Welcome to RandyHinders.com

Randy Hinders Professional Headshot

Randy Hinders, CISSP

LinkedIn: Randy Hinders

A seasoned IT executive, operator, and cybersecurity founder with 25+ years of enterprise leadership across managed care, retail, defense-adjacent, and startup environments. Equal parts strategist and hands-on problem solver — currently building and operating production multi-agent AI platforms while continuing to lead enterprise IT for a defense-adjacent software firm.

A servant leader and team builder with a track record of growing high-performing teams (often with zero turnover), aligning technology to business goals, and delivering measurable outcomes. Expert in Governance, Risk & Compliance (GRC), NIST 800-171/800-53, CMMC, Zero-Trust Network Architecture (ZTNA), and DevSecOps across GCP, AWS, and Azure.

CISSP-certified, US Army veteran. Holds active TS security clearance and a valid US passport.

Education and Certifications

Education: Waldorf College 2014, BS - Organizational Leadership (Cum Laude)

Certifications:

  • CISSP (ISC)²
  • C)ISSO (Mile 2)
  • Microsoft Certified Trainer (MCT) (Retired)
  • Microsoft Certified Systems Engineer (MCSE 4.0)
  • Microsoft Certified Azure Fundamentals
  • Microsoft Certified Technology Specialist MCTS (SharePoint 2010)
  • OnBase Systems Administrator (OCSA)
  • CompTIA A+

Technical Skills and Expertise

Management & Strategy

  • Agile Processes
  • AI Agent Operations & Governance
  • Asset Management
  • Budgeting/Forecasting
  • Building Technical Teams & Training and Development
  • Business Alignment
  • Business Requirements
  • Client Relationship Management
  • Change Management (ITIL)
  • ITIL/CMDB/RFC/CAB
  • Product Ownership
  • Staffing & recruiting
  • Vendor Management
  • Vision & Roadmap (Planning and Execution)

Security & Compliance

  • CMMC
  • Cybersecurity Product Development
  • NIST
  • Pen Testing & Incident Response
  • Risk Management
  • SAML/OAuth/AAD/Okta
  • Security practices
  • SSO
  • Zero Trust Network Architecture

Platforms & Operations

  • AI-Driven Process Automation
  • CI/CD Processes
  • Cloudflare Workers / Durable Objects / Pages
  • Data Management/Databases
  • DevSecOps/SRE/Development
  • Hyland OnBase
  • IaaS/PaaS/SaaS
  • IT Operations & SDLC
  • MDM Management
  • Multi-Agent AI Platforms (Claude Opus + OpenClaw)
  • n8n Workflow Automation
  • Office 365 (GCCH & Com)
  • Pipeline/Build/SAST/DAST
  • Process Automation
  • Real-Time Event-Driven Cloud Systems
  • Salesforce
  • SAP Integrations
  • Unified Communications
  • Virtual Desktop Management

