Back to All Events

ISACA San Diego Workshop: CMMC Compliance - Cloud Enablement and Automation: The Tale of Two Contractors

  • XIFIN, Inc. 12225 Old El Camino Real San Diego, CA, 92130 United States (map)

Join us for a special presentation by chapter leaders Chad Coalier and Alexander Neff, along with a large cast of industry vets/SMEs including Brian Estep and other special guests covering CMMC architecture in the Microsoft Azure technology stack. The presentation will cover:

  • CMMC:  Genesis and Evolution 

  • Audit Readiness

  • Audit Process

  • Panel Discussion

  • The Tale of Two Contractors

    • Contractor 1: Deficient Security

    • Contractor 2: Well Architected Security: Cloud Enablement  

DETAILS:
Date: Thursday, June 26
Time: 2:00 - 6:00 p.m.
Location: In-Person and Online via Zoom
CPE: 4

ON PREMISES
XiFin, Inc.
12225 El Camino Real
San Diego, CA 92130 ·
Attendance capacity is limited to 40


SPEAKERS:

  • Chad Coalier - Security Solutions and Cloud Architect
    Chad is a seasoned Cloud and Security Architect with a specialization in Azure and a fervent passion for cloud and security technologies. With over 20 years of experience, Chad has demonstrated expertise in cloud architecture, cybersecurity, and IT operations, consistently delivering secure and scalable solutions that align with business objectives.

    In his recent role as a Solutions Architect at Security Cloud Consulting in San Diego, California (June 2024 – Present), Chad has been instrumental in client-facing engagements encompassing security, operations, and cloud architecture. He developed a comprehensive cloud migration roadmap to assist clients in complying with the NIST Cybersecurity Framework.

    Prior to this, Chad served as the CIO and Chief Information Security Officer (CISO) at Nan McKay & Associates in San Diego, California. In this capacity, he architected the development and operations of seven large state-level NIST Risk Management Framework (RMF) compliant COVID-relief programs utilizing the Azure cloud platform.

    Before joining Nan McKay & Associates, Chad was the Director of Software Products/Chief Information Architect at Learning Evolution in San Diego, California, where he directed strategic initiatives aimed at developing software products and enhancing internal technological capabilities for an early-stage education startup.

    Visit Chad on LinkedIn: https://www.linkedin.com/in/chadcoalier/

  • Alex Neff - Sr. Director of Information Security and Compliance at Faro Health, Inc.
    Alex Neff operates as a change agent in security and has led information security programs across heavily regulated private and public sector organizations for the past 15 years. Government, Healthcare and Financial have been verticals where Alex has shown his expertise and led organizations to shift security and compliance from a checkbox to a competitive advantage. Alex currently is leading information security and IT for Pharma SaaS startup Faro Health and serves on the board of the San Diego chapter of ISACA.

    Alex developed the cloud computing track of courses at the Arizona State University Polytechnic campus in a partnership with AWS to bring real-world experience to students in the IT Bachelor's and Master's programs. Alex has been awarded the Fulton Schools of Engineering Top 5% Teaching Recognition Award as voted on by students and continues to teach classes focusing on security, operations, architecture, data engineering and machine learning in the cloud.

    Visit Alex on LinkedIn: https://www.linkedin.com/in/alexanderaneff/

  • Brian Estep – Senior Technical Director, BME Industries | Principal Security Consultant
    Brian Estep is a cybersecurity and cloud architecture leader with over 20 years of experience designing, securing, and optimizing complex IT environments. As Senior Technical Director at BME Industries, a Microsoft Gold Partner, he leads strategic initiatives spanning cloud infrastructure, scalable architectures, and compliance automation; helping clients align with regulatory standards and best practices including CMMC, HITECH, ISO 27001, and NIST 800-53.

    In parallel, Brian works independently as a Principal Security Consultant for Fortune 1000 enterprises, startups, and leading vendors such as CrowdStrike, Elasticsearch, F5, Imperva, and Palo Alto Networks. His consulting engagements often focus on post-breach recovery, secure re-architecture, and the deployment of resilient systems in high-stakes compliance scenarios.

    Brian has earned and held numerous industry certifications, including CISSP, Azure Solutions Expert, and a suite of advanced GIAC credentials, such as SANS GIAC Security Expert (GSE), GCFW, GPPA, GCIA, GCIH, and GSEC. For over 15 years, he has contributed to the security community as a SANS Instructor, Mentor, Gold Advisor, Course Reviewer, and Question Bank Author.

    With deep operational roots and his "always looking for a good challenge" mindset, Brian consistently bridges the gap between innovation and rigor. He brings a pragmatic yet forward-thinking approach to build secure, scalable, and standards-aligned solutions that meet the demands of today’s evolving threat landscape.

    Visit Brian on LinkedIn: https://www.linkedin.com/in/estep

Earlier Event: June 19
ISACA San Diego June Meeting In-Person and Online: Introducing an AI Risk Management Framework for Responsible Innovation
Later Event: July 14
ISACA Workshop: API Security & Legal Risk Management for Organizations