About
Meet Brian
Brian is the architect and co-creator of NIST’s Open Security Controls Assessment Language (OSCAL), as well as the inaugural chair of the OSCAL Foundation. His achievements are built on 35 years of experience with information technology (IT), quality management, business process re-engineering (BPR), and cyber solution architecture.
Throughout his career, Brian has successfully conceived, designed and implemented cybersecurity and regulatory compliance solutions for commercial and government organizations.
Whether creating the FAA’s first ATC cybersecurity program, automating assessment activities to achieve 60% execution efficiencies, or leading the first CSPs through accelerated processes on behalf of the FedRAMP PMO, Brian brings a passion for enduring results to any challenge!
The Right Experience
Over 35 years of experience:
- OSCAL Co-Creator
- FedRAMP PMO Authorization Lead
- Cloud Service Provider Trust and Compliance Manager
- Assessment Automation Design and Implementation
- Air Traffic Control System Support
- Telecommunication Industry Cyber Solutions
- Pharmaceutical Industry Cyber Program Manager
- Financial Industry Cyber Program Manager
- Government Agency Support: CBP, DoD, DOL, EPA, FAA, FedRAMP PMO, NRC, US-CERT
- Over 20 Proposals as a Cyber Solution Architect
- Architect/Cyber Tech Prop Lead with >85%
The Right Skills
Cyber Security Strategist
Process
Automation
Quality
Management
(QM)
Enterprise Security Architecture
Information Technology (IT) Administration
Business Process Re-engineering (BPR)
Cybersolution
Architect
Cyber-Solution Architecture
The Right Certifications
Certified Information System Security Professional (CISSP) since 2000
Project Management Professional (PMP) since 2009
Certified Cloud Security Professional (CCSP) since 2019
Ready for the next steps?
Contact us for a free consultation.
Let's discuss your goals and determine how we can best help you!
News and Updates
FedRAMP 20x: Stay the Course! Prepare to Move Faster!
March 26, 2025 I like sailboats. They are a time-honored method for crossing a large body of water. Tried and true! Elegant! I also like motorboats. While their engine adds complexity, they are more maneuverable and allow you to travel faster. Sometimes you need speed...
Supporting the OSCAL Foundation
Ruf Risk is proud to be an inaugural member of the Open Security Controls Assessment Language (OSCAL) Foundation! This critical global partnership between government, industry and academia was launched to advance the development and adoption of standards to automate...