Our Leadership Team

Meet Our Amazing Team

Brian Gay

Managing Director

Brian Gay is a technology consulting entrepreneur with significant expertise in Enterprise Architecture, Cyber Security and IT Project Management. Mr. Gay has used his extensive experience to support federal government and commercial customers; working on high-profile engagements including developing a common architecture for the initial Cloud Computing procurement in the Federal government. Mr. Gay has also supported implementation of enterprise architectures for a number of organizations including establishing the foundation for Enterprise Security Architecture at a Cabinet-level Department.

Mr. Gay possesses a Bachelor’s degree in Finance from James Madison University. Additionally, Mr. Gay is Co-Chair of the Northern Virginia Technology Council (NVTC) Cybersecurity and Privacy Committee and a member of the Military Order of the Carabao.

View BIO

Jon David

Managing Director

Jon David, a former Director at Mandiant, boasts over 15 years of extensive experience in the cybersecurity sector. His expertise lies in enabling organizations to comprehend their threat landscape, strategically prioritize defenses, and effectively mitigate exposure to malicious threats. Throughout his career, Mr. David has played a pivotal role in aiding numerous enterprises across diverse industries in identifying and addressing vulnerabilities within complex environments. Drawing from this wealth of experience, he intimately understands the unique challenges each industry encounters when safeguarding their digital ecosystems.

Mr. David holds a Bachelor of Science in Computer Science from Millersville University.

View BIO

Ryan Tappis

Managing Director

Ryan Tappis has over 15 years experience as a cybersecurity subject matter expert with expertise in information security program management, security engineering, security compliance, incident response, risk management, and vulnerability assessments. Mr. Tappis has led teams of up to 20 in support of cybersecurity engagements. He has supported cybersecurity engagements at the Department of Health and Human Services, Health Resources and Services Administration, National Institutes of Health, Agency for Healthcare Research and Quality, U.S. Department of Interior, U.S. Department of Agriculture and numerous commercial organizations.

Mr. Tappis holds a Bachelor’s degree in management information systems and Master’s degree in computer systems management from the University of Maryland. He is a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), and Project Management Professional (PMP).

Practice Leaders

View BIO

Andrew Armstrong

Andrew Armstrong leads the Cyber Operations service line at NR Labs. He has 23 years of experience in various engineering and project management roles, including Cyber Security Engineer, Systems Engineer, Test Lead, and Control Account Manager.

He has worked on projects ranging from 1,200-person systems integration programs for DoD to 10-person agile teams doing web development. He excels in fast-paced/high pressure environments, and is skilled in grasping the big picture, conceptualizing, developing, and implementing solutions. He partners with business leaders and executive leadership to develop workable solutions. He has performed Cyber Security Assessments, led Infrastructure teams in physical to a virtual migration (VMWare/NetApp), and architected multiple systems for AWS GovCloud.

Andrew loves to connect with people, understand their challenges and help develop workable solutions. Outside of work he dabbles in making art, reads about cognitive science, and loves to sail on the Chesapeake.

View BIO

Casey Erikson

Casey Erikson helps lead the Commercial Penetration Testing services. Casey focuses on delivering a wide range of proactive service lines while developing new and innovative methodologies to enhance our existing approaches.

Prior to becoming a Director at NR Labs, Casey served in cybersecurity leadership roles at Mandiant and OpenZeppelin building and supporting Proactive and Incident Response cybersecurity teams and methodologies. He has a wealth of experience supporting both technical and executive teams in their journey to improving their cybersecurity posture.

Casey is a passionate problem solver, and enjoys any athletic activity that promises to be exhausting, especially basketball. He also enjoys anything related to space and quantum mechanics.

View BIO

Jane Hu

Jane Hu leads the Advanced Governance Risk and Compliance (GRC) service line at NR Labs. As a cybersecurity consultant and project leader for over 18 years, Jane Hu has helped multiple federal and commercial clients improve their compliance and cyber hygiene. Ms. Hu has focused on conducting security and risk assessments using the beloved National Institute of Standards and Technology (NIST) 800-53 and ISO 27002.

Although she started her career as a penetration tester, she decided to join the dark side known and now leads the Advanced GRC practice. She helps client’s effectively identify and manage cybersecurity risks in their environment through automation and the “force”.

View BIO

Michael Browne

Michael Browne leads the Cyber Innovation Service Line at NR Labs. Michael focuses on cybersecurity innovation and transformation and brings extensive experience in the disciplines that lead to transformative cybersecurity outcomes.

Prior to becoming a Director at NR Labs, Michael served in cybersecurity leadership roles at Ernst & Young, Accenture Federal Services, and Lockheed Martin bringing over two decades of cybersecurity and technology leadership experience delivering transformative outcomes to private and public sector clients. His focus areas have included cyber risk assessments, program strategy, architecture, governance, system integration, and continuous improvement.

