Jason’s responsibilities center on delivering all facets of Axio’s cyber risk engineering approach to clients, with a specific focus on cyber risk quantification, and cyber program design and implementation. Jason’s work leverages NIST Cybersecurity Framework (CSF), DOE Cybersecurity Capability and Maturity Model (C2M2), and CERT Resilience Management Model (CERT-RMM).
Previously, Jason was a Senior Cyber Risk and Strategy consultant working with large financial and energy companies where he developed cyber resiliency strategy, cyber risk quantification programs, and analyzed Return on Security Investment (ROSI). Additionally, Jason served as a Program Manager where he led a team to develop, maintain, and perform a CSF-based pre-binding cybersecurity assessment for a Lloyds of London-backed $200mm cyber insurance policy for Critical Infrastructure. Prior to this, Jason was a Group Leader at the MITRE Corporation, where he spent 9 years leading teams in the development of program and technology prototypes for the Department of Defense and Intelligence Community.
Jason has a passion for cyber risk quantification and seeks to embetter the state of organizational risk-based decision-making. He maintains his Certified Information System Security Professional (CISSP) and Certified in Risk and Information Systems Control (CRISC) certifications and holds certificates for Certificate of Cloud Security Knowledge (CCSK) and Insider Threat Program Manager (ITPM). Jason is a veteran of the United State Marine Corps.