Two decades of CISO leadership and Top Secret-cleared work, paired with the velocity of a modern AI shop. For federal contractors, regulated enterprise, and the mission systems they're racing to bring online.
Brief Us On Your Problem →Secursion closes that gap — pairing twenty-five years of CISO leadership and Top Secret-cleared federal work with the engineering velocity of a modern AI practice. We work on what the threat models actually call for, in formats the auditors can sign.
Our security lead holds DoD and FBI Top Secret clearances and has served as CISO and Chief Technology Advisor inside Fortune 500 defense contracting and intelligence-community workloads. The threat models we build are the ones we have actually defended against.
Our managing partner is a working AI builder — Carolina Redesign, SCAIO, the Palmetto Budgeting Suite, the Babcock re-platform — shipping production deployments where larger consultancies are still scoping. AI exposure moves faster than most security shops can respond.
Most security teams lose dozens of hours per deal answering vendor questionnaires, DDQs, and RFP security sections — by hand, from the same recycled answers. ResponseOS turns your existing corpus into an auditable answer engine. Drafts in minutes, evidence linked inline, signed by the humans who own each control.
Open Prototype →A secrets-management and access-control layer for LLM and agent systems under CMMC and NIST 800-171. Per-tenant key vaulting, model-level access policy, full audit trail of every prompt and tool call, and the evidence pack auditors actually ask for. In spec; design partners welcome.
Inquire About Design Partnership →Co-Founder & Chief Security Officer
Noah has spent the last twenty-five years building security programs for organizations that cannot afford to get it wrong — Fortune 500 defense contractors, intelligence-community workloads, NAVSEA-supporting programs. Most recently he was Chief Technology Advisor at KBR, where his red-team and vulnerability program cut measured exposure by 95% across one of the largest federal contractor portfolios in the country. Before that he ran the CISO function at Wave Sciences and Orbis, securing classified workloads and shipping patented biometric authentication systems.
He holds DoD and FBI Top Secret clearances, is the inventor on six U.S. patents in security and communications, and has presented original threat research at DEF CON, SOURCE Boston, and IEEE. He is an M.D. by training — Medical University of South Carolina — with prior degrees from Rutgers in mechanical engineering and cognitive psychology.
Co-Founder & Managing Partner
Jimmy is the build side. Through his AI studio Carolina Redesign, he has shipped production AI systems across legal intake, healthcare triage, state government budgeting, and cybersecurity compliance — including the Palmetto Zero-Based Budgeting Suite for South Carolina legislators and a HIPAA-compliant AI receptionist running across multiple medical practices. Larger consultancies were still scoping.
Before AI he spent fifteen years inside federal environmental compliance — 120+ NEPA reviews with zero findings overturned, a HUD Addendum to a FEMA Programmatic Agreement for South Carolina disaster recovery, a designated Subject Matter Expert seat on the HUD Exchange. The same regulatory machinery that drives CMMC and FISMA today. He is a six-year Air Force veteran (A-10 aviation, Incirlik AB), co-founder of the South Carolina Artificial Intelligence Observatory, and holds an MPA from the College of Charleston.
We do not subcontract. Both principals work on every engagement directly. If it needs a larger team, we say so before we sign.
Deliverables are written for the assessor, regulator, or board member who will eventually have to act on them — not the marketing deck. Evidence linked, citations precise, rationale on the page.
Active DoD and FBI Top Secret clearances. We operate under appropriate handling controls for sensitive engagements — including those where the existence of the engagement is itself the sensitive fact.
Engagements begin with a one-hour scoping call. No NDA required to describe the problem. If we are not the right team, we will tell you — and where we can, point you to one who is.
Tell us what you are defending, your regulatory framework, and what is blocking you. Response within one business day.
For sensitive inquiries, use the direct mailbox; we will respond with secure channel options.