Professional Experience

Oscar Six Security, LLC | Dayton OH

Jan 2026 – Present

Founder & Principal

  • Founded and operate an early-stage cybersecurity product company spanning three lines: production AI-agent platform engineering, external vulnerability scanning (Radar) for MSP-managed SMB websites, and fractional CISO / compliance advisory engagements. Drove company from LLC formation to live SaaS product, marketing infrastructure, and active outbound sales motion while serving full-time as Director of IT at Mile Two, LLC.
  • Built and operate a production multi-agent orchestration platform — shipping daily, not stuck at slide-deck stage — coordinating specialized agents, scheduled workflows, persistent memory, and human-in-the-loop approvals across the full business. Includes end-to-end commerce automation — Stripe payments, scan-credit ledger, event-driven credit grants, and promotional-code redemption flows — processing live transactions.
  • Launched Radar, an external web vulnerability scanning product targeted at MSPs juggling SMB client portfolios, from concept to live SaaS in under 30 days, including pricing model, payment flow, report-generation pipeline, and marketing surfaces.
  • Designed the production multi-agent platform on Claude Opus + the open-source OpenClaw runtime, including persistent file-based memory, custom skills, detached restart/recovery pipelines, and per-channel typing/status reactions for real-time human-agent collaboration.
  • Released Sarge, an open-source security audit framework that contributes a NIST 800-53 control mapping over the OpenClaw threat model (37 mapped threats); positioned for upstream contribution to the broader OpenClaw security stack post-launch traction.
  • Advise SMB and mid-market clients on AI-agent governance and NIST 800-53 / 800-171 / CMMC readiness, including third-party-risk reviews of LLM and agent integrations into regulated IT environments.
  • Built and operate the company's full cloud stack single-handed on Google Cloud Platform + Cloudflare Workers + zero-trust access — applying the same enterprise architecture patterns proven across prior corporate environments, at startup scale and cost.
  • Maintain and contribute to the OpenClaw open-source platform, with active engagement on upstream issues and feature work (security audit CLI, ClawHub skills registry).
  • Extended the multi-agent platform beyond security workloads — built real-time financial-data automation systems on Cloudflare Durable Objects and Pages, including forex and equities market data pipelines and event-driven decisioning logic — demonstrating platform reusability across regulated and high-frequency domains.
RH2, LLC | Dayton OH

Jan 2022 – Present

Founder & Co-Inventor

  • Invented & Developed a novel medical device that attaches to an existing JP Drain to automate the post-op milking process — a manual task that today depends on inconsistent patient/caregiver performance after discharge. Investigational, pre-FDA-clearance.
  • Pitched and awarded $50,000 from Innovation Fund USA
  • Functioning prototype proved the concept, and a patent was awarded
  • Looking to exit with pre-seed funding or sale of IP and LLC to an incumbent medical device manufacturer
Mile Two, LLC | Dayton OH

Oct 2020 – Present

Director of Information Technology

  • Set direction, vision, and roadmap for all core IT systems and managing day-to-day operations for a custom software development company
  • Responsibilities included IT Help desk, Information Security, Enterprise Architecture, Quality Assurance, DevSecOps, FSO, and Data Management teams
  • Managed the IT budget for hardware/software purchases, vendor management (GRC), CMMC verifications, and NIST 800-171 compliance
  • Oversaw resource utilization in a diverse matrixed environment and department-wide budgeting for a 125-person company
  • Achieved excellent rating in 2024, up from commendable on the 2022 DCSA Cyber Security Review & Rating Process assessment
  • Assisted the C-Suite in long-term technology decisions and planning for Finance, CRM, HR, and ITSM systems
  • Implemented enterprise architecture processes to reduce software licensing costs by more than 15% through consolidation
  • Implemented a ZTNA based approach based on Cloudflare and GWS (Chrome Profile)
  • Led the migrations from Okta to Google federated authentication and from M365 Commercial to M365 GCC High
  • Implemented MDM standards and migrated from Jamf Pro to Mosyle for Apple devices and InTune O365 for Windows users
  • Architected an ITIL-based GRC framework (CMDB + CAB) that raised the organizational NIST-audit security posture score from 62 to 110 — zero unplanned downtime and no impact to service delivery
  • Owned full enterprise security stack: APT, SAST, DAST, incident response, data-leak prevention, and Third-Party Risk Management (TPRM) including ITAR/CUI acquisition reviews
  • Administered multi-cloud (GCP, AWS, Azure) with budgeting and per-project account lifecycle
Speedway LLC | Enon OH

May 2018 – Oct 2020

Information Management Tower Lead & Emerging Technologies Projects Leader

  • Oversaw 8 projects to migrate existing platforms without impacting 3,900+ stores or 40,000+ employees as a part of the M&A team
  • Managed complex migrations including Historical Data, Salesforce, SharePoint Online, and Hadoop
  • Negotiated total software license savings of more than $7MM over 3 years
  • Successfully led the technology integration during Speedway's acquisition by 7-Eleven
  • Led the migration to M365 SharePoint Online for the company intranet
  • Led a 4-person team researching emergent technologies for process improvements
  • Aided in Digital Transformation Discovery Project identifying $100MM+ in savings across 3 years
CareSource Medical Management Group | Dayton OH

