About

Stepping into Gartner marked a natural evolution of two decades spent at the sharp end of security architecture. In this role, I translate complex, fast-moving cloud and security challenges into clear, vendor-neutral guidance for some of the world's most sophisticated organizations — Fortune 500 enterprises, government agencies, and global private-sector firms. My days are spent deep in conversation with CISOs and security architects, helping them cut through vendor noise, make confident architecture decisions, and build security programs that can scale. I also engage directly with technology vendors to pressure-test their roadmaps, and I research and publish on security architecture topics, as well as speak at Gartner Security & Risk Summit events.

At Intact, Canada's largest property and casualty insurer, I led a national team of ten cloud security subject matter experts across AWS, Azure, GCP, and OCI environments. The challenge was as much organizational as technical: aligning a highly skilled team around a coherent cloud security strategy while keeping pace with a rapidly expanding multi-cloud estate. I oversaw the adoption of cloud-native security technologies — CNAPP, CWPP, CSPM, AISPM, CASB, and WAF — and managed vendor relationships with Wiz, Palo Alto Prisma Cloud, CrowdStrike, and Checkpoint, conducting rigorous PoC exercises to ensure every tool earned its place. A key focus was maturing security standards around CIS Benchmarks and MITRE ATT&CK, and exploring AI security governance using the NIST AI RMF and MITRE ATLAS frameworks.

Teaching is where I give back to the discipline that shaped me. I design and deliver a French-language network security certificate course that takes students from networking fundamentals through to modern security operations. Every semester I refresh the content to reflect where the threat landscape actually is — not where textbooks say it was — and build practical lab exercises that force students to think like defenders.

Joining National Bank as Information Security Officer meant inheriting both a talented team and a mandate to raise the security bar across one of Canada's largest financial institutions. I led senior cybersecurity advisors through risk assessments, security control evaluations, and threat modeling exercises — all while serving as the security conscience for new system and technology deployments. The role demanded equal parts technical depth and business fluency: negotiating security requirements with delivery teams, guiding third-party vendor assessments for critical implementations like SAP and Splunk, and ensuring penetration test findings translated into remediated vulnerabilities rather than aging reports on a shelf.

Embedded within the bank's cybercrime division, I conducted risk assessments across more than twenty projects involving fraud detection and anti-money laundering platforms, using NIST, CIS, and ISO frameworks to surface what truly mattered. I built threat models — Attack Trees, STRIDE — that sharpened penetration testing and gave architects concrete, actionable guidance. Overseeing the migration of several applications from on-premise to AWS using the CSA Cloud Control Matrix, I learned firsthand how the shared responsibility model plays out under real operational pressure.

A focused engagement at the helm of Heineken's regional IT operations in Lebanon. I shaped the regional IT strategy, managed a team of four specialists, and stabilized IT services across all business units. A cloud migration initiative reduced on-premise infrastructure costs meaningfully while improving service resilience — a lesson in how cloud adoption delivers tangible business value even in resource-constrained environments.

Consulting stretched my career in a new direction, placing me inside complex, high-stakes technology transformations across Europe and the Middle East. My flagship engagement was advising SKEMA Business School — across its Paris, Lille, and Nice campuses — on a USD 10 million Oracle PeopleSoft Campus 9.2 implementation in partnership with Oracle France. Alongside this, I contributed to Chalhoub Group's digital transformation strategy in Dubai, formalizing the business model for a new retail concept.

Brought in to modernize the infrastructure of this internationally known luxury chocolatier, I led a thorough business impact analysis mapping every critical asset, process, and single point of failure across a multi-region operation spanning the Middle East and Europe. The output shaped a new hyperconverged infrastructure architecture with a clear migration path for legacy applications to the cloud.

Five years as IT Director were formative in every sense. I designed and built the university's data center from the ground up, led a USD 2 million PeopleSoft Campus implementation, and restructured the entire IT department — hiring sixteen people who went on to serve three campuses and five thousand staff. A result I'm particularly proud of: cutting the online student registration period in half by automating payment processes and integrating the student information system with payment platforms.

At Gulf Finance & Investment Company I tackled two defining infrastructure challenges: modernizing the core banking system — enabling faster client transactions and real-time market quotes that directly impacted trading operations — and designing a disaster recovery site that was eventually activated during real emergencies and kept the business running when it mattered most.

My first professional role, where I learned that good infrastructure work is mostly invisible — and that when it becomes visible, something has gone wrong. I managed network infrastructure, provided technical support across the organization, and executed migrations of critical systems including Active Directory, Exchange Server, and file services. A foundational chapter that instilled habits of precision and operational care.