I am currently responsible for the advancement and maturity of cyber security operations for Verizon through process improvement, technology integrations and development of defensive cyber countermeasures. My role entails utilizing my diverse cyber security and IT experience to cover the breadth of technologies and environments that fall under the Verizon Cyber Defense. This requires working knowledge of cloud environments, networking technologies and protocols, Windows and Linux operating systems, endpoint detection, SIEM and SOAR tools, threat intelligence, threat modeling, and cyber security frameworks.Recent accomplishments include;Identified and spearheaded an initiative to acquire and implement multiple technologies. These include network traffic detection and analysis platform, an analyst collaboration platform and most recently a breach and attack simulation (BAS) controls validation platform. Each technology represents significant advancements in detection, validation and workflow optimizations. In particular the validation platform can emulate known threat actor’s TTPs across multiple OS’s and network and cloud environments to validate, or identify gaps in, detection and mitigation strategies. Developed and implemented a threat detection content / mitigation lifecycle framework. This major ongoing accomplishment is focused on creating, evaluating, and implementing detection content and / or mitigation actions for specific threats. This framework organizes efforts of threat intelligence, engineering support, red team and the operational analysts and responders to evaluate threats and develop detection and mitigation strategies as needed and an ongoing basis. Furthermore, the framework has resulted in the implementation of multiple advanced detection content / correlation rulesets to address Verizon specific threats.

I was responsible for supporting all phases of new government and commercial customer acquisitions for the company’s managed security services. This includes technical sales support, scoping, pricing and contracting. My primary responsibility is shaping potential and existing customers’ cyber operations and monitoring solutions. This includes engineering of optimum technology deployments that best meets each customer’s / organization’s budget, scale and monitoring needs. During my time in this role, I have designed and overseen the implementation of solutions for dozens organizations from small to large environments. Solutions have involved cloud service and on-premise; logging, vulnerability scanning, HIDS, NIDS and SIEM monitoring technologies. Cloud monitoring solutions include AWS, Office 365, Azure, Azure AD and other cloud and SaaS environments. I have specialized in assisting organizations define and/or augment their cyber operations programs that integrate with Delta Risk’s managed security services to best defend their systems and data and meet compliance control requirements. Additionally, I provide strategic direction to the evaluation and integration of new technologies utilized by our managed security services provided to our customers. This involves assessing capabilities and ensuring the technologies can meet our customer’s needs and integrate into our processes and compliment other technologies. I have worked with multiple vendors to negotiate pricing, support and tailored solutions.

During this period, I stood up Delta Risk’s managed security service offerings. This included customer-facing security operations center (SOC) monitoring services and other related cybersecurity capabilities. In addition, I managed the successful merger of people, processes and services during Delta Risk’s acquisition of another cybersecurity firm and their customer base. Additionally, I have provided cybersecurity consulting to critical infrastructure clients and engineering firms. I executed large cybersecurity assessments of industrial control and SCADA systems in accordance with NIST standards 800-53 and 800-82. I consulted on all aspects of cybersecurity operations, specializing in security operation centers and incident response for commercial and government organizations. I was also responsible for establishing multiple revenue generating engagements for corporate and local government organizations.

Retired US Air Force Officer (Major) with over 22 years of combined Active Duty and Reserves military service. Selected for promotion to Lieutenant Colonel prior to retirement. I was a Cyber Warfare Officer that included overseeing the Defensive Counter Cyber unit under the 426th Network Warfare Squadron (Air Force Computer Emergency Response Team), commander of the 221st Combat Communications Squadron and Chief of Cyber Operations at the 254th Combat Communications Group.

Supervised technical teams that maintained and administered endpoint technologies and provided host agent support for over 40 corporate enterprises. Responsible for overseeing multiple technologies and capabilities to include Symantec and McAfee products providing HIPs/HIDs, applications and device control, encryption, SAN/NAS antivirus and host firewall administration. Provided incident response guidance to clients that included securing enterprise networks and vulnerability and threat remediation. Collaborated with server administrators, desktop support, SIEM engineers, network IDS, firewall and SOC teams to ensure customers had proper security prevention and detection measures in place.

Managed team of IT security professionals to protect Raytheon’s information and reputation from intentional or accidental loss or damage by providing endpoint (server and workstation) level security through detection, prevention and enabling response capabilities. My team managed, engineered and operated enterprise level host security services. This included maintaining the server infrastructure and host agent support for the entire corporate enterprise (over 70,000 servers and workstations globally). The Endpoint Security team also managed and administered the following tools and infrastructure across the enterprