My career in technology and cybersecurity began in the mid-1990s at the University of Texas at Arlington (UTA), where I worked at UTA Engineering Television. Those early days immersed me in hands-on media production, broadcast systems, and the emerging digital infrastructure that would soon become the backbone of secure information environments—laying the groundwork for everything that followed.
After graduating from UTA, I moved to Dallas and joined Internet America in the Policy Enforcement Department, which doubled as early Information Security. I spent seven years there, sharpening skills in policy enforcement, risk awareness, and the real-world mess of protecting networks in the dial-up era. That experience drove me to pursue an MBA in Information Assurance at the University of Dallas—one of only 50 NSA Centers of Academic Excellence at the time, and the sole business school among them. I saw information security not just as tech, but as core business risk, and the program’s blend of rigorous professors, adjuncts, and peers made it a highlight.
Today, I serve as Lead/Cybersecurity Governance, Risk & Compliance (GRC) at Lennar Corporation in Irving, Texas (2025–present). In this enterprise role across Homebuilding, Mortgage, and Title divisions, I lead cybersecurity governance, compliance strategy, and AI risk management. I authored Lennar’s full enterprise Artificial Intelligence Management System (AIMS) Manual—aligning to ISO/IEC 42001, NIST AI RMF, and ISACA AAISM—covering AI lifecycle governance, risk/impact assessments, incident response, TEVV processes, and secure deployment. I built the AI policy suite (including Acceptable Use Policy and Common Criteria), designed Confluence documentation architecture, led cyber insurance renewal responses (clarifying biometrics/tracking policies to minimize misstatement risks), coordinated PwC-driven updates to the Information Management & Cybersecurity Policy, and contributed to board-level risk reporting while driving cross-functional remediation for audits, SOC 2/NIST gaps, and penetration testing. This work proactively addresses emerging risks to build secure, scalable value in a regulated, high-growth environment.
Alongside this enterprise leadership, I founded Stage Four Security in 2019—a North Texas consultancy focused on proactive security culture through policy, training, and risk management. It’s my lab for staying ahead of threats, including AI-powered insights via “The Moments of Security”—predictive analytics, anomaly detection, and behavioral trends distilled into actionable intelligence. In January 2025, I launched the Stage Four Institute, a not-for-profit expanding into education and outreach: workshops, open-source research, and “The Connections of Cybersecurity” network linking students, nonprofits, small businesses, and pros—leveraging AI/machine learning to democratize knowledge.
Before these ventures and my current role, I held senior positions at Fortune-level firms: Vice President of Risk Assurance at JPMorganChase (2024), where I drove AI-enhanced risk analyses and executive briefings; Principal, Corporate Information Security at CoreLogic (2022–2023); CISO Advisor/Consulting Senior Manager at Unisys (2017–2018); and progressive roles at Sirius Computer Solutions (2011–2017) and CVS Caremark (late 2000s), building compliance, vendor programs, enterprise architecture, and zero-major-findings audits.
Over nearly 30 years, I’ve watched tech evolve—boosting productivity while introducing new challenges. I’ve integrated M&A security, colocation, cloud, and Zero Trust, always anchored in foundational principles. As an adjunct professor at the University of Dallas (2014–2018), I guided 200+ students through technology management with real-world cases, leaving an impression that’s hard to condense.
My online presence (@James_K_Bishop on X) reflects a lighter side alongside my professional work. I enjoy mixing sharp, principled commentary with a touch of humor—often leaning conservative with a Federalist edge. I weigh in on topics like government overreach, regulatory burdens, AI freedom versus control, cybersecurity policy, and the ethics of innovation, always aiming to turn complex issues into clear, story-driven insights that spark thought (whether agreement or debate).
I keep things balanced through my writing on jameskay.online, where I indulge my love of storytelling as a raconteur. The blog is my outlet for thoughtful essays blending conservative principles, policy critique, Texas heritage, and cultural observations—often with a narrative flair that turns complex ideas into vivid, memorable vignettes. Whether exploring historical analogies, immigration sovereignty, or the intersections of tech and freedom, I relish crafting pieces that engage readers, spark reflection, and defend foundational values. It’s a creative pursuit that sharpens my thinking, complements my cybersecurity work, and reminds me that clear, principled communication builds understanding as effectively as any framework.
I thrive on proactively addressing risk to build lasting value—one secure framework at a time.