About Me

14188173_10101427356852490_1457781064271761337_oAndrew is a Senior Program Manager on the Cloud and Enterprise (C+E) Security Customer Experience Team (CxP) with over 10 years of deep security experience.  Architecting and Operating some of the largest Computer Network Defense (CND) systems in the world, Andrew focuses on "detecting the undetectable" as well as responding to and recovering from cyber intrusion sets.

After working on some of the most recent high profile intrusions, both in the news and not in the news, Andrew continues to define how to confidently and methodically respond to cyber intrusions.  Most recently, Andrew was specially thanked in the U.S. Government-wide guidance on Recovery, in the Special Publication (SP) 800-184, "The Guide for Cybersecurity Event Recovery" authored by National Institute of Science and Technology (NIST).

The Microsoft C+E Security CxP team mission is to ensure customers have strong and positive experience with products.  It is here where Andrew champions user requirements and voicing capability needs internally to better the product line for all customers.  This is part of the "customer obsessed" mindset the Microsoft CEO, Satya Nadella, laid out for the company.

In C+E Security CxP, our tools include:

  • Advanced Threat Analytics (ATA)
  • Azure Security Center (ASC)
  • Operational Management Suite Security (OMS Sec)
  • Microsoft Cloud App Security (MCAS)

This blog will include technical how-to's on the above technologies, on all up Recovery/Remediation as well as high level thinking every CISO and CND Architect should (and sometimes must) consider to field/operate/maintain operationally feasible capabilities with a focus in the new world of "Assume Breach".

Before joining the C+E Security team, Andrew was a Solutions Architect focusing on Recovery for the Microsoft Enterprise Cybersecurity Group Global Incident Response & Recovery (ECG GIRR) team.  Here, Andrew focused on developing comprehensive and methodical Recovery plans for customers after sophisticated human adversaries were discovered.  Andrew was a Cybersecurity Architect to Fortune 100 companies as well as the U.S. Government.  Before joining Microsoft he worked for the Department of Defense where he architected and operated many host-based Department-wide capabilities.

Skip to main content