Apr 2010 – May 2018

IT Manager of Workflow & Collaborations

  • Helped grow membership from 800,000 to nearly 2M and revenue from $2B to nearly $10B
  • Led 4 agile teams with 50 matrixed reports, growing from 3 to 33 members with zero turnover
  • Implemented workflow automation processes contributing to $400M+ in cost savings in licenses and headcount
  • Oversaw Office 365 migration, SharePoint farm consolidation, and system integrations
  • Led DevOps platform build-out and managed 90+ Windows servers across environments
  • Improved SharePoint adoption to 300 site collections with 20 million hits per month
Interlink Advantage | Kettering OH

Aug 2008 – Mar 2010

Director of Operations, V.P.

  • Design, developed and deployed the Microsoft Hosted Messaging and Collaborating 4.5 (HMC) system on Windows Server 2008 R2 and Hyper-V • Created Multi Tenant RDP infrastructure • Microsoft Office SharePoint Server (MOSS) 2007 and Office Server Integration
  • Managed 3 field engineers • Level 3 Tech support and backup for 20 different networks
  • Grew and enhanced relationships with key vendors like Dell and Microsoft by researching various partner programs
DONet, Inc. (Now DataYard) | Dayton OH

Feb 1999 – Jul 2008

Deputy Director of Business Development

  • Grew from technical installer to Deputy Dir of Business Development
  • Managed Help Desk, Systems Administration, Network Administration teams
  • Handled pre-sales design projects for Windows services and Tier 3 support
  • Built multiple new verticals, (SaaS, IaaS, Managed dedicated hosting) many of which are still core capabilities today
  • Maintained 175+ servers with 99.99% uptime for 6 consecutive years

Military Experience

  • HHD 417th BSB, Kitzingen, GE (Mar 1996 - Jan 1998)
  • 1st MP Co., Wurzburg, GE (Mar 1995 - Mar 1996)
  • 50th Signal Battalion, Ft. Bragg, NC (Apr 1993 - Mar 1995)
  • C co. 1st Signal Battalion, Kaiserslautern, GE (Mar 1992 - Apr 1993)
  • C co. 304th Signal Battalion, Camp Colbern, ROK (Dec 1991 - Mar 1992)
  • A co. 307th Signal Battalion, Camp Carroll, ROK (Mar 1990 - Dec 1991)

Patents & Publications

  • Patent #11638780 – Medical Drainage Pump (Issued May 2023)
  • Technical Reviewer: MCSE Training Kit: Microsoft Windows 2000 Advanced Server Clustering Services (Microsoft Press, May 2001, ISBN 0735612935)

Selected Speaking, Training & Community

  • "Escape from Okta" — Ohio Information Security Conference (OISC '25), March 2025 — co-presented with Gaige Brunner, Mile Two LLC
  • "Road to Zero Trust" — Taste of IT 2025 (Technology First, Dayton OH) and at GoCyber Collective, 2025
  • "The Human Element of Tech Leadership: Insights from 30 Years in Technology" — GemCity Tech mini-conference, Dayton OH, 2025
  • Facilitator & Host, Techstars Startup Weekend — Dayton, OH, 2025
  • "Applying Agile and DevOps Principles at Scale" — CareSource IT Management Mobilization, 2017
  • Multiple presentations at Technology First, Startup Week & Startup Weekend events and company all-hands meetings — audiences regularly 100+ attendees
  • Pitched and won Innovation Fund USA award for RH2 LLC, 2022; upcoming sessions in the Kinetic Shift cohort (Bounce Innovation Hub + NEOMED), June 2026
  • Microsoft Certified Trainer (MCT, retired); instructional duties spanning back to US Army service — comfortable presenting to audiences from small teams to 100's+

Shipped

Concrete proof points for the "ships daily, not slideware" claim. Live products, working prototypes, and open-source releases.

