Serve as a line of business lead with defining the enterprise security policies and standards, consulting with business and technology areas, overseeing vendor security governance, vulnerability and risk management, identity and access management services, incident response and security operations, and supporting legal and regulatory compliance efforts.- Successfully bridged the communication gap by translating complex cybersecurity requirements into clear, concise, and easy-to-understand language for non-technical audiences- Used “Threat of the Month” content to tell an effective story about risk mitigation efforts in the org- Infused threat intelligence from CISA into organizational cybersecurity efforts- Developed and communicated architectural patterns to mitigate cloud configuration vulnerabilities- Drove software vulnerability mitigation efforts using SAST & DAST tools- Championed IAM modernization with enhanced multi-factor authentication via Single Sign-On solutions- Led enterprise initiative to remediate exposed secrets in source code- Developed and executed a cybersecurity tabletop exercise that elevated the NIST CSF Respond and Recovery maturity level, enhancing incident response readiness across the organization.

Colonel - Cyberspace Operations Officer - Connecticut Air National Guard. Lead Connecticut National Guard cybersecurity efforts and incident response team.

The Connecticut National Guard is the State of Connecticut’s emergency response force, organized, manned, trained and equipped to protect life and property in order to preserve peace, order and public safety. They execute force protection, disaster response, cyberspace defense, humanitarian relief and civil disturbance operations in support of homeland security and homeland defense. Accomplishments:- Led a team of 20 FTEs managing IT and cybersecurity operations for the Connecticut National Guard, achieving a 60% increase in Net Promoter Score through project execution.- Built and implemented technology and security vision for the organization based on executive goals, developed strategy to implement vision, cascading goals through the org - Built cybersecurity risk dashboard, articulated risk to senior business leaders using gap analysis, drove stakeholder engagement and risk mitigation efforts, and streamlined cybersecurity requirements- Transformed/modernized IT organization through the implementation of Agile methodology- Enhanced operational rigor through the implementation of Change Management and Root Cause Analysis- Executed numerous projects including campus wireless deployment, core networking refresh, remote work capabilities during COVID- Developed Red Team / Threat Intel capability - partnered with CISA, FBI in identifying cyber threats- Orchestrated large-scale cyber exercises like Cyber Yankee, simulating sophisticated nation-state cyber threats against critical infrastructure (e.g., power grids, water supply), validating response capabilities and refining incident response protocols.- Built cyber incident response capability for the State of Connecticut, led several major incident responses including a responding to a major cyberattack against the city of Hartford

Insurity, a Software As A Service (SaaS) provider, is one of the largest property and casualty insurance technology and services organizations with more than 1,800 employees and 250 clients. With more than 30 years of domain expertise, we have combined a deep understanding of the insurance business and technology expertise into a singular focus: empowering our clients with innovative and flexible technology that allows them to meet their business goals and offer a simplified insurance experience.Accomplishments:- Worked in an Agile environment with various product teams to support P&C software platform used by 20 of the top 25 insurance companies- Built and implemented security vision for the organization based on executive goals- Articulated risk posture to senior business leaders using the NIST Cybersecurity Framework (CSF) - Authored policies and standards that met PCI, SOX, HIPAA, and NY DFS data security requirements- Prioritized and mitigated third-party risk using assessment questionnaire (SIG) results and SOC2 reports - Architected and deployed security tools such as MFA, NAC, EDR, Next Gen Firewalls, DLP- Built up an operational SOC using Splunk with integration with SOAR capabilities, driving a 300% decrease in mean time to respond to incidents- Used tools such as DAST, SAST, and WAFs to mitigate application vulnerabilities- Built IAM practice with Zero Trust principles to effectively secure data and meet regulatory requirements- Transitioned Insurity to modern cloud infrastructure on Microsoft O365, Azure, and AWS tenants. - In addition to cybersecurity responsibilities, used program management skills to successfully lead a three-year project migrating legacy datacenter applications into a new private cloud

Cyberspace Operations Officer in the Air Force, various leadership roles including leading a 30 person IT organization that supported a 1000 person flying and intelligence organization.Accomplishments:- Led team providing all information technology requirements for a technology-reliant mission set- Developed disaster recovery capability and led numerous DR/incident response exercises- Completed virtualization of our datacenter, conversion of physical to virtual servers- Program managed multiple initiatives including a complete core routing and campus switching refresh- Assessed risk and designed mitigations to meet federal security controls w/ auditors- Built and employed defense mechanisms to defend network against nation-state attackers