SC Awards Meet the Judges 2026

Salim Aftab is a cybersecurity and cloud architecture leader with more than 20 years of experience driving secure digital transformation for global enterprises. He has held senior roles at Cognizant, eBay, Sallie Mae and T-Mobile, architecting Zero Trust-aligned, multicloud ecosystems across finance, health care, telecommunications and retail. A principal architect and recognized thought leader, Aftab is known for pioneering secure-by-design frameworks, resiliency programs and governance models, and for mentoring the next generation of security leaders.

Roota Almeida is the global CISO at Kyowa Kirin, leading the company’s global cybersecurity strategy, aligning security initiatives with business goals and driving innovation. With more than 15 years of cybersecurity leadership experience, her expertise spans security engineering, cyber defense, risk management, governance and compliance across multiple sectors. Passionate about advancing diversity in cybersecurity leadership, Almeida mentors emerging leaders, serves on advisory boards and lectures at Columbia University.

Vinod Bottu is a senior software and platform engineer at Microsoft with more than 13 years of experience designing and operating large-scale cloud and on-premises environments. His work spans cloud architecture, Kubernetes platforms, Linux systems engineering, distributed computing and end-to-end automation using Terraform, Ansible, SaltStack and Python. Bottu has built secure, compliant and highly available platforms supporting demanding workloads, with deep experience in cluster security, network hardening and identity control.

Resilient CISO Award Judge

Nick Bruno is chief information security officer and senior vice president of IT at SHL, a global HR SaaS provider, where he oversees cybersecurity, IT services, cloud infrastructure, DevOps and business continuity. With more than 20 years of experience, he has led security and data protection programs for technology and health care cloud providers, including roles at SAI360, Monster Worldwide, Philips and Continuum Managed Services. Bruno is known for enabling secure business growth and holds advanced degrees in network security and business administration, along with C|CISO, CISSP-ISSAP and CISM certifications.

Tarun Pratap Chauhan is a senior software engineer at Amazon with 11 years of experience designing and building end-to-end systems using cloud (AWS), Android, iOS and backend technologies.

Ammar Ekbote drives secure infrastructure strategies at Pinterest, focusing on safeguarding large-scale systems against evolving threats. With more than 11 years of experience in distributed systems and cloud security, his work includes architecting innovative security solutions for critical infrastructure, including agentless workload scanning. A holder of eight patents, he contributes to industry standards as a Cloud Security Alliance peer reviewer and serves on program committees for IFIP SEC and ICAIE.

Adam Ennamli is the global head of operational risk at Deel, where he is building and overseeing resiliency, ecosystem and product risk capabilities. Previously, as chief risk officer at General Bank of Canada, he unified the bank’s trust functions by consolidating risk, compliance and security into a high-performing, efficient organization. He is recognized for enabling companies to build durable competitive advantages through world-class capabilities.

Michael Fey is Island’s co-founder and CEO. Fey was President and COO at Symantec. Prior to Symantec, he was President and COO of Blue Coat. Prior to that, Mike was EVP & GM for enterprise products at McAfee and CTO of Intel Security playing a pivotal role in Intel’s acquisition of McAfee for $7.7 billion in 2010.
Fey holds a degree in Engineering Physics and Mathematics from Embry-Riddle Aeronautical University and was co-author of Security Battleground: An Executive Field Manual, providing a playbook for security obligated executives coping with the new realities of cyber security responsibilities to the board.

Vatsal Gupta is a senior security architect at Apple, leading initiatives focused on securing the software supply chain, automating RBAC and PBAC workflows, and developing adaptive access models using machine learning. Previously, he worked at Meta and PwC, where he guided Fortune 100 organizations through IAM transformations and regulatory compliance programs. Gupta is the author of AI-Driven Cybersecurity in Industrial Automation and contributes to the ISSA Journal and IDPro Body of Knowledge. He is a senior IEEE member and a technical committee member for the IEEE GAIA-SEC Workshop and ICCSIE 2025.

Renee Guttmann-Stark is an accomplished global information security and privacy executive with a career spanning 30 years. She was the first CISO at Coca-Cola, Royal Caribbean and Time Warner Inc. An early adopter of cybersecurity technologies, she has received awards for leadership and support of Women in Cybersecurity, published a white paper on the risks and benefits of early adoption, and served as one of the first judges of RSA Conference’s Innovation Sandbox.

