_config.yml

url: https://locked.net
# baseurl:

# Site settings
title: Locked
email: contact@locked.net
description: "Strategic security leadership for organizations that can't afford to get it wrong. 30 years of expertise in application security, surveillance law, and AI governance."

# Team names, titles and social links
people:
- name: Ian Gorrie
  pic: 1
  position: Principal
  social:
    - title: twitter
      url: https://twitter.com/gorrie
    - title: linkedin
      url: https://linkedin.com/in/gorrie
    - title: instagram
      url: https://instagram.com/iagorrie/
    - title: github
      url: https://github.com/gorrie
    - title: youtube
      url: https://youtube.com/@IanGorrie

# Social networks usernames (footer icons)
social:
  - title: twitter
    url: https://twitter.com/gorrie
  - title: linkedin
    url: https://www.linkedin.com/in/gorrie
  - title: instagram
    url: https://instagram.com/iagorrie
  - title: github
    url: https://github.com/gorrie
  - title: youtube
    url: https://youtube.com/@IanGorrie

# Postal address
address:
  - line: 1425 Broadway \#20-4405
  - line: Seattle, WA 98122

# Services
services:
  - icon: fas fa-shield-alt
    title: Virtual CISO Services
    description: Fractional CISO expertise for organizations that need strategic security leadership without a full-time executive. I assess your current posture, develop roadmaps, and guide implementation.

  - icon: fas fa-brain
    title: AI Security & Governance
    description: Navigate the security and compliance challenges of AI deployment. From LLM security to bias testing to regulatory compliance, I help you build AI systems responsibly.

  - icon: fas fa-balance-scale
    title: Privacy & Surveillance Law
    description: Expert guidance on GDPR, CCPA, CPRA, and emerging surveillance regulations. I've spoken at the FTC and worked with regulators—I know how they think.

  - icon: fas fa-cogs
    title: Security Program Development
    description: Build or mature your security program with proven frameworks. OWASP, NIST, ISO 27001—I've implemented them all and can tailor them to your organization.

# Testimonials
testimonials:
  - name: Jerome Foster, MSISA
    quote: "Ian's assessment work was invaluable. His expertise in identifying application vulnerabilities and implementing security controls significantly improved our security program's maturity."

  - name: Tom Lindeman
    title: President & CEO, Shinobi USA, Inc.
    quote: "Ian brings serious technical acumen combined with passion and problem-solving abilities developed over 30 years in software. He has strong potential for CISO or leadership roles."

# Professional Contributions
contributions:
  - org: OWASP
    role: Seattle Chapter Leader (Multiple Years)
    description: Organized monthly meetings, brought industry speakers, promoted application security best practices.

  - org: (ISC)²
    role: Community Contributor
    description: Advanced knowledge through CISSP program covering eight security domains.

  - org: ISACA
    role: Community Participant
    description: Expertise in security governance, risk management, audit, and compliance through CISM and CISA programs.

  - org: ToorCamp/ToorCon
    role: Hacker Conference Participant
    description: Active engagement with offensive security research and emerging threats.

# Speaking Engagements
speaking:
  - event: Federal Trade Commission Workshop
    year: 2016
    location: Washington, DC
    title: "Avoiding Catastrophe: An Introduction to OWASP Proactive Controls"
    link: https://digitalcommons.law.uw.edu/ftc/3/

  - event: Official Cybersecurity Summit
    year: 2017
    location: Seattle, WA
    title: "Application Security & OWASP Frameworks"


# Build settings
markdown: kramdown
permalink: pretty
# Updated: 2025-11-04 - Cloudflare Worker integration