Josh Harr is a senior cybersecurity advisor, cybersecurity diplomat, and security executive with 17 years of experience spanning the U.S. federal government, critical infrastructure, healthcare, private industry, and international defense organizations. His work focuses on helping organizations and governments understand, prepare for, and respond to complex cyber risk shaped by geopolitical dynamics, operational constraints, and real-world consequences.

Josh currently serves as a Business Information Security Officer (BISO) within a large U.S. healthcare organization, where he aligns cybersecurity strategy with business growth, regulatory requirements, and patient care operations. In this role, he translates technical risk into executive-level decision-making, enables secure expansion, and embeds cybersecurity into enterprise transformation initiatives.

In parallel, Josh supports international cyber capacity-building efforts as a senior cybersecurity advisor to the Bulgarian Ministry of Defense and its Cyber Defense Center. His contributions include developing incident response frameworks, defining organizational structures, building sustainable cyber workforce pipelines, designing and delivering large-scale exercises, and advising senior leaders on governance, metrics, and long-term operational resilience aligned with NATO and EUCOM objectives.

Josh also serves as an officer in the U.S. Air National Guard, specializing in cyberspace operations and international security advising. In this capacity, he contributes to operational planning, training, and leadership development, with experience integrating cyber considerations into joint and multi-domain environments.

Across government, military, and private-sector roles, Josh has designed and delivered tabletop exercises, crisis simulations, and decision-focused training for executive leaders, technical teams, and policymakers. These engagements emphasize risk-based thinking, mission impact, and leadership decision-making under uncertainty rather than purely technical response.

His professional background includes leadership in incident response, security governance, vulnerability management, application security, regulatory compliance, and metrics-driven security programs. He has worked across frameworks such as NIST, CIS, and NATO-aligned models, with an emphasis on practicality, repeatability, and measurable outcomes.

Josh’s work consistently operates at the intersection of cybersecurity, geopolitics, and organizational leadership—helping leaders understand not only what could happen, but why it matters, when decisions must be made, and how to act effectively in complex environments.