Built secure-by-default infrastructure-as-code (IaC) modules with security-as-code constructs, maintained hardened configurations in platform components, and created developer-focused documentation for low-effort adoption.

Solution Architect specializing in Security Services at AWS.Regularly involved in deep technical conversations with customers, account managers, business development, engineering, and product teams to help customers better understand secure architectures that address security operations maturity and accelerate the adoption of AWS services.Regularly deliver technical hands on workshops at large scale events such has AWS Lofts, AWS Summits, AWS re:Inforce and AWS re:Invent.

Amazon acquired Sqrrl in January 2018.Sqrrl was the threat hunting company that enabled organizations to target, hunt, and disrupt advanced cyber threats. Sqrrl’s industry-leading Threat Hunting Platform united link analysis, User and Entity Behavior Analytics (UEBA), and multi-petabyte scalability capabilities into an integrated solution. Sqrrl’s unique approach enabled security analysts to discover threats faster and reduced the time and resources required to investigate them.

• Administered Carbon Black Protection/EDR and Forcepoint DLP solutions for financial services firms, improving visibility, early detection, and reducing security incidents.• Created standards by implementing DMARC, SPF, and DKIM using Proofpoint Protection, bolstering best practices and reducing the attack surface against phishing threats.• Developed incident response runbooks, minimizing downtime, and preserving business continuity by facilitating quicker detection and response to security incidents.• Produced SBOM reports, streamlining software management processes, improving network stability, and enhancing security, all while increasing visibility into the software inventory.

• Analyze malicious code by means of static, dynamic, and network forensic techniques using industry tool sets such as REMnux, various commercial grade sandbox technologies, and manual code analysis.• Perform network traffic analysis of infected endpoints to compare against existing malware signatures (Snort/Suricata/YARA) with the goal of identifying holes in network defenses prior to malware being visible on client endpoints. • Document results in time-sensitive reports, presentations, and analyst exchanges for clients including malware analysis details such as email header IP hops, indicators of compromise (IOC’s), specific hash signatures, and files dropped. • Research, document, and develop malware analytical methods for evolving malware campaigns that posture a significant risk to client networks. • Collaborate with peers within the community on emerging attack vectors of malware, phishing lures being used to social engineering the end-user, and methods of mitigating the attack altogether. • Implement training and presentations for tier I and II analysts on different methods to interpret indicators of compromise on various enterprise networks while performing threat hunting exercises. • Created a new service disseminating threat intelligence feeds into end user alerts, including real time indicators of compromise research, developing standard operating procedures and implementing service operations.

• Responsible for analyzing log data from various enterprise security solutions, managing the response process for security incidents in a timely manner, while making recommendations on how to remediate incidents and improve security posture.• Provide support of security infrastructure including SIEM, network system forensics solutions, malware detection, IDS/IPS and other detection and monitoring solutions.• Analyzing malware to determine its capabilities, intent, and indicators of origin with the goal of educating clients' user base in limiting attack surface of future attack vectors. • Participate in the development, improvement, and delivery of process/procedure manuals for multiple clients across different architectural networks. • Ability to solve complex business technology problems across multiple SIEM products while using a multitude of network devices to include: Source Fire, McAfee NSM, Tipping Point, Damballa, Fire Eye, and Palo Alto IDS.

• Created/Upgraded stored procedure scripts for SQL Server 2008 R2 database that help minimize network traffic between client and server while providing essential security from outside threats. • Worked in a team environment to design, analyze, and develop a simulation application used by DoD; successfully reducing the number of bugs while enhancing security and performance.• Built an easy to understand, professional data dictionary/ER Diagram for developers; effectively normalizing multiple databases that were used in the runtime and email environment.• Increased user efficiency by implementing enhanced application features to customer specifications for Graphical User Interface.

• Supervised over 20 personnel which included: evaluating performances; meeting and exceeding training requirements; and ensuring all financial and personal responsibilities were being upheld.• Spearheaded management over installation security, weapons systems, resource protection, and personnel security; ensured safety of National Security assets.• Deployed three times in support of Operations Enduring and Iraqi Freedom; all deployment missions successful.