Radar

External web vulnerability scanning targeted at MSPs juggling SMB client portfolios. Concept to live SaaS in under 30 days — pricing, Stripe payments, scan-credit ledger, report-generation pipeline.

  • Live at radar.oscarsixsecurityllc.com
  • Stripe-backed commerce
  • Promo-code redemption flow
Visit Radar

Multi-Agent Platform

Production multi-agent orchestration on Claude Opus + the open-source OpenClaw runtime. Persistent file-based memory, custom skills, scheduled workflows, detached restart/recovery, and human-in-the-loop approvals across the full business.

  • Real-time human-agent collaboration
  • Event-driven commerce automation
  • Reusable across security & finance workloads
More via Oscar Six

Sarge

Open-source security-audit framework contributing a NIST 800-53 control mapping over the OpenClaw threat model — 37 mapped threats, positioned for upstream contribution.

  • NIST 800-53 control mapping
  • 37 mapped threats
  • Open source
View on GitHub

RH2 Drain Pump

Medical device that attaches to an existing JP Drain to automate the post-op milking process — a manual task that today depends on inconsistent patient/caregiver performance after discharge. Working prototype, patent issued. Investigational, pre-FDA-clearance.

 Learn about RH2

Real-Time Market Data Engine

Forex and equities market-data pipelines and event-driven decisioning logic on Cloudflare Durable Objects + Pages — demonstrating the agent platform's reusability across regulated and high-frequency domains.

  • Cloudflare Durable Objects
  • Low-latency stateful workloads
  • Event-driven decisioning
Private

Ventures

Active

Oscar Six Security, LLC

Veteran-owned cybersecurity & AI operations

An early-stage cybersecurity product company spanning three lines: production AI-agent platform engineering, external vulnerability scanning (Radar) for MSP-managed SMB websites, and fractional CISO / compliance advisory engagements.

  • Production multi-agent orchestration platform on Claude Opus + OpenClaw — Stripe-backed commerce, scheduled workflows, persistent memory, human-in-the-loop approvals
  • Radar external web vulnerability scanning — concept to live SaaS in under 30 days
  • Sarge: open-source NIST 800-53 control mapping over the OpenClaw threat model (37 mapped threats)
  • fCISO advisory for SMB / mid-market NIST 800-171, 800-53, and CMMC readiness
Learn more about Oscar Six or Schedule a consultation
Active

RH2 Medical

A novel medical device that attaches to an existing JP Drain to automate the post-op milking process — a manual task that today depends on inconsistent patient/caregiver performance after discharge. Investigational, pre-FDA-clearance.

Why I built RH2

RH2 traces back to a personal experience I almost didn't walk away from.

After surgery, I came home with a JP drain — the standard post-op kit that someone has to "milk" by hand to keep clear. Mine wasn't getting milked the way it needed to be, and the consequences put me back in the hospital for more surgeries and more drains installed. I was lucky. A lot of patients in that situation aren't.

That moment became RH2 — a device that automates the drain milking so the patient and the bedside team don't have to remember it. It's not the product I'd have designed for fun. It's the one I had to build.

Learn more about RH2 or Schedule a consultation
Active

CMMC Prep Consulting with Randy Hinders IT Consulting

Get more with your IT

 

Providing IT consulting services to DoD contractors to help them prepare for the Cybersecurity Maturity Model Certification (CMMC) Program and ensure compliance with NIST 800-171 standards.

  • Expert guidance on CMMC requirements before calling the C3PAO
  • Unbiased & Comprehensive NIST 800-171 compliance assessments
  • Customized remediation plans that are private between us before the 3rd party assessor submits a report
  • Work to automate business functions to help you "get more with your IT"
Learn More About CMMC or Schedule a consultation

Contact Me & Schedule Time to chat

Click the button below to book a meeting or contact me: