Built to outlast
the operator.

A new global security organization formed through M&A-style integration. No leadership chart, operating cadence, KPIs, or engagement model with the rest of the business. Several senior leaders entered with overlapping mandates and openly different theories of what success looked like. Initial budget and headcount were provisional, both smaller than the scope required. Day 1 was capable people from different cultures and reporting lines, with no structure to make them an organization.

Chief of Staff and de facto COO to the CVP. Strategy and Operations, plus the continuous improvement discipline (Bowler and Monthly Operating Review). Delegated authority across the org and direct engagement with CEO direct reports across Engineering, Finance, Legal, sales, and customer success. $125M portfolio inside a 340-person team.

Org chart and functional design. Operating cadence and rhythm of business. KPIs and reporting infrastructure, including impact metrics that didn't exist on Day 1. Engagement models and dependency maps with sister orgs across the company. Communications structure: internal narrative, executive messaging, external papers. Employee engagement layer: 300+ survey responses synthesized into action plans, leadership roundtables, monthly all-hands, monthly newsletter I wrote and published.

The org absorbed multiple leadership transitions during the build, and the structure I helped put in place outlasted them. Employee satisfaction up 8 points in 6 months from a low post-M&A baseline. Most important, the team I helped stand up matured into the organization that stops more than $4 billion in fraud and scams annually for Microsoft customers. The CEO elevated that data, which seeded one of the most-covered security stories of the period.

Microsoft was entering the enterprise security category. The portfolio was being incubated, the field motion didn't exist yet, and the company hadn't earned a seat at the CISO table. No playbook for engaging a CISO. No competitive talk track. No win/loss capture. No partner engagement model. No logo strategy. And, predictably for a category at that stage, recurring gaps between what engineering shipped, what corporate marketing positioned, and what CIOs and CISOs actually needed — the kind of gaps that lose deals quietly until the motion is built to close them. The opportunity was real; the motion didn't exist.

Field execution lead on the field-side of Microsoft's security incubation. Carried a portfolio while co-building the motion in real time, with direct CIO and CISO interface. CISO engagement, competitive positioning, win/loss capture, partner engagement, and logo strategy. Also the field-to-corporate feedback loop — bringing customer objections, competitor intelligence, product technical requirements, and the CISO talk track back into corporate GTM, marketing, and engineering.

The CISO conversation, end to end. The competitive talk track. A win/loss system that turned single deals into pattern data corporate could act on. Partner engagement models. A logo strategy targeting accounts that would validate Microsoft's right to play in the category. Global learning forums that pulled marketing and engineering into the field motion — and pulled field intelligence back into corporate, so the next quarter's product roadmap, positioning, and enablement reflected what the market had actually said.

Contributed to landing 50% of Americas security revenue in a single year during the formative period. Foundational reference logos secured: a Fortune 50 retailer, a global logistics leader, a global professional services firm. The plays the team co-built became the operating motion the rest of the field ran as the security portfolio scaled. The field-to-corporate intelligence flow closed the gap between customer expectations and product roadmap, and shaped how Microsoft built, positioned, and sold security in subsequent cycles.

Security customer success did not exist inside Microsoft. Customers were buying products but the motion to drive adoption after the sale was thin. No global strategy, no operating data, no partner attach motion, no referral engine, no framework for the field to use. Initial sponsorship was provisional, headcount was capped well below scope, and the program had to navigate competing priorities across field, product, and partner organizations — plus the standard Microsoft contracting and compliance gates that any partner motion has to clear before it can ship.

Global strategy for security customer success at Microsoft, supporting 1,000 field roles. Two-year build. Data discovery, program design, partner management, GTM model, automation, and the hand-off to Microsoft's standing operating organization.

Pulled discovery from engineering and product owners to quantify the adoption gap. The global program itself, designed to support 1,000 field roles. A managed partner ecosystem with new partners recruited and onboarded. A GTM and attach model pulling partners into adoption work the field couldn't deliver alone. An automated referral engine that matched partners to customers on multiple attributes, replacing ad hoc handoffs with a repeatable system. Underneath the matching engine, a feedback mechanism that surfaced gaps between what customers expected post-purchase and what the product roadmap was delivering — turning the partner motion into a real-time signal back to product.

57% growth in adoption across the security portfolio. 22% increase in partner referrals through the automated matching engine. Customer renewals protected, additional revenue opportunity unblocked for field teams. Four years after launch, the program continues to run globally and is now embedded in field compensation and success metrics — part of how Microsoft Security operates and how the field gets measured.

Inside Microsoft Security, AI was the topic in every leadership conversation but the operating layer underneath it was thin. The CEO mandated a portfolio of AI use cases for the security and fraud and scams organization. Two weeks to scope. Monthly accountability. Underneath sat the harder problem: getting operators to actually adopt AI in their daily work, not just track it.

CEO-mandated AI use case generation, prioritization, and governance across the security and fraud and scams organization. End to end: discovery, framework, business cases, executive review. Also AI champion and change agent for the broader Chief of Staff and operations community.

A discovery motion interviewing every leader to surface friction and heavy human involvement. A categorization framework mapping opportunities by impact: engineering throughput, human hours, dollars. A stack-ranked portfolio with a business case per initiative. Monthly operating review with leadership. In parallel, an AI adoption toolkit (training modules, prompt library, use case patterns) for the Chief of Staff community, paired with active change management.

The two-week scoping deadline met. A governed portfolio of 30+ initiatives, each with an owner, business case, and monthly accountability. The toolkit and change management work extended adoption to 300+ Chief of Staff and operations peers. AI moved from topic to operating capability, both vertically through the portfolio and horizontally across the community.

A CVP stood up to lead a new global security mandate inside Microsoft. The mission was high-stakes, but Microsoft was not yet recognized as a player in this space, and the leader was new to it. Three things had to happen at once: Microsoft established as a credible voice, the leader solidified as an authority, the team's work amplified externally. None had infrastructure on Day 1.

Strategic partner to the CVP on narrative, external authority, and brand architecture for the mandate. End to end: positioning Microsoft in the new space, building the leader's external profile, amplifying the team's work, and the operating motion behind all of it.

The narrative spine for the mandate. Decks, whitepapers, and executive prep for every high-stakes moment. A long-form article I ghost-wrote that seeded the broader press cycle. A speaking and authorship strategy that placed the CVP in the right rooms. Contributions to the Microsoft Board update on fraud, the annual Microsoft Digital Defense Report, and the company-wide Secure Future Initiative.

Microsoft established as a recognized player in a space where it hadn't been seen as a leader. The CVP became a recognized authority. The substance was real: the team and motion the work supported now stops more than $4 billion in fraud and scams annually for Microsoft customers — the figure that drew CEO attention and seeded 300+ international articles, four live news interviews, and contributions to the Microsoft Board, the Digital Defense Report, and the Secure Future Initiative. Years later, the leader continues to speak on the topic in retirement; the platform continues to publish, most recently in Microsoft's Cyber Signals Issue 9 on AI-powered deception.