Hi, I’m Leo — welcome to my corner of the cybersecurity world!
My journey into cybersecurity formally kicked off in 2020 when I transitioned into a Security Program Management role at a major tech company. Shortly after, I specialized in Payments Security Program Management, combining my years of experience in FinTech regulatory compliance with a growing passion for security. Today, I lead Payments Security Program Management efforts, helping protect the financial systems that millions rely on.
Before diving into security full-time, I drove initiatives in Anti-Money Laundering, Counter-Terrorist Financing, Anti-Bribery and Corruption, and Political Activities Monitoring — all vital areas that naturally led me to the world of cybersecurity.
To strengthen my foundation, I earned a Master of Science in Cybersecurity and Information Assurance and hold certifications including CISSP, GCIH, GCFA, and CEH. Outside of my civilian career, I also serve with a reserve unit in the California Military Department, supporting teams in incident response, penetration testing, security operations center activities, and cyber threat intelligence.
Why I Started This Blog
I started this blog for two main reasons: community and self-development.
I’ve been fortunate to face tough challenges and explore novel solutions in my work — and I believe those experiences are worth sharing. Cybersecurity is a collective effort, and I firmly believe that “a rising tide lifts all boats.” Throughout my own journey, I’ve leaned heavily on the generosity of others who shared their insights, approaches, and lessons learned. Now, it’s my turn to contribute to that ecosystem.
On a personal level, this blog also helps me capture and organize my thoughts, creating a living journal of experiences I can reference over time.
Who This Blog Is For
This blog is for anyone curious about cybersecurity — whether you’re a seasoned professional, a student, or someone just starting out. If you’re interested in learning about different perspectives, projects, or initiatives related to cybersecurity, you’re in the right place.
What You’ll Find Here
Most of my posts will revolve around the areas I know best: program implementation, oversight, and regulatory engagement within cybersecurity. That said, I won’t limit myself — expect a mix of technical insights, best practices, lessons learned, and maybe a few curveballs along the way.
My Approach to Cybersecurity
Cybersecurity should be accessible — it shouldn’t be a privilege reserved only for those with the biggest budgets. I believe that manageable, “best of breed” models are often the most immediate and affordable solutions, provided they don’t come with overwhelming operational costs.
A Little More About Me
When I’m not working on cybersecurity initiatives, I’m spending time with my family. As any parent knows, it really does take a village to raise children — and I’m grateful for my village every day.
Stay Connected
If you find something useful here, share it! If you spot a better practice, a different perspective, or even a mistake, I want to hear from you.
Subscribe for updates, interact with the posts, and feel free to reach out to connect — after all, cybersecurity (and life) are better when we work together.
Disclaimer:
All content provided in this blog is for informational purposes only. The views and opinions expressed here are my own and do not represent those of my employer, any affiliated organizations, or any other individual or entity.