Erik brings comprehensive experience building cybersecurity programs from the ground up for healthcare and technology organizations. His expertise spans incident response, vulnerability management, security architecture, identity and access management, cloud security, application security, and regulatory compliance, including SOC 2, HIPAA, PCI DSS, GDPR, and NIST frameworks.
Before joining CREO, Erik served as Staff Security Operations Engineer at Kyruus Health, where he built enterprise security operations and incident response programs, established vulnerability management automation, and consolidated security platforms. Previously, he held the position of Senior Cybersecurity Engineer and Team Lead at DriveCentric, where he built a cybersecurity team from scratch and implemented comprehensive security controls aligned with NIST frameworks. Erik also served as Senior Cybersecurity Engineer at Ksana Health, where he independently achieved SOC 2 Type 2 certification and implemented HIPAA and GDPR-compliant controls across a multi-cloud infrastructure.
Erik takes a pragmatic approach to security, focusing on translating complex regulatory and technical requirements into sustainable, operationally efficient solutions that balance risk management with operational needs.
Erik earned his Bachelor of Science in Computer Science with an emphasis in Cybersecurity from Boise State University.
Outside of work, Erik is an avid equestrian and competitive athlete, along with a diverse background of hobbies.
