The glue between
the silos.
I forged the career in marketing operations and demand gen, the disciplines that pay for themselves and earn you the room. The creative came first, though, and stayed: the instinct to take a category too tangled for its own buyers to explain, find the real story buried in it, and build the connective tissue that turns a fractured org toward a single direction. Heretics is what that wiring does once it stops reporting to someone else.
The short version
I'm Nicholas Sorenson. The résumé says marketing and growth operator inside cybersecurity companies, the person accountable for pipeline, positioning, and the line that connects what marketing does to what the business actually books. That part is true. But the title undersells the actual work, which has always been creative: take a complex, technical category nobody can explain cleanly, find the real story inside it, and build the connective tissue that gets capital, product, sales, and brand telling the same one.
I didn't start in security. Twenty years ago the work was marketing communications for wildlife conservation — running comms for Wildlife Alliance out of Phnom Penh, on the ground for documentary shoots with the networks. Storytelling about things that mattered, with no budget and high stakes. Cybersecurity came later, in 2010, and I've spent sixteen years in it since. The throughline from the jungle to the SOC is the same instinct: find the story the facts are actually telling, and make people who don't speak each other's language care about the same one.
That work has run the full arc: naming a category before the analysts had a slot for it, rebuilding a brand on the way to an IPO track, standing up demand engines that fed real pipeline, and most recently positioning an AI-SecOps platform in the one fight the category can't avoid: whether the machines replace the analysts or amplify them. The categories were rarely single things. "Security operations" names a whole stack: a SIEM and SOAR core (Splunk, Sentinel, Cortex XSOAR, Google SecOps), the XDR and EDR telemetry feeding it, the detection engineering that makes any of it fire correctly, and the managed service wrapped around the whole thing, with external feeds like digital risk protection and attack-surface monitoring bolted on at the edge. "Access governance" at Pathlock was its own constellation: IAM, IGA, PAM, and application-layer controls, all of it answering to SOX, SoD, and ICFR before it answered to a security need. The work was never picking the acronym. It was finding the one story that made a dozen of them cohere for a buyer who owned all of them and understood none of them cleanly.
The job underneath every title was the same: make the go-to-market engine produce predictable revenue, and prove it.
Heretics is where that work operates on its own terms. The firm owns a single methodology, Revenue Governance, and applies it to the problem most cybersecurity companies share: a go-to-market motion that looks busy from the inside and incoherent from the outside.
Why this exists
Anyone can run the play. The scarce thing is knowing which play, against which market, at which moment, and being right.
The tooling got cheap. AI will draft the campaign, build the model, render the page, and write a passable first version of nearly anything you ask it to. Speed has stopped being a differentiator and become the price of entry. What stays scarce is the judgment about what is worth building at all: the read on where a category is heading, which motion a given market will actually reward, and which confident vendor story is a genuine position rather than an expensive tautology dressed as one.
That read is the thing I sell. It runs on the same wiring that does the synthesis: holding the technical detail, the market narrative, and the org politics in one frame, and finding the single connection that makes them resolve. Everything downstream — the operators who run it, the engine that encodes it, the public desk that grades vendors on it — is execution. The methodology is how the wiring becomes repeatable for someone who isn't me.
The wiring, and the war
Start with the thing most people put in a footnote: I'm neurodivergent. ADHD. I've stopped treating it as a caveat, because it's the engine. The same wiring that makes a linear quarter-plan a slog is the wiring that sees a whole tangled category at once and finds the line through it. Pattern over process, synthesis over sequence. The creative side was always the real instrument; the operations career is where I learned to aim it.
I don't use the word failure. I've never met anyone operating in good faith, misguided or not, who earned it. What I've had instead is a long dialectic: a thesis I believed, an experience that contradicted it, and a synthesis I only reached by working through the contradiction. Most of that happened in rooms where I was defending marketing to the people who held the capital. Leadership, the board, PE masters, explaining ROI, measurement, the stack, the methodology, again and again. Some of those rooms I won. Some I lost, and the loss sent me back to dig deeper into cause and effect, to get better at articulating the engine to the powers who fund it, and to tell the truth about the numbers even when the truth was unwelcome.
