• Worked with system-owners to identify and implement appropriate changes to mitigate vulnerabilities, driving continuous improvement across vulnerability management processes throughout the systems development lifecycle.• Formalized internal audit processes to measure security control effectiveness and to systematically validate security controls while resolving deficiencies.• Collaborated on risk assessments and security controls including the deployment, integration, and configuration of new security solutions.

• Built automated reports using Python to call APIs of various security tools, designed and implemented a prioritized vulnerability remediation process that monitored emerging threats, managed vulnerability scans, communicated findings, and supported remediation efforts across interdepartmental I.S. teams from software development to system administration and networking.• Provided strategic risk assessments in project planning and design, including the evaluation and recommendation of technical controls, while working closely with technical architecture teams to support alignment between system architecture and system security.• Participated in the deployment, integration, and configuration of new security solutions and enhancements to existing security solutions.• Administered and monitored operation of security solutions including the evaluation of security logs, events, and reports while providing on-call incident response support.• Developed, maintained, and published information security policies, procedures, standards and guidelines.• While working as part of a team to proactively improve our organization's overall security posture, encouraged team member's long term professional goals by highlighting training opportunities, discussing industry trends, and pursuing additional avenues for career development.

• Automated a weekly Tenable Nessus vulnerability report using Python, reducing the manual workload from three hours to less than three minutes.• Established a process to validate an existing hardware asset database against CyberArk and Tenable Nessus reports to assess end point management.• Updated and expanded existing documentation to improve the step by step breakdown while adding illustrations to help navigate complex procedures.

• Assessed the security of UWEC systems, policies, and networks by using penetration testing methodologies to pinpoint ways that attackers could exploit associated weaknesses.• Presented documentation of findings, discussed solutions with IT teams and management, and provided feedback after remediation is in place, after conducting thorough research and testing. • Reviewed security research to remain current on emerging vulnerabilities and tools while helping to keep my fellow team members informed as well. • Led efforts to standardize, reorganize, and improve team’s internal documentation and external reports to more clearly communicate vulnerabilities, mitigation strategies, and remediation steps, in part by associating these with the MITRE ATT&CK Framework.• Administered and script an open-source vulnerability manager to empower other team members efforts in addressing known system vulnerabilities.

• Advised students in CS145 - Introduction to Programming in class, through office hours, and remotely as they began their journey in computer science.