THE TEAM
Practitioners Who Have Operated Inside the Exact Environments We Serve.
The Monarch HQ senior team brings over 70 combined years of direct operational, governance, and implementation experience across the four verticals we serve. These are not credentials assembled for a pitch deck or theoretical advisory model. They are a career record built from the inside.
The Monarch HQ team brings direct consulting, governance advisory, and operational implementation experience across the exact environments we now support.
Most GRC firms advise from the outside. Monarch HQ was built by practitioners who operated inside the environments, systems, regulatory pressures, and operational complexity our clients navigate every day.
Woman-Led · Minority-Owned · 70+ Combined Years · STR / Property Technology · Fintech & Banking · Legal · Automotive · Enterprise AI Governance
Jeni Tocol
CEO and Managing Principal, Monarch HQ
Certified Scrum Product Owner (CSPO) · Scrum Alliance Member · WiCYS Member · Microsoft Advisory Council 2010-2014
Jeni Tocol brings 25 years of experience at the intersection of innovation, security, and operational governance across enterprise global SaaS, cloud infrastructure, and regulated technology environments, beginning her career at Microsoft at the age of 20 as part of the teams that strategized and built first-in-the-world tools and applications. Her decade-plus at Microsoft spanned IoT and Connected Vehicle, AI and Research Security, Privacy and Compliance, Speech R&D and Bing Operations, and worldwide licensing and contracts. In the Security, Privacy and Compliance organization she managed the AI Discrete Server Security Program created in direct response to the WannaCry ransomware attack, one of the most disruptive cyberattacks in history, infecting over 200,000 computers across 150 countries and causing an estimated billion dollars in global damages. Her program spanned 135 data centers globally and working directly with Microsoft's corporate policy council she reduced divisional worldwide security risk by over 50%, saving $44 million within an 18-month timeframe.
At Volkswagen Automotive Cloud, she was among the first program managers hired, designing and implementing a custom zero trust-based strategic security program that governed global cloud infrastructure and scaled into VW Group of America and into the Volkswagen and Audi automotive brands in Germany. She built three foundational teams sequentially from the ground up: the Azure infrastructure team, the Global Security Operations team, and the shared services team, establishing RACI frameworks, processes, and procedures across all three. The security strategy enforced ISO 27001, NIST 800, UNECE, GDPR, CCPA, UK GDPR, and China PIPL across global regions. Across her career she has operated at the intersection of legal, security, and executive decision-making, managing highly confidential contracts, patents, and IP, supporting boards of directors, and managing external partner relationships with Intel, ARM, AMD, Sony, IBM, and UW Global on behalf of Microsoft. Her regulatory experience spans GDPR, CCPA/CPRA, UK GDPR, PIPEDA, China PIPL, UNECE, NIST 800, NIST CSF, and ISO 27001 across EU, US, UK, Canadian, and Chinese jurisdictions.
In 2022, Jeni entered the short-term rental and corporate housing industry as an operator, scaling Vivid Villas, an STR/MTR corporate housing company, from two to 22 luxury corporate apartments across two states in just over a year, building a 24/7 international operations team. She also led Solena Suites, an STR/MTR corporate housing company operating 16 units across two states, to 60% direct bookings through API integrations. Through direct operator experience inside the proptech ecosystem, she identified structural compliance blind spots that no existing GRC tool was built to address. That intersection of global GRC consulting, governance advisory, and operational implementation authority and hands-on operator experience led to the creation of Monarch MindSec. She is a 2x STR industry bestselling author and recognized STR industry thought leader. No other GRC practice carries this combination of enterprise global security architecture, embedded STR operator experience, and direct proptech ecosystem authority.
Her work uniquely bridges enterprise governance strategy with hands-on operational implementation inside modern technology and operational ecosystems.
Very few GRC consulting firms carry this combination of enterprise-scale governance leadership, direct operator experience, AI governance exposure, and implementation authority across both global enterprise and rapidly scaling operational environments.
Bryan Guy, J.D.
Chief Data Protection Officer, Monarch MindSec
J.D., Seattle University School of Law · CAMLS/CAFT · CSPO
Bryan Guy, J.D. is a senior product and legal executive with 25 years of experience at the intersection of financial services compliance, AI governance, enterprise global SaaS product development, and regulatory law. He has served as Chief Legal Officer and Head of Product and Legal Affairs for multiple organizations, contributing to an estimated $80 billion in product-related revenue impact, and has operated as embedded product counsel at Starbucks, F5 Networks, T-Mobile, Microsoft, and Alaska Airlines.
