Sandra Joyce
About Sandra Joyce
Sandra Joyce (age 47) is an independent director of Crane NXT, Co. (CXT) since 2024. She is Vice President, Google Threat Intelligence at Google LLC (since 2022), and previously served as Executive Vice President, Global Intelligence & Advanced Practices at Mandiant, Inc. (2020–2022), with earlier roles at Mandiant (2015–2020). She serves on the Board of Visitors of the National Intelligence University and brings 25+ years of cyber/national security expertise and global leadership experience advising boards on business threats .
Past Roles
| Organization | Role | Tenure | Committees/Impact |
|---|---|---|---|
| Mandiant, Inc. | EVP, Global Intelligence & Advanced Practices | 2020–2022 | Led advanced practices; advised senior management on global threats |
| Mandiant, Inc. | Various senior roles | 2015–2020 | Built intelligence capabilities; advised public/private sector boards |
External Roles
| Organization | Role | Tenure | Notes / Potential Interlock |
|---|---|---|---|
| Google LLC | Vice President, Google Threat Intelligence | 2022–present | Company paid Google ~$300,000 in 2024 (cybersecurity and marketing tools/services); independence affirmed; arms’ length, no influence by Joyce |
| National Intelligence University | Board of Visitors | Ongoing | Academic/non-profit governance role |
Board Governance
- Committee assignments: Audit Committee member; Audit Committee met 7 times in 2024; all members independent under NYSE and SEC Rule 10A-3 .
- Independence: Board determined Joyce is independent. The Nominating and Governance Committee reviewed ~$300,000 in 2024 payments to Google; found arms’ length terms and no impact on her fiduciary duties or judgment .
- Attendance and engagement: Board met 6 times in 2024; each director attended at least 75% of Board and committee meetings; policy expects annual meeting attendance—2024 annual meeting attendance was full except Max Mitchell .
- Executive sessions: Non-management directors held executive sessions at each regularly scheduled meeting in 2024; chaired by the Board Chair .
- Risk oversight relevance: Audit Committee oversees financial reporting, legal/compliance, fraud, and cyber/information security risk; regular briefings by CFO, Chief Audit Executive, and independent auditors .
Fixed Compensation
| Component (2024) | Amount / Detail | Source |
|---|---|---|
| Annual director retainer (program) | $235,000 total: $90,000 cash + $145,000 in DSUs (directors may elect up to 100% cash retainer in DSUs or fully vested shares) | |
| Committee membership fees (program) | Audit member: $10,000; Audit Chair: $25,000; MOC member: $7,500; N&G member: $7,500 | |
| 2024 fees earned/pd in cash (Joyce) | $74,725 | |
| 2024 stock awards (Joyce) | $164,470 (DSUs) | |
| Total 2024 director compensation (Joyce) | $239,195 | |
| 2024 DSU grant (Joyce) | 2,698 DSUs granted May 23, 2024; grant date fair value per DSU $60.96 | |
| DSU mechanics | DSUs issued annually at the annual meeting; forfeitable if service ceases before next annual meeting (except death, disability, change in control); settle in shares upon ceasing Board service | |
| Unvested DSUs outstanding (12/31/2024) | 2,720 DSUs for Joyce |
Performance Compensation
| Feature | Disclosed Terms | Source |
|---|---|---|
| Director performance-based pay | None disclosed; director equity is annual DSUs (time-based until next annual meeting), not tied to performance metrics | |
| Meeting fees | Not paid in 2024 (threshold for extra meetings not exceeded) |
Other Directorships & Interlocks
| Category | Entity | Status | Notes |
|---|---|---|---|
| Public company boards | — | None disclosed | No other public company directorships listed for Joyce |
| Non-profit / academic | National Intelligence University | Board of Visitors | Ongoing governance role |
| Transaction interlock | Google LLC | Employment | CXT paid ~$300,000 to Google in 2024; independence affirmed; arms’ length; Joyce did not influence transactions |
Expertise & Qualifications
- 25+ years in cyber and national security; global leadership in threat intelligence and product development .
- Advises senior teams and boards on global business threats; relevant to CXT’s risk management and audit oversight .
- Board skills matrix emphasizes cyber/information security among director competencies .
Equity Ownership
| Measure | Joyce | Notes |
|---|---|---|
| Beneficial ownership (total shares) | 2,729 (via vested/vesting instruments within 60 days) | Less than 1% of class |
| Directly owned common shares | 0 | — |
| Vested/vesting within 60 days (options/DSUs/RSUs) | 2,729 | DSUs counted; options not typical for directors |
| Director ownership guidelines | Minimum: 5× cash portion of annual retainer ($90,000 → $450,000); DSUs count; all directors in compliance as of Record Date | Anti-hedging/pledging applies |
| Hedging/pledging policy | Prohibited for directors; none engaged in such transactions in 2024 |
Governance Assessment
-
Strengths:
- Independent director with deep cyber risk expertise; sits on fully independent Audit Committee overseeing cyber/information security, financial reporting, and compliance .
- Independence affirmed despite employment at Google; ~$300,000 in 2024 payments to Google reviewed and deemed arms’ length, with no influence by Joyce .
- Solid engagement: Board met 6 times; each director attended at least 75% of Board/committee meetings; routine executive sessions of non-management directors .
- Alignment policies: director ownership guidelines (5× cash retainer), DSUs counted, and strict anti-hedging/pledging .
-
Incentive alignment:
- Director compensation is primarily fixed retainer plus annual DSUs; time-based equity fosters long-term alignment without encouraging short-term risk taking .
RED FLAGS and Monitoring
- Payments to Google: ~$300,000 in 2024 for cybersecurity/marketing tools/services. While independence was affirmed and arms’ length noted, investors should monitor future transaction volumes for escalation or scope changes that could pose perceived conflicts .
- No other conflicts or related-party transactions involving Joyce disclosed; Company maintains annual conflict certifications and review procedures .