I've run the whole gamut to get here: cutting my teeth in marketing ops and RevOps, then field and channel, then owning demand gen, brand, and product marketing, and eventually all of it at once. From that vantage you see the things people would rather not name. The silos. The technical debt. The ARR targets that were never remotely reachable, stood behind anyway by sales and marketing leaders afraid of shortening their own tenure — myself included, at one point. The disconnect between capital, the CEO, the CFO, product, engineering, sales, customer success, product marketing, demand gen, and brand is more prevalent than anyone admits.
The hinge is the oldest line in strategy, von Moltke's: no plan survives contact with the enemy. The enemy here wears no logo. It is the absence of revenue governance, and the failure of nerve that lets a board hear a number everyone in the room privately knows is fiction. A teardown that flatters you isn't a teardown. Heretics exists to make that contact on purpose, early, while the plan can still be changed. Naming the enemy is the first act. Governing it is the rest.
The track record
Owned global marketing pipeline and commercial revenue for a next-generation MDR and AI-SecOps platform, building an integrated org across demand gen, ABM, product, brand, partner, and ops. Defined the GTM positioning around human-first, AI-augmented SecOps, with AI as a force-multiplier for the analysts rather than a replacement for them, and built the rebuttal narrative for the market's loudest question: whether AI SOCs make MDR obsolete. Drove a full brand and website relaunch, sharpened the coverage-delta story (what we detect that your existing stack doesn't), and activated funded co-marketing alliances with Palo Alto Networks and Microsoft.
Built and scaled growth marketing across demand gen, brand, product marketing, content, and PR/AR, driving an 80% YoY revenue increase. Directed a company-wide rebrand and platform repositioning that tripled high-intent pipeline and accelerated IPO-track readiness, and owned GTM for the unified cyber-defense platform: $90M in new-logo pipeline, marketing-sourced revenue contribution up 3×. Ran partner marketing for the global Microsoft alliance, building the co-marketing strategy alongside the sales alliances team (MISA) that positioned the company as a leading Microsoft MDR partner.
Directed demand generation and ABM for MDR and risk-reduction solutions, exceeding pipeline goals across three consecutive quarters. Led the rollout of a PLG freemium cyber-risk assessment that expanded top-funnel reach, and rebuilt attribution and lead scoring to improve MQL-to-SQL conversion.
Led the strategic repositioning and category definition of an access-governance platform: ICP segmentation, PLG motion, category naming, and solution narrative, establishing a clear market identity ahead of major analyst coverage. Drove early analyst and influencer engagement to shape perception of the emerging category.
Owned digital and demand-gen strategy for the application-performance platform through to its acquisition by IBM. Scaled PLG campaigns and web strategy driving acquisition and product adoption, and introduced DevOps / CI-CD practice into the web stack for both product and marketing applications.
Built marketing-operations strategy across budgeting, forecasting, and reporting, and developed customer-journey mapping and lead-scoring for the security-ratings platform.
The grounding years inside the security industry's incumbents, and where the operational discipline got built. I cut my teeth in marketing ops and RevOps at SSH Communications Security, the company founded by Tatu Ylönen, the man who invented the SSH protocol itself. From there: field and partner marketing for NetWitness across EMEA and APAC, growing the regional base over 30% in a year, then corporate digital, social, and thought-leadership strategy for RSA, a Fortune 500 security brand, including creative strategy for RSA Conference.
The competencies
The toolkit, stated plainly. What twenty years in marketing actually leaves you holding.
Educated in political theory and constitutional democracy, which, it turns out, is decent training for reading how power, incentives, and narrative actually move inside a market.
If a go-to-market motion you're responsible for looks busier than it is effective, that's the conversation Heretics is built for. Work with Heretics →