His financial services depth is extensive. He built and led the BSA/AML compliance program for a stablecoin product including FinCEN obligations, SAR filings, and OFAC screening. He served as product counsel for a NASDAQ-listed payment orchestration company through SEC S-1, 8-K, 10-K, and 10-Q filings. He led POS rollout across 8,000 Starbucks locations with PCI P2PE, SOX safeguards, and ML governance for the DeepBrew AI personalization platform. His anti-money laundering and counter-financing of terrorism expertise combined with his J.D. and CLO track record gives Monarch MindSec a level of financial services regulatory depth that is exceptionally rare at this scale.
His work translates regulatory requirements into practical, defensible artifacts including DPIAs, LIAs, ROPAs, DSR workflows, data transfer assessments, sub-processor diligence, audit logging, consent and choice UX, and AI and model governance controls. Bryan's background gives Monarch MindSec a critical capability: the ability to produce governance strategy, compliance analysis, and implementation guidance that is not legal advice, but that legal teams can rely on, build from, and trust. He understands how to scope compliance issues accurately, reduce rework, and prevent misalignment between legal guidance and how systems actually function in practice.
His work consistently bridges legal interpretation, governance advisory, and operational implementation inside regulated technology environments.
This depth of embedded product counsel, financial services governance, AI governance, and operational implementation experience is exceptionally rare within boutique GRC consulting environments.
Shavkat Aynurin
Chief Technology Officer, Monarch MindSec
Senior Cloud Solutions Architect · Principal Solutions Architect
Shavkat Aynurin is a senior engineering leader with 20 years of experience delivering AI and enterprise global SaaS platforms under strict safety, governance, and regulatory constraints. At Google and Google DeepMind, he worked across both Google Assistant and Google Gemini, building evaluation frameworks, bias analysis pipelines, and compliant production traffic measurement systems that enabled objective model quality assessment without PII, directly supporting safe, auditable, and policy-aligned deployment of large language models in production.
At Volkswagen Automotive Cloud, he served as Principal Software Engineer, leading SDLC governance and release compliance across global development teams. Previously he led engineering excellence for global connected vehicle platforms at Volkswagen Group, aligning distributed development teams across Europe, the United States, China, and Latin America on SDLC processes, requirements traceability, and release governance aligned to Aspice and region-specific automotive and data regulations. Across six years at Luxoft he designed cloud architecture for automotive and media platforms across Seattle and Moscow as a Senior Cloud Solutions Architect and Principal Solutions Architect. As CTO of News360, he built an AI-driven news aggregation platform from founding through scale.
His work consistently focuses on reducing operational and regulatory risk by translating complex legal, safety, and technical requirements into enforceable engineering processes that scale across jurisdictions and organizations. He builds systems that are designed to be governed from day one, not retrofitted for compliance after the fact. At Monarch MindSec, Shavkat leads technical architecture, operational implementation, scalability oversight, engineering governance and delivery quality, compliance automation, and AI governance platform build.
His work operationalizes governance directly into engineering systems rather than treating compliance as a layer added after deployment.
Few boutique GRC consulting firms bring direct experience building and governing AI-enabled systems, connected automotive platforms, and enterprise-scale operational environments at this level.
AI ADVISORY
Senior AI Advisory Supporting the Future of Governance
Alan Packer
AI Advisor, Monarch HQ
Alan Packer brings nearly 30 years of applied AI and machine learning experience spanning speech and natural language understanding, enterprise search, AI systems governance, and security. He currently serves as CEO of AI Advisors LLC and is a member of Techquity.ai, providing AI-focused consulting and advisory services to enterprise organizations and emerging technology companies globally.
Alan previously served as Director of Engineering for Amazon Alexa's Natural Language Understanding organization from 2018 to 2022. Prior to Amazon, he held leadership roles at Facebook overseeing Search Platform and Language Technology teams responsible for Search Ranking, Machine Translation, Speech Recognition, and Natural Language Understanding systems at global scale.
Before Facebook, Alan spent 12 years at Microsoft serving as General Manager of the Anti-Malware team and later the Natural Language and Intent team within Bing, where he helped build the core language technology and backend systems powering Microsoft Cortana. Earlier in his career, he served as Vice President of Engineering at RuleSpace, Inc., which was acquired by Microsoft in 2002.
His experience strengthens Monarch HQ's capabilities across enterprise AI systems, AI governance, operational implementation, language systems, AI-enabled operational environments, and emerging governance frameworks for modern AI ecosystems.
His addition further expands the depth of real-world AI systems, enterprise-scale language technology, and operational AI governance expertise embedded within the Monarch HQ advisory ecosystem.
WORK WITH US
Start the Right Conversation
Whether you are evaluating a GRC consulting engagement, governance advisory, operational implementation initiative, leadership advisory, or speaking engagement, the right conversation begins with context.