In his role at OMB, Ross worked closely with the Office of Federal Procurement Policy (OFPP) on supply chain and acquisition policy and with the Office of Information and Regulatory Affairs (OIRA) privacy office on technology policy and breach response. He also led efforts to modernize federal IT systems and modernize risk management practices to ensure secure infrastructure across the federal government. In partnership with the White House's senior leadership, Ross developed, implemented, and transitioned key cybersecurity and risk management policies and initiatives across two administrations, including the Cybersecurity National Action Plan (CNAP), the IT Modernization report and plan, and the OMB breach memorandum. During his tenure, Ross helped establish the federal CISO council to ensure use of common security performance metrics and targeted industry engagement, briefed congressional staff on OMB's oversight of federal agencies' cybersecurity posture, and developed approaches and recommendations for strategic messaging opportunities for OMB leadership, National Security Council staff, and other White House leadership.
Ross has served as a legislative director for a U.S. House of Representatives member, where he managed voting for all of the economic, defense, and homeland security policy; wrote, edited, and introduced legislation focused on information sharing liability protection and critical infrastructure development; and developed the strategy for the introduction, debate, and adoption of all legislative priorities. He was also a senior policy advisor for a U.S. senator, where he negotiated inclusion of legislative language in both appropriation and authorization bills focused on homeland security, technology, and economic policy; built strong relationships with the Departments of Commerce and Homeland Security while advocating on behalf of large and small ISPs for internet and data security reforms; and, in collaboration with Homeland Security Appropriations staff, helped to craft key policy decisions, including the inclusion of full funding for cyber education. Earlier in his career, Ross was a professional staff member with the U.S. Senate Committee on Small Business and Entrepreneurship, where he started the cybersecurity/IT portfolio in the Small Business Committee, negotiated numerous budget and tax amendments, and drafted legislation authorizing Small Business Administration programs for disabled and minority veterans groups.