Directly impacts high priority, Executive Leadership Team (ELT)-qualified initiatives:•ELT qualified requests of CRO;•support of due diligence efforts for Mergers & Acquisitions;•support of enterprise strategic initiatives.Develops key strategic, administrative and mandated deliverables (e.g. annual audit planning), including:•Annual ERM threat assessment;•Contribution to payor or provider compliance plans in coordination with Strategic Risk Partners, Risk Operations, and Risk Enablement;•Audit Plan Development in coordination with Internal Audit, Risk Operations, and Risk Enablement;•Monitoring and tracking of the delivery of all risk activities for Highmark Health, Allegheny Health Network (AHN), including internal and external audit progress, privacy matters, risk and compliance reporting, and the impacts of new and changing laws, regulations, and contractual obligations.Participates in the identification and assessment of risks, create decisioning frameworks to treat risks, implement measures to modify risk(s), and detect / respond to risk(s):•Development and maintenance of enterprise risk taxonomy;•Evaluation and development of enterprise risk appetite and profile alignment;•Oversight and submission of regulatory risk filings (e.g. ORSA reporting);•Cascading enterprise risk appetite into business case templates and project management frameworks across Highmark Health;Contributes to the development of advanced models used to quantify risks to inform Audit Committee and/or senior management deliverables.Establishes and maintains relationships with business owners with status reporting and deliverables, enhances knowledge sharing and best practices to the risk function, by contributing to the development of training programs for corporate risk education, and demonstrates ability to apply a thorough understanding of Highmark's complex business processes and environment..

• Provided technical oversight and guidance to business owners/managers in matters of security, analysis, design, engineering, testing, policy, documentation, implementation, maintenance, operation of servers, network components, accreditation, and best business practices.• Performed white hat security assessments, penetration testing, and vulnerability identification for external and internal network posturing. • Oversaw installations, upgrades, and other security related deployments for assigned projects.• Coordinated with higher level project leadership and sales divisions to effectively manage multiple project assignments and client support.• Built virtual environments in VMware and Hyper-V to test authentic client infrastructure and configurations.• Maintained technical proficiency with all vendor partnership agreements.• Maintained expert knowledge of security operating system base-lining, patching, and vulnerabilities for MITRE CVE/NIST standards, including commercial industry standards (CIS CSC, ISO/IEC 27001:2013, COBIT 5, etc).• Designed a variety of client projects specializing in security that involve but are not limited to: servers, networks, security systems, firewalls, etc.• Led and mentored various team members and clients on best practices and security related processes.• Authored circulatory reports for clients in matters regarding policy, standards, security, and regimented processes.• Maintained proficiency in Kali Linux security tools, packages, and exploitation techniques.• Maintained an expert working knowledge of PCI DSS (for various states), PII, HIPAA (ePHI), FERPA, CIPA.

• Provided subject matter expert support to Air Force Network (AFNET) personnel with mobile device technology, migrating infrastructure, and design solutions for global implementation. • Interfaced with Microsoft Elite Engineers and other personnel on all mobile device management matters affecting the migration from Exchange 2010 to O365 into the AFNET. • Authored test plan documentation, Air Force Technical orders, build guides, administrative manuals, and provided support to internal test personnel during the execution of testing efforts.• Coordinated with software vendors to develop hotfixes and solutions on behalf of AFNIC. Tested software releases for all commercial mobile technology against existing AFNET Enterprise. • Provided design details and identified concerns to the to the AFNIC Information Assurance office on matters of security and potential vulnerabilities. • Maintained expert knowledge for support involving DISA STIG, standard business security practices and their incorporation into design elements, testing, and implementation of network components.

• Supported global enterprise operations with 24-hour technical support and availability. • Participated in server procurement, design, buildout, and drawdown of servers owned by SDDC.• Managed Active Directory (AD) enterprise, VPN access, security level permissions, and Network Access Storage (NAS) shares. • Administered storage LUNs and managed allocated storage capacity for the SDDC enterprise.• Conducted enterprise wide security auditing, archival backups, and coordinated efforts with network security personnel in cases of network abuse. • Maintained expert knowledge of server and network vulnerabilities and provided guidance to SDDC Information Assurance personnel.• Tracked vulnerabilities using baseline analyzers and network vulnerability scanners• Created and deployed Microsoft security patches and software updates via System Center Configuration Manager (SCCM).

• Tested, and designed Air Force Network (AFNET) software, including lead roles in Disaster Recovery and mobile technology into the AFNET enterprise network. • Designed, engineered, and administered VMware virtual test environments mimicking the AFNET on Windows Server 2003, 2008 R2, 2012 R2 available infrastructure features and roles.• Administered and troubleshot Exchange 2007/ 2010 servers throughout testing and evaluation.• Maintained expert knowledge of Information Assurance (IA) controls, troubleshooting, conflict resolution, and experience with US Air Force IT practices.

• Provided test level engineering support on physical and virtual platforms, testing software and products for USTRANSCOM’s global enterprise operational baseline. • Engineered and configured virtual servers and workstations in a VMware vSphere environment. • Administered and performed troubleshooting on Windows Server 2003, 2008 R2, 2012 R2 servers throughout the testing and evaluation process. • Administered Active Directory during product testing, evaluation, and environment engineering. • Performed vulnerability and baseline scans remediating and hardening enterprise level servers.• Authored documentation for the execution of network and system security remediation, software installation procedures, functionality testing, and physical/virtual server build guides. • Provided subject matter expert support to operational enterprise Tier 3 personnel during and after implementation of evaluated products.

• Provided tier 3 support and administration of operations, video surveillance, communications support on workstations and infrastructure for a Government Agency in the Washington, DC area. • Administered objects on a large global network via Active Directory (GPO), object and account creation for Global intelligence customers, local security policy settings, and security groupings.• Monitored network connectivity and directed data transference of incoming UDP video streams with meta data ensuring proper routing to appropriate personnel and storage for real time analytics.• Captured incoming data with software operating on Redhat Linux servers sent to network storage.• Maintained EMC VNX, Celerra, and Isilon platforms in the Petabytes, backups, and data recovery.• Acted as a training point of contact for our site developing a training Wikipedia website. • Traveled and provided on-site subject matter experience, and network support during exercises.

• Operated as project lead submitting requisitions, hiring new personnel, contract expansion, preparing invoices, and presenting financial forecasts/risk assessment to corporate leadership. • Performed duties as an information security official seeing enterprise level servers through security accreditation for new software and systems development.• Provided onsite engineering and administration of Northrop Grumman’s CSP, SMART and SMART.neXt software and Windows Server/UNIX systems throughout their network lifecycle.

• Performed shift lead responsibilities of Defense Intelligence Agency’s Special Intelligence Communications Center. • Participated in the engineering and administration of software and systems including UNIX and Windows operating systems, Solaris thin-clients, and 3rd party software.• Acted as a training coordinator and developed formalized training plans to certify incoming personnel.• Monitored network traffic connectivity and critical data throughput identifying network outages, and errors effecting the network.

• Performed system administrator duties for the USSTRATCOM Special Security Office (SSO) for UNIX and Windows operating systems, Solaris thin-clients, and 3rd party software. • Maintained 24/7 availability on call as primary on call system administrator. • Performed information security officer duties developing physical access lists, system accreditation and emergency action plans.