Michael is passionate about people, coaching and teamwork. In 2021, he helped found the Washington DC Gaels Youth Development Program and coaches boys soccer teams. When he’s not working or coaching, Michael tries unsuccessfully to interest his wife and kids in endless stories about Irish history. He also enjoys writing, learning guitar (and other musical instruments), and trying to not get injured playing Gaelic Football and Hurling.

View BIO

Patrick Smiley

Patrick Smiley leads NR Labs’ CISO Advisory Service Line and has more than 18 years of experience standing up and optimizing IT service offerings by applying his information security, project management, and business analysis expertise.

He is considered a trusted advisor and regularly briefs executive stakeholders including CIOs, Deputy CIOs, and CISOs on information security and non-information security subject matters. He has assessed incident management processes against external requirements, led efforts with clients on restructuring security operations and security engineering procurements valued in the hundreds of millions of dollars, and facilitated multiple Authorities To Operate by integrating security activities closely with system project management efforts.

When Patrick is not working, he has traveled to 48 out of 50 states as well as three out of ten Canadian provinces by car. His exploration by airplane has taken him throughout the World to Western Europe, the Middle East, as well as Asia.

View BIO

Nathan Kirk

Nathan Kirk is a Director at NR Labs currently responsible for delivering a variety of offensive security services, including Web Application, Hardware/IoT, and Internal/External Penetration Tests. With almost a decade of experience in Penetration Testing, Nathan is also a full stack web developer, and has a passion for both finding and offering solutions to complex cybersecurity challenges.

Nathan began his Penetration Testing career working on IoT devices at Alarm.com in 2015. After obtaining the Offensive Security Certified Professional (OSCP) certification, Nathan began his consulting career by moving to the Adaptive Threat Division (ATD) of Veris Group in 2017. After Veris Group was acquired by Coalfire, Nathan left to join Jon David and Casey Erikson at Mandiant in 2017. After two years at Mandiant, Nathan left to become the Director of Penetration Testing at Hilton in 2019, where he built their Penetration Testing and Bug Bounty programs. Nathan joined NR Labs in 2024, where he has since participated in significant cybersecurity research and performing offensive security assessments for clients.

View BIO

Joseph Faust

Joseph focuses on delivering a broad range of strategic service lines aimed to help customers identify and effectively manage cybersecurity and technology risk through the development of strong cybersecurity program capabilities.
‍
Prior to becoming a Director at NR Labs, Joseph served in Cybersecurity and Cyber Risk leadership roles at Citizens Bank, a top 20 US based financial institution and provided Advisory Cybersecurity Consulting services for domestic and international customers while with Mandiant, a Google Company. Joseph has wide depth of industry experience across fortune 500 clients, Federal Government as well as Federally Funded Research Centers. Joseph has blended skillset versed in technology, cybersecurity and risk and provides executive and technical teams advisory services.

Joseph holds a Bachelor of Science in Accounting from the College of Charleston and a Bachelor of Science in Business Administration from the College of Charleston. He has completed coursework towards The SANS Institute Master of Science, Information Security Engineering degree.

Testimonials

Customer Success

Many organizations with the largest attack surfaces in the world consistently rely on NR Labs leaders to identify, evaluate, lead remediation, and enhance their cyber resiliency every day.

“Every cyber program needs trusted partners to provide meaningful advice and high-quality execution. I trust NR Labs to always give me honest answers, even if I do not like to hear it.”

Sean Owen, CISO, Abt Global

“NR Labs has been an excellent partner. They are reliable, fast, and provide top talent to support Valiant's security initiatives with clients.”

Geoff Gregory, GSA Program Manager, Valiant Solutions

“At our size, we needed a cybersecurity partner that we could trust to do the work, had the scale to address our volume, and deliver at a budget level we could afford. NR Labs proved to be that firm.”

Third Party Risk Management Lead

“NR Labs’ MatureMetrics cyber reporting product is a unicorn in the market.”

Mike Gioia, Jimmy John’s, Senior ISO

"NR Labs exceeded our expectations across the board with their proficiency, experience, and delivery. They were able to identify areas of improvement not previously discovered and communicate recommendations in a highly actionable format. The quality of their approach and delivery really stood out from other engagements. With NR Labs, we received more than a report; we gained a trusted advisor.”

Keith Weitz, RegEd Inc., Vice President of Infrastructure

Leadership

Meet Our Amazing Team

Brian Gay

Jon David

Ryan Tappis

Practice Leaders

Andrew Armstrong

Casey Erikson

Jane Hu

Michael Browne

Patrick Smiley

Nathan Kirk

Joseph Faust

Customer Success

Join Our Team

Jon David