Directed IT security operations for multiple clients in the healthcare industry. • Strategized long term initiatives and planned short term goals and projects to enhance security operations and threat management. • Incident Commander, responsible for leading all incident response activities and managing the incident response process from beginning to end. • Identified and evaluated cyber security risks and vulnerabilities, collaborating with senior management and fellow IT Directors to determine appropriate risk response.• Configured and maintained security in both AWS and Azure, consulting cross functional teams during a cloud migration to Azure, ensuring security is implemented at inception by forcing multi-factor authentication, vulnerability detection and enhanced logging for log correlation and analysis.• Performed regular security assessments following HIPAA and NIST, recommending actions to remediate gaps and training staff on data and email security best practices. • Continuously examined security tooling for effectiveness, deploying compensating tools and processes where necessary and recommending the replacement of outdated or ineffective software. • Provided advisory services to client HIPAA security officers, monitoring for and reporting security process and policy violations.• Strategically aligned personnel with technology to improve annual budget and operational capabilities.

Reduced IT risk through compliance audits, vulnerability management and risk analysis, securing client services. • Improved overall HIPAA compliance for all client companies through the creation of 5 security awareness training videos, ensuring security awareness training is completed on an annual basis. • Consulted clients, supervising 1 system engineer and 2 analysts, providing IT risk management, systems architecture advisory, audit response, vulnerability management and security operation services.• Advised 1 client through a HITRUST certification, formulating corrective action plans for 48 findings, advising on 10 policy creations and providing more than 200 supporting documents, resulting in the client being awarded a HITRUST certification, exceeding client needs and expectations. • Performed 2 HIPAA and NIST risk assessments, presenting the results to C-level executives and client stakeholders, resulting in the creation of 8 policies and a 10% increase in HIPAA and NIST compliance. • Program manager for a simulated phishing training, increasing the reach from 89 users to 2,551 by replacing the previous solution with an open source solution, GoPhish, providing phishing baselines, evaluations and metrics for the shared services environment. • Identified, designed and deployed Tenable SC, increasing the overall performance and accuracy of vulnerability scans, providing vulnerability tracking and increased remediation efforts by working alongside system engineers to implement mitigating efforts (GPOs, patches, registry changes).• Audited AWS and Azure cloud environments against best practices, utilizing an array of open source tools (Prowler) and manual checks, identifying several weaknesses and working with system owners to implement remediation such as MFA, network segmentation and more restrictive routing tables and security groups. • Mentored 5 analysts, resulting in 3 promotions and the addition of a GCIH and CISA to the security team.

Engineered several cost reducing security initiatives through solution consolidation and open source technology.• Spearheaded the search for a cost-effective Security Information and Event Management solution, identifying, designing and deploying Graylog in a multi-tenant environment and configuring over 50 unique log sources, completing the project 3 months ahead of schedule and significantly improving Apricity’s ability to provide effective real-time incident response, reducing the time to containment by 30 minutes. • Developed the incident response process by identifying and defining 26 incident response runbooks. These runbooks, in conjunction with the SIEM solution, Graylog, and the alert management software, Opsgenie, provided for real-time incident response through the use of escalation policies and a primary and secondary on-call rotation, ensuring an initial incident response time of under 10 minutes from receipt of the alert. • Utilized an array of network intrusion detection, endpoint protection and event correlation software to conduct comprehensive analysis of malicious traffic and monitoring events for 7 clients to determine root cause, identify indicators of compromise and eradicate 100% of the detected malware for all clients.• Overhauled the laptop and data encryption process, developing and implementing custom developed scripts to encrypt machine during the imaging process, improving laptop encryption by 60%. • Identified numerous opportunities to consolidate security solutions for multiple clients, removing redundant solutions and reducing annual license cost by $82,000.• Rapidly promoted after demonstrating a deep understanding for security threats as they relate to business development, business continuity planning and the shared services environment.

Provided incident response through using open source tools and tested IT controls through regular auditing.• Installed and configured Nessus Professional in a multi-tenant environment, defining the vulnerability and patch management program through regular vulnerability scanning, analyzing the results and presenting reports to the security committee, senior management and client stakeholders. Identified critical and high severity vulnerabilities and tracked remediation, working with system engineers and application owners to ensure a 90% patch compliance and 100% deployment of mitigating efforts when patching was not feasible. • Provided real-time incident response during the WannaCry outbreak, working alongside network and system engineers ensuring 100% patch compliance for 200 servers and 5,000 workstations resulting in 0 compromised systems during the outbreak. • Revamped the account management process for new and existing EMR applications, responding to a backlog of over 300 requests and developing a role-base permission matrix that also defined the level of access required for granting access to ePHI, reducing the account creation time from 2 weeks to 1 day. After refining the process, transitioned account management to a third party support desk, freeing up local support for near-real-time response for on-site tickets. • After demonstrating subject matter expertise in incident response, malicious code review, vulnerability management, and control testing, was promoted to Security Analyst III.

Completed a 7-year enlistment, gaining highly technical and upper-level management experience. Chosen to attend instructor training and serve as a mentor and technical trainer to junior and senior sailors.• Supervised 18 sailors & managed 6 government contracts, delivering 16,000 hours of advanced information technology curriculum, providing mission ready, system administrators to commands worldwide.• Delivered over 3,000 hours of technical training, instructing sailors through the Microsoft MCSA courses, CompTIA Security + course and ship specific network security and best practices course.• Improved the Master Training Specialist certification program by assigning mentors, conducting 72 tests and 28 oral boards, resulting in the qualification of 45 sailors in support of the command’s mission.• Selected as the Navy Instructor of the Year for FY15 and awarded the Navy and Marine Corps Commendation Medal and Navy and Marine Corps Achievement Medal.

Quickly promoted to supervisor after showing a high level of technical aptitude and leadership abilities. Trusted advisor to the information assurance and security team.• Supervised 27 Network, System and Security Administrators in the upkeep and patching of 3,000 workstations, 45 servers, 62 Alcatel switches, one Cisco router and two active directory environments ensuring continuous communication services for 5,100 personnel while underway and in-port. • In accordance with DISA STIGs, performed numerous network reconfigurations to include multiple ACL changes, port modifications and the installation of missing patches which led the ship through its first cyber security inspection, resulting in an overall passing score of 86.9%.• Implemented a NetApp storage solution reducing daily support tickets by 80% and improving backup results by 90%. • Developed and maintained numerous documentation and processes and procedures, training junior administrators on job requirements ensuring a successful turnover while transferring from the command.• Awarded the Navy and Marine Corps Achievement Medal on two separate occasions.