Dr. Ed Harris holds a doctorate in information assurance and cybersecurity and has more than 35 years of network and security experience. A CISSP-certified professional, he spent 12 years teaching computer security at the University of North Carolina. He is a founding member of the Retail Cyber Information Sharing Center, a former member of the National Security Council for the U.S. Chamber of Commerce, and serves on ISC2’s cybersecurity scholarship review board. An active FBI InfraGard member, Harris is a longtime security evangelist, author and international speaker.

Col. (ret.) Hartman recently retired from a 30-year Army career, most recently serving as chief technology officer for Army Forces Command and as director of defensive cyber operations on the ARCYBER staff. He previously commanded the 359th Theater Tactical Signal Brigade and held roles with JECC and JSOC. A 2020 Army War College graduate, Dr. Hartman now researches AI decision manipulation and advises on cybersecurity engineering, organizational change and process improvement. He has served on many cyber security engineering advisory boards and presents at national and international conferences.

Suraj Raghupathy Iswaran is certified in risk and information systems control and brings more than seven years of experience in cyber risk consulting with PwC and Deloitte. During this time, he conducted more than 60 third-party risk assessments, developing deep expertise in evaluating the quality, maturity and real-world impact of cybersecurity initiatives. He contributes to ISACA’s New York Chapter, mentors through ISACA’s global mentorship program and participates as a speaker at ISC2 events. He also contributes to industry publications, including the ISACA Journal.

Krishna Kandi is a senior software engineer with more than 20 years of experience across fintech, telecommunications and secure data systems, specializing in building fault-tolerant, high-availability platforms for mission-critical financial operations. An IEEE senior member and ACM member, he contributes to computing and AI research and has presented at IEEE conferences, including CARS 2025, and at PyData Global 2025 on real-time event systems.

Ankit Kapoor is a seasoned cybersecurity leader with more than 15 years of experience in cloud network security, incident response, endpoint protection, risk management and compliance governance. At Salesforce, he is responsible for strategic initiatives including cloud service-level network isolation management, protecting Layer 7 assets from sophisticated DDoS attacks, and the Zero Trust network policy automation framework. Previously at Microsoft, he played a pivotal role in advancing Azure data center network security initiatives.

Ashutosh Kapse is a recognized expert in security risk management, serving as a fractional CISO for multiple organizations across Australia and Southeast Asia. Previously, he served as a CISO and security adviser for large Australian companies, including in financial services, federal and state government, infrastructure and utilities. He is an accredited trainer for courses leading to CISM, CISA and CRISC certifications. He is an adjunct professor at Deakin University, Victorian Institute of Technology in Australia, and Mahavir College in India.

Lavi Kumar is a principal application engineer with more than 15 years of experience driving enterprise modernization across financial services and technology. At Discover Financial Services, he leads initiatives in event-driven and cloud-native architectures that enhance scalability, resiliency and business agility. An IEEE member and open-source contributor, Kumar has authored technical articles for various journals and actively judges and mentors global hackathons. Recognized with the President’s Award for Innovation, he champions engineering excellence and strategic technology leadership.

Chris Lambrou brings 26 years of MLS management experience as an award-winning software architect and data science practitioner. He serves as CIO of Metro MLS in Milwaukee, leading technology strategy, business alignment and governance. An active industry and community leader, he chairs RESO’s Internet Tracking Group, leads the IEEE Milwaukee Section, serves on the United Way IT Committee and frequently speaks at universities and national conferences.

Cedric Leighton is a CNN military analyst and retired U.S. Air Force colonel with 26 years of intelligence and operational leadership experience. A founding partner of CYFORIX and chairman of Cedric Leighton Associates, he advises on global strategic and cyber risk. A frequent media contributor and speaker, he previously served at U.S. Special Operations Command, the Pentagon and the National Security Agency. Leighton is a decorated officer and a magna cum laude graduate of Cornell University.

Lera Leonteva is the founder of Leo AI, an early pioneer in applying AI to video marketing and now a top-10 U.K. ad tech firm with $2 million in seed funding. A former ethical hacker and OSCP, she has led penetration testing and red-teaming projects for PwC and health care organizations. For the past decade, she has been an active tech community leader, speaking on security, AI and engineering at conferences including BSides, National DevOps, Cloud Security Expo and the Code First Girls Conference.

Daniel Lieber is a highly experienced technology leader with a strong focus on cybersecurity. For the past 30 years, he has worked with many organizations on collaboration, communication, cybersecurity, and organizational success. He brings about the ability to quickly identify the intersections of technology and people, reducing friction from systems and enhancing value. Mr. Lieber has particular fondness for supporting organizations that help people thrive, including nonprofits, education, and healthcare. He is a frequent speaker at conferences and serves on several boards.

