weekends only to get out of the house and such.

Caregiving for family, COVID recovery, relocation, temporary self-employment (startup support, Vulnerability and Threat Intelligence research, Roadmap true up, SIEM capability analysis), and zero on-call for the first time in 20 years. Camping, Hiking, Family Focused Roadtrips, and a wee bit of fUnemployment to prepare for my next long term employment opportunity / adventure.

Honored to be the 2nd security employee at Gong. I helped build the security roadmap and help true-up security gaps. This included taking over existing penetration tests (until transitioned to our talented Red Team). My primary focus being security monitoring, detection, and response(Security Operations, Threat Intelligence, Security Engineering, Threat Hunting, Purple Team Exercises, Incident Response, Forensics). Drove roadmap deliverables for building and maturing our monitoring, detection and response team capabilities. Collaborated and partnered hand in hand with R &D, leadership, and multiple parnters/ vendors for the greater good. My team identified and closed multiple security monitoring, response and compliance gaps. I met regularly with CISO direct reports to collaborate cross functionally for big organizational projects, audit support, gap remediation, security technology deployment, technology POCs and security staff career roadmap development. I drove & helped build / mature the following: • Managed SIEM & our platform provider• Advance SIEM content including use case development• Incident Response program / tooling• AWS Security & Incident Response• Threat Intelligence / Threat Hunting / Purple Team Exercises• SecEng - EDR, Forensics, email security, cloud and hybrid enterprise security platforms• Various enterprise security functions until transitioned - (Offensive Sec, Penetration Testing, Application/Platform Security, GRC, Vulnerability Mgmt., etc.)

My scope not only included the ownership of monitoring, detection, and incident response program but also Vulnerability Mgmt., OT Security, Security Engineering, Threat Hunting, Threat Intel, Insider Threat Program. Improved the vulnerability management program with focus on advancing overall program maturity, documentation and stakeholder engagement. Created get-well plan to streamline operations of the VM program & deploy across the Global SecOps to ensure coverage and reporting.Responsible for and Provided the following:• Manage a team of Corporate, Cloud Security Detection and Response engineers. Including OT Security, and Penetration Testing• Vulnerability Management Program with a focus on advancing Maturity, documenting current state, overall program improvement and adoption.• Consult and help Mature Phishing Awareness and Education Roadmap.• Manage and build a Global Security Operations Team• Manage MSSP provider, SLA’s and deliverables • APT/Threat Actor mapping specific to business vertical• Document and lead the effort of finding known and unknown threats and understanding new adversary TTPs• Project Mgmt/Scrum oversight, planning, and validation• Purple Team Exercises• Dexcom Global Security Operations / Threat Hunting / Enterprise Security Team Building - Capture The Flag!• Data Privacy Strategy and Support

Unified two separate Security Operations teams and cross-trained them to monitor, secure, and enable the corporate and cloud environments for both employees and customers. Owned Vulnerability Mgmt., SIEM & MDR, Security Engineering, Threat Hunting, Threat Intel, the Insider Threat Program. Worked collaboratively with Platform Security and Offensive Security Teams.• Managed a team of Security Operations Analysts to enable and secure the corporate and cloud business for both employees and customers• Managed multiple MSSP providers, SLA's and deliverables• Created a training plan and career path for SecOps Team• Build and advance security use cases and content development for Public Cloud, Hybrid, On-Prem, and Teradata’s customized Private Cloud platform.• Created one team from two separate security operations entities to provide a unified front for security operations, incident response and insider threat.• Partner with IT, internal security teams and third party vendors to champion and mature the overall security program• Grow the value provided to the business, the customers and team• Experience aligning compliance and regulatory requirements with strategic objectives

