Treat security and platform as enablers of GTM velocity, not gates.
Default to blameless retros, public action items, and visible dashboards.

What I'm exploring next

Independent board seat at a pre-IPO or public fintech/healthtech.
Fractional CIO/CISO with growth-stage companies scaling regulated workloads.
Advisory at 1-2 AI-native startups solving governance or platform problems.