President
Dave Tuckman
Dave is the Executive Director of SecurityStudio Academy with FRSecure and has over 30 years of successful experience in Executive level, Engineering, Operations, Sales, Business Development & Client Relations. Additional experience in consulting, project management, public speaking and entrepreneurship (in 2 businesses he built and sold). Dave became Executive Director at SecurityStudio Academy (sister organization of FRSecure) in March 2025, after serving as an Information Security Consultant / vCISO at FRSecure since 2023.
As Executive Director of SecurityStudio Academy, Dave leads the development and execution for shaping curriculum, guiding strategic growth, and collaborating with subject matter experts to elevate our training experience and drive industry-wide improvement.
Certifications include C|CISO, CvCISO, CISM, CISSP, DTEF,CDPSE. C|EH, Security+, CSX-F, HIPAA Certified Professional, plus multiple vendor-specific certifications.
Dave is a member of ISACA, ISACA San Diego, (ISC)2 SanDiego, Comptia, EC-Council, and Infragard. Celebrating 8 years volunteering on the ISACA San Diego Board and has served as chapter president since 2022.
vice president
Alex Neff
Alex operates as a change agent in security and has led information security programs across heavily regulated private and public sector organizations for the past 15 years. Government, Healthcare and Financial have been verticals where Alex has shown his expertise and led organizations to shift security and compliance from a checkbox to a competitive advantage. Alex currently is leading information security, compliance and IT for health sciences SaaS startup Faro Health.
Alex developed the cloud computing track of courses at the Arizona State University Polytechnic campus in a partnership with AWS to bring real-world experience to students in the IT Bachelor's and Master's programs. Alex has been awarded the Fulton Schools of Engineering Top 5% Teaching Recognition Award as voted on by students and continues to teach classes focusing on security, operations, architecture, data engineering and machine learning in the cloud.
treasurer
Tim Smith, CPA, CISA
Tim retired after 20 years with KPMG US and KPMG International, where he specialized in data and analytics for IT and financial audit. In the last part of his career, he focused on the design, testing, implementation, documentation and training for the data analytics modules of KPMG’s proprietary audit software, CLARA.
He previously led the IT audit practice in the KPMG San Diego office, providing IT audit, Sarbanes-Oxley compliance assistance, computer-assisted audit to clients in multiple industries.
He also spent four years as IT Audit Manager at LPL Financial, the nation’s largest independent Broker-Dealer, leading a team of IT auditors, managing work on a variety of IT, financial and regulatory compliance audits and special projects.
secretary
Brian Gibbs
With over 25 years of experience in IT and cybersecurity, Brian has successfully guided organizations across higher education, biotechnology, health insurance, and other sectors. His expertise spans budget management exceeding $18 million, leadership in virtual CISO engagements for public sector entities such as water districts, and direction of numerous incident response initiatives.
Brian holds a Master of Business Administration from Indiana Wesleyan University and a Master of Science in Cybersecurity from the Georgia Institute of Technology. His professional credentials include CISSP, CCSP, CvCISO Level 3, QTE, and Security+. Over the course of his career, he has served as a Pre-Sales Solutions Architect, Director of IT, Lead Cybersecurity Instructor, and Teaching Assistant. He remains an active member of InfraGard San Diego, ISACA, and (ISC)².
Beyond his professional work, Brian is the President of the Sunset Hills Education Foundation, a nonprofit that supports educational programs. He enjoys watching his sons compete in baseball, basketball, and flag football, and is passionate about mentoring future cybersecurity leaders. Guided by the principle of mission before money, Brian believes that integrity and purpose always lead to long-term success.
Research
Chad Coalier
Chad is a seasoned AI, Cloud and Security Architect with a specialization in Azure/AWS. With over 25 years of experience, Chad has demonstrated expertise in AI, cloud architecture, cybersecurity, and IT operations, consistently delivering secure and scalable solutions that align with business objectives.
In his recent role as a Solutions Architect at Security Cloud Consulting in San Diego, California (June 2024 – Present), Chad has been instrumental in client-facing engagements encompassing AI, security, operations, and cloud architecture. He currently serves as the Research Director and Board Member of the San Diego chapter of ISACA. He also has served as a researcher on the CSA AI Security Control Reconciliation working group, helping to align NIST and ISO AI security control standards.