Security Swiss Army Knife, responsible for daily operations, security engineering, SaaS and MSSP relationships and deliverables. AMN Security evangelist and collaborator.• Configured & deployed Vulnerability Management products, optimized, organized and matured Vulnerability mgmt. operations, remediation, automation and strategy. • Own management of a 24x7x365 security operations center and coordination with the corporate security operations• Admin / Manage, & Monitor email security product to thwart phishing attacks, streamline config based on analysis and trends. Back up admin and optimization focal. • Created the AMN Information Security Intern Program for hands-on real world experience and included required reading, phishing campaigns design/delivery/reporting, packet analysis, security tools training. • Work with infrastructure and development leaders to formalize processes around security operations, incident response and vulnerability management.• Lead & participate in information security projects, such as security awareness, privileged information management, identity management, SOC services, Penetration Testing, Phishing Awareness, Threat Hunting• Work with management to develop the annual operating and capital budget• Coordinate vendor security assessments & remediation - lead and advise on strategy based on research, and analysis• Created business specific SIEM content to protect the enterprise and family of companies• Managed any Security Alerts, Bulletins, Advisories and deliver to pertinent business leaders/teams.• Developed and refined security metrics for the function and upper level management, the executives and board• Helped create career path and talent management strategy, created initial job descriptions for the AMN Security Team

I came to PlayStation as an HP/ArcSight consultant after PlayStation’s major breach in 2011. I had just rolled off the Walmart SOC build/shift augmentation. I was honored to have PSN work with HP/ArcSight to transition me to FTE, initially as a Sr. Security Staff member and then Cyber Intel Analyst, and eventually Cyber Intelligence Defense Center manager. During my tenure we moved the bar internally and externally for gaming security, the PSN platforms, in game exploits, fraud, threat actor identification, & APT threat response mapping and mitigation. the CIDC lead this effort with our partners and competitors.• Responsible for the management and professional development of Cyber Intel & Defense Center personnel• Coordinate and work with the Analysts to make sure that the analysts, processes and technology are meeting the SOC service level objectives• Ensures that all SOC personnel issues are being addressed and make senior management aware of any improvement opportunities• Ensure analysts are receiving development guidance in accordance with the practices and standards of the SOC• Own the successful completion of all daily operational processes and procedures• Responsible for ensuring these daily operational processes effectively support SOC operations and for ensuring continuous process improvement• Define KPI’s, SLA’s and metrics• Responsible for ensuring that the SOC understands business requirements and delivers value to stakeholders and customers• Responsible for integrating new customers into the SOC service• Responsible for defining the vision of the SOC team and ensuring that the service stays abreast with the latest threats and security trends• Responsible for the detection and escalation of appropriate security events.• Responsible for defining the goals and objectives for each team member in accordance with the overall business vision and strategy• Provides the interface with upper management and direct M2M interface to outside teams

Cyber Intel Specialist: • Created ground level service for Integrating Cyber Intelligence into Security Operations• Provide ad hoc and weekly Intelligence Reports• Deployed Proof of Concept Phishing Education utilizing the Simple Phishing Tool kit, this lead to business consideration for Enterprise Solution• Proactive Intelligence gathering for various attack vectors to protect broad spectrum of business partners• Perform reconnaissance on various assets, technical and human, both internal and external to the business • Research, collect, distill, and disseminate both tactical and operational intelligence • Coordinates with Security Operations function to ensure analysts are using the most up-to-date intelligence in relation to analysis, and escalation of significant security threats• Coordinates with Senior Management to deliver actionable, hands on intelligence, in a clear, concise manner• Work with various intelligence sources, both technical and human, to maintain an agile and cutting edge security posture for the most current threats• Author, edit, organize, and refine raw intelligence reports/articles/papers produced by the Intel team• Distill key findings/judgments quickly for consumption across a diverse set of audiences (execs/mgmt/analysts/media/customers)• Represent the Intel team's findings as a public spokesperson to both management, executives and customers.