Gary D. Long, CISA, CISSP, has 30 years of combined U.S. and global experience working in the public and private sectors in consulting, sales and management. He has served in leadership roles at Golder Associates and Cerner Corporation and as a principal at several information security consulting firms, and he has been an enterprise sales team member for Check Point and Cisco. Long is a senior member of the Information Systems Security Association and a platinum member of the Information Systems Audit and Control Association.

Greg Martin is the co-founder and CEO of Ghost Security, a cybersecurity entrepreneur with more than 20 years of experience building and leading security companies. He founded ThreatStream (now Anomali), an early threat intelligence platform, and co-founded JASK, which pioneered autonomous SOC operations. Martin has advised the FBI, the U.S. Secret Service and NASA and is focused on transforming application security through AI and open-source innovation at Ghost.

Dr. Sean McElroy is chief risk officer at Lumin Digital, responsible for cybersecurity, risk management and privacy programs while tasked with securely scaling cloud-based digital banking across global data centers. He also co-founded Alkami Technology, where he served in roles ranging from CTO to CISO. He earned a doctorate in cyber defense from Dakota State University, a Master of Science in information security engineering from the SANS Technology Institute, and a BBA in management information systems from the University of Oklahoma. He holds CISSP, CISM and multiple GIAC certifications.

Chahak Mittal is a CISSP-certified security leader and manager of security engineering at The Learning Care Group. Passionate about knowledge sharing and community engagement, she has served as a judge for Major League Hacking events and as a cybersecurity instructor with Microsoft TEALS. She has participated in Women in Cybersecurity and the Michigan Council of Women in Technology, where she has championed gender diversity in the field.

Mackenzie Muir is head of information security at Bank Australia, one of Australia’s largest customer-owned banks. He previously served as CISO at Allianz Australia Insurance and as CISO for Australia Pacific at QBE Insurance. Muir has proven experience building cyber resiliency while safely enabling business growth. He is a graduate of the Australian Graduate School of Management, Deakin University, the University of New South Wales and the Royal Military College, Duntroon.

Omkar Nimbalkar is senior manager of cyber threat research and intelligence at Adobe. With more than 12 years of experience across cloud security, AI-driven analysis, threat modeling and security architecture, he specializes in driving large-scale security initiatives and developing frameworks to identify and mitigate emerging risks. An advisory board member at SJSU’s Center for Artificial Intelligence and Cybersecurity, Nimbalkar is a frequent speaker and was honored with the Recorded Future Excellence Award and named a top-five finalist for the SANS Difference Makers Award, practitioner of the year.

Patrick J. O’Guinn Sr., JD, MPA, is a distinguished trial lawyer and principal of the O’Guinn Law Firm in Columbia, Maryland. Previously, O’Guinn served as cybersecurity program director at the University of Maryland Global Campus. With 29 years of experience, he mentors cybersecurity professionals and brings expertise in higher education, digital forensics and cyber investigation. He is also an author of experiential problem-solving books.

Aritra Pal is a fintech leader with 17 years of experience, focused on delivering actionable business outcomes across financial modeling, capital markets and financial risk management. He has driven complex initiatives and AI-enabled automation to fuel growth while managing risk. He has conducted research and written white papers on industry-specific analytical models and frameworks.

Ankit Raheja is an AI product leader with more than a decade of experience building machine learning and data products across retail, automotive and technology sectors. As principal product manager at Walmart e-commerce, he leads customer-facing ML initiatives and the ML ranking platform. Previously, as product lead for AI initiatives at CDK Global, he launched the company’s first generative AI platform and managed product portfolios spanning generative AI chatbots, ML ranking systems and data platforms at scale.

Resilient CISO Award Judge

Harold Rivas serves as chief information security officer (CISO), overseeing global cybersecurity, including cloud security, threat management, risk and compliance, and security operations.

With 20+ years’ experience, Harold has helped global organizations fuel growth, develop and implement effective security strategies and navigate complex government regulations. Prior to joining Absolute, Rivas served as CISO at Trellix, loanDepot, Santander Consumer USA, and Mr. Cooper. He holds an MBA and a bachelor’s degree in business management and has received multiple industry honors, including CISO of the Year and Visionary CISO awards.

Taha Sajid is a senior cybersecurity and telecom security architect with 15+ years experience securing mission-critical infrastructure across telecommunications, cloud and AI-driven systems. He serves as a principal security architect at a leading U.S. telecom and satellite communications provider, leading Zero Trust, 5G and O-RAN security, and AI-enabled security automation initiatives. An active contributor to 3GPP, O-RAN, AI-RAN and Cloud Security Alliance efforts, he is also a published author and frequent speaker. Sajid also founded Xecurity Pulse, a research and education platform focused on telecom, AI and critical infrastructure security.