Prior to this, Chad served as the CIO and Chief Information Security Officer (CISO) at Nan McKay & Associates in San Diego, California (January 2008 – May 2024). In this capacity, he architected the development and operations of seven large state-level NIST Risk Management Framework (RMF) compliant COVID-relief programs utilizing the Azure cloud platform. Chad led technology and cybersecurity initiatives for this professional services company with over 1,000 employees, specializing in NIST 800/CSF compliant application processing platforms, fraud detection systems, and asset management services.
Chad's extensive experience and commitment to leveraging AI, cloud and security technologies make him a valuable asset in driving innovation and ensuring robust security measures within organizations
membership
Lucy Maxwell, CISA, ITIL Foundation
Lucy has more than fifteen years of experience in the audit field, five as a specialized IT Auditor working for two of the Big Four global public accounting firms, and the rest working for both for profit and non-for profit organizations, including healthcare, and the IT services industries.
Currently, Lucy is a Manager in the Advisory Services group at RiSK Opportunities, Inc., a local consulting firm which provides audit, governance, and compliance services to clients.
Programs
Emily O’Caroll
Emily is a Field CISO with GuidePoint Security. GuidePoint Security is a $2 billion pure play security company founded in 2012 and headquartered in Virginia with over 1,200 employees, 60% of which are tenured cybersecurity CISOs, engineers, architects, and consultants. As a Field CISO, she supports clients as an interim or virtual CISO, or in pre-sales activities and strategy decisions.
Prior to GuidePoint, she was the CISO at Topgolf Callaway Brands for over 9 years and oversaw a global team of over 30 people. She built the cybersecurity strategy, program, and team during a period of extreme revenue growth and acquisition – revenue growth from $800M to $4.28B per year, and acquisitions of Topgolf, TravisMathew, Ogio, and Jack Wolfskin.
Emily started her career in management consulting as an intern at KPMG in 2005 and left as a Director in 2015, and spent time in their San Diego, San Francisco, Silicon Valley, and Chicago offices. She worked with major companies across all industry verticals, including Fortune 50 companies.
Emily is a graduate of UC San Diego and has her bachelors degree in Mathematics and Economics with a minor in Dance and obtained her CISA certification in 2009.
COMMUNICATION
Emmanuel Vagneur
Emmanuel is a Security Analyst at ICE Cybersecurity. He began his career as a software engineer with the French Navy, working on complex technical systems in high-stakes environments and collaborating closely with allied and international partners on interoperability experiments. Through this work, he built trust and strong relationships that enhanced collaboration and delivered meaningful results, reinforcing the importance of clear communication and mutual respect in achieving shared goals.
These experiences naturally led him to transition into cybersecurity, where he now focuses on protecting small and medium-sized businesses, strengthening system resilience, and continuously expanding his expertise in security and technology.
Academic Relations
Vanessa Bourgeois
Vanessa is a senior cybersecurity and technology leader with extensive experience spanning cybersecurity operations, mergers and acquisitions, technical program management, AI initiatives, and product ownership across global enterprises.
She has held leadership roles at organizations including Newmont Corporation, Hewlett Packard, Dell Technologies, and Verizon, where she has led complex, regulated, and high-impact programs aligned to business risk, compliance, and strategic outcomes.
Vanessa holds a Doctorate in Global Leadership, a Master of Science in InformationTechnology, and two MBAs—Technology Management and in Project Management. She maintains several professional certifications, including PMP, CSM, CSPO, and GISF, and is currently pursuing the CISSP. Known for her “think like a manager” approach to security, Vanessa emphasizes risk-based decision-making, governance, and zero trust aligned security strategies.
COMMUNITY OUTREACH
immediate past President
Matt Stamper, CISA, CISM, CIPP/US, ITIL
Matt Stamper is a multi-time CISO with extensive experience in cybersecurity, information security, cloud security, IT audit, risk management, privacy, AI security, and governance.
Matt is a former research director and security analyst at Gartner (NYSE:IT) and has extensive experience in cloud services and IT service management, including international experience in Latin America and China. Throughout his career, Matt has spoken to 1000s of CISOs, CIOs, corporate leaders, and boards of directors. Matt’s experience spans early-stage startups and large, multinational public companies across multiple industries, including managed services, managed security services, global telecom, and advisory services.
Matt excels at conveying complex cybersecurity and technology concepts to boards of directors, executive management, professional service providers, and vendors in the cybersecurity industry.