Senior level MSSP / Security Consultant responsible for shift augmentation, training new analysts, and SecOps. Monitor, evaluate, and maintain systems, networks, and procedures to protect data systems and databases from unauthorized access. Identify potential threats, recommend mitigating actions, and respond to reported security violations by containing threats while determining point(s) of entry. Research, recommend, and implement changes to procedures to protect data from future violations. Create ArcSight content packages, support content lifecycle, test and refine. Proven ability to effectively communicate with project stakeholders (Client, PMs, and technical staff).Thorough understanding of all ArcSight Components including:• ArcSight Smart Connectors• ArcSight Enterprise Security Manager (ESM)• ArcSight Logger• Experience designing, implementing, and testing various SIEM solutions.• Thorough understanding of the event lifecycle as it pertains to the SIEM platforms and product suite.• Knowledge and insight into various Attack Lifecycle models.• Experience with the Common Event Format (CEF).• Understanding of ArcSight Content development best practices.• Understanding of ArcSight package creation and bundling processes.• Ability to create and troubleshoot regular expressions in custom parsers and within multiple SIEM platforms and product offerings• ArcSight FlexConnector configurations.

• Support of Microsoft Windows & Linux• Electronic Health Care Records Implementation• Network Security and Configuration• Virus Remediation• Biometric Security Controls• Video Surveillance / CCTV• Experience working in dynamic and fast paced environment.• Install, configure, upgrade and troubleshoot computer hardware and software

Product-Technical Support. Remote Assist, Remote Install , Online Professional Services - Corporate. Virus Removal.I found multiple malware variants and iocsI helped the malware research team improve algorithms, and detection capabilities. Trained new malware analysts.

• Focal for all services delivered by Managed Security Services provided by IBM. • Network, Host, Vulnerability Scan, Incident Management, Anti-Virus, Security Intelligence Services, Threat Assessment.• Perform executive level presentations on security posture.• Manage a security risk management process to assist the customer.• Develop, manage, implement, and review security processes and policies.• Provide informal/formal security reviews for IBM delivered processes or architectures.• Research emerging security technologies and practices.• Create/deliver standard monthly security operations reports.• Audit response focal including remediation of defects found regarding Ernst & Young, SOX, and HIPPA. • Communicate with account executives and customers technical leads.• Lead project teams to address security exposures.• Provide information security leadership.

• Monitored SIEM security events in real-time for over 200 clients; included both government and fortune 50, 100, and 500 clients, and clients worldwide.• Security Operations Center (SOC) as part of the Computer Emergency Response Team (CERT).• Used Zurich Event Console and ArcSight console monitoring systems to review events from CISCO and Snort, ISS RealSecure, Dragon, and multiple customer IDS/IPS sensors. • Monitored and configured multiple IDS/IPS technologies• Managed Checkpoint firewalls• Managed RHEL devices and performed hardening and kernel updates• Managed IBM virus incidents• Conduct intrusion analysis based on correlated events of interest including packet capture analysis of network activity collected from security devices such as: Network Intrusion Prevention System (NIPS), Wireless Intrusion Prevention System (WIPS), Firewall and Anti-Virus logs .• Perform visual and advanced analytics to identify subtle attack events (ArcSight)• Research and report on emerging technologies.• Perform packet analysis• Perform vulnerability analysis, review and complete customer reports• Support Security Intelligence Services Offering, analysis and reporting

• Experience working in dynamic and fast paced environment.• Great communication skills both with individuals & teams.• Install, configure, upgrade and troubleshoot computer hardware and software• Expert support of Microsoft Windows & Linux• Solid understanding of TCP/IP• WiFi Networks Support and deployment• Able to work unsupervised• Create documentation for new processes and procedures• Ensure consistent productivity and quality of service• Meet SLAs and individual PBCs, maintain customer satisfaction• Ensure that all issues are logged and assigned according to the account's procedures• Monitor critical issues to resolution

• Investigate complaints of violations of local and state nuisance abatement laws, ordinances,or codes; conduct follow-up investigations to ensure compliance with codes or ordinances.• Investigates and inspects zoning cases to ensure compliance with applicable regulations. • Work involves reviewing building, sign, fence permits, and certificates of zoning. • Posts properties subject to the board of Zoning Appeals hearings. • Responsible for the enforcement of the regulations of the Zoning Ordinance.• Investigate complaints in regards to refuse, noxious weeds, odor and zoning.