• Evaluated and determined the technical sufficiency of submissions from HIPAA covered entities and business associates in response to data and documentation requests (i.e. Assessing reports related to security baselines, penetration tests, vulnerability assessments, and digital forensics). • Developed written reports with technical security analysis, summaries, and recommendations for action. • Provided subject matter expert analysis, evaluation, and recommendations based on national security standards (NIST), industry best practices (ISO) and implementation specifications of the HIPAA Security Rule. • Provided expert guidance in designing, implementing, and managing information security, data protection, and risk management programs, including policies, procedures, and controls for protected health information based on HIPAA requirements. • Provided advisory expertise in the areas of risk analysis, vulnerability assessments, incident response, security architecture, physical security, business continuity and disaster recovery, enterprise mobility, threat intelligence and analysis, security awareness and online safety, and resolution of highly complex security projects and issues.• Reviewed security and privacy complaints, data breach notification and cybersecurity incident reports, and other correspondence and evidence provided by the healthcare organizations across the nation to assess the overall impact of security and privacy incidents.

- Oversee and implement the P3 Information Security Programs. - Facility compliance with P3 Information Security policies, procedures, standards, and toolkits. - Manage information security initiatives, including, but not limited to, user IDs, passwords, user security profiles, and coordinating ongoing support of the facility Information Security Program. - Coordinate with department managers to ensure appropriate information security procedures are integrated into department operations - Work with P3 to ensure alignment between information security and privacy practices. - Work with the Compliance Manager to ensure alignment between information security and P3 compliance requirements. - In collaboration with the Compliance Committee and IT Operations, receive, document, track, investigate, and act on suspected information security breaches and complaints concerning Information Security policies, procedures, and standards. - Report information security incidents, system irregularities, or suspected security breaches to the P3 Compliance Committee as appropriate. - Maintain knowledge of applicable federal and state security laws and accreditation standards, and monitor advancements in information security technologies to ensure facility adaptation and compliance. - Utilize the Compliance Committee to review and approve the facility Information Security Program. - Report information security issues, as appropriate, to the Compliance Committee and/or executive management for corrective measures and/or enforcement and disciplinary actions. - Initiate, facilitate and promote activities to support the facility Information Security Program.

• Implement security controls based on the following regulatory compliance laws and regulations:- National Institute of Standards and Technology (NIST)- International Organization for Standardization/International Organization for Standardization (ISO/IEC) 27000 series - Risk Management Framework (RMF) - Health Insurance Portability and Accountability Act/Health Information Technology for Economic and Clinical Health (HIPAA/HITECH)- Gramm Leach Bliley Act (GLBA)- Sarbanes–Oxley Act (SOX)• Created and maintained system security plans (SSP) for all critical systems ensuring NIST security controls (aligned with HIPAA/HITECH) are implemented, tested, and documented.• Organized and lead multiple projects with various key stakeholders in several departments across the nation to implement a national security baseline for policies, standards, and procedures. • Responded to security related events, maintaining organizational security documentation, providing continuous monitoring and Plan of Action and Milestones (POA&M) workflow mitigation.• Facilitated Business Continuity Planning and Disaster Recovery Planning (BCDRP) for all business systems, maintaining associated documentation between geographically dispersed stakeholders.• As the principal analytics engineer, configured and tuned LogRhythm & Varonis DatAlert to coincide with company policies and business tempo to reduce false alarms and increase efficiency.

Assigned as the Information Systems Security Officer for the 13th Marine Expeditionary Unit supporting over 100 non-deployed Marines and 1000+ deployed Marines. Accomplishments:● Utilized policy expertise to assist the Cyber Security Manager in creating the 13thMEU Cyber Security Program (MEUO 5239) resulting in a near flawless analysis during theCommanding General's Readiness Inspection (CGIP).● Collaborated with Cyber Security peers in configuring and preparing the InformationAssurance Module (IAM) and Defense Information Systems Agency (DISA) Assured ComplianceAssessment Solution (ACAS) virtual machine for Iron Fist 1-15.

Assigned as the only Cyber-Security Marine on Marine Corps Air Station Iwakuni, Japan in support of over 1500 users, over 2300 network and end-user assets, and leading a team of 11 personnel. Accomplishments:● Created and implemented several versatile processes, forms, documents, and Standard Operating Procedures for the MCAS Iwakuni Communications Department and the Cybersecurity section to enhance productivity at all levels of customer service satisfaction, communication within the department, and asset management.● Directed and guided the communications department of 40 personnel through enterprise-level Certification and Accreditation (C&A) projects resulting in 3 approved enterprise-wide networks.

Assigned to the 15th Marine Expeditionary Unit as the assistant to the Data Network Supervisor working alongside the Information Assurance Manager. Accomplishments:● Supervising the daily operations of the Helpdesk afloat (during deployed at-sea operations) and on Camp Pendleton. Managed a team of 15 personnel to include shifts and time constraints, to coincide with real world operations.● Created and implemented a user-friendly trouble-ticketing system utilizing Microsoft Access to monitor metrics for Helpdesk technicians under my supervision due to the lack of a trouble-ticketing application or third-party software.

Assigned to 9th Communication Battalion LAN Team configuring, upgrading, installing, and troubleshooting all Layer 2/3 devices on Marine Corps networks. Accomplishments:● Collaborated with the Satellite Communications team to troubleshoot and mitigate circuit outages with devices outside of my responsibilities and job spectrum.● Earned the ability to operate autonomously and supervise my own section as a younger and less experienced team member due to excellent work productivity and quality of service.