Vandana Verma Sehgal is a security leader at Snyk and a global expert in application security, AI and LLM security, and supply chain risk. She has trained more than 90,000 learners and speaks widely at leading conferences. A former OWASP global chair, she contributes to the OWASP LLM and MCP Top 10 initiatives.

Rohit Shirwadkar is a security strategy leader at Equinix with more than 10 years of experience delivering solutions that reduce risk while accelerating growth in Fortune 500 environments. He has led the design and operation of secure, high-performing systems supporting business operations across 200 countries.

Pradeep Simha is a global cybersecurity leader, president of the ISACA Orange County Chapter, and a Professional Services Solution Architect for information security at TrelliX With experience across health care, banking and telecommunications, he specializes in developing advanced security strategies to address modern cyber threats. His expertise includes incident response, digital forensics, security operations, SIEM, data loss prevention, endpoint and cloud security. A trusted adviser, mentor and public speaker, Simha holds a master’s degree in electrical and electronics engineering and is pursuing a doctorate in cybersecurity.

Mayank Singhi is an engineering manager at Google with deep expertise in scalable data platforms, enterprise cyber infrastructure, threat detection and response, and SaaS platforms. With more than 15 years of experience, he has led critical security and infrastructure initiatives at top-tier technology companies, including Google and Salesforce, where he served as director of security engineering. Singhi is also a published thought leader, writing on security, data platforms and SaaS topics for DZone and other industry outlets.

Saurabh Srivastava is director of hybrid cloud security at Hilton, leading enterprise cloud and hybrid IT security across a global hospitality portfolio. His team drives large-scale initiatives spanning AWS and other hyperscalers, including Control Tower migrations, identity-centric access (federation and just-in-time access patterns), and the rollout of CSPM, CNAPP and DSPM platforms and AI governance controls. Previously chief cloud infrastructure architect at Neiman Marcus, Srivastava is an IEEE senior member, vice president of the Cloud Security Alliance Dallas Chapter, a frequent speaker and an active mentor in cloud, data and AI security.

Resilient CISO Award Judge

Bezawit Sumner is the Chief Information Security Officer and Senior Director of Security & Compliance at CRISP Shared Services (CSS), a mission-driven nonprofit that operates and supports health information exchange (HIE) and health data utility (HDU) services across multiple states. She leads enterprise cybersecurity, information security, and compliance programs to protect sensitive health data and support secure data exchange.

A recognized healthcare cybersecurity leader, she serves on the HSCC Cybersecurity Working Group, the CyberRisk Alliance board and has contributed to Maryland and national policy initiatives. Her leadership has earned multiple honors, including the HSCC Cybersecurity Partnership Medallion Award and CIVITAS Community Excellence Award.

Tamil Mathi Tamil Thurai is a cybersecurity architect with more than seven years of experience, specializing in securing high-criticality systems used across U.S. hospitals, including FDA-approved medical products. As an active CVE researcher with two published vulnerabilities (CVE-2025-34281, CVE-2025-34282), he brings expertise across IoT, web and cloud security, spanning penetration testing, threat modeling, red teaming and incident response. A recognized conference speaker at DefCon, BSides and OffensiveX, he shares research on medical IoT and mission-critical system security.

John Taylor has nearly 30 years of experience in technology, encompassing CIO, CTO and CISO positions across sectors including technology, energy, manufacturing, insurance, health care and government. He has extensive international experience working with top-five FTSE and top-20 ASX organizations. He is the field CTO for APAC at Mimecast, helping customers address the human risk element of cybersecurity.

Gregory Wilson is the global CISO at Whirlpool. Prior to joining Whirlpool, he served as CISO at Putnam Investments and Pioneer Natural Resources and as head of information security at 1st Global. He led IT compliance and security at TPG Capital and Lehigh Hanson. Wilson holds CISSP, CISM, CGEIT, CDPSE, PSM and PMP certifications, as well as Series 7 and 24 licenses. He also serves as an adviser for Menlo Ventures and the CNBC Technology Executive Council.

Manoj Yerrasani is vice president of engineering for data and personalization at NBCUniversal, leading global-scale data, AI and personalization platforms that support streaming experiences for millions of users worldwide. With nearly two decades of engineering leadership across media, enterprise software and fintech, he specializes in building secure, resilient distributed systems and operationalizing AI for business impact. Previously, he led search and personalization engineering for the global rollout of Max at Warner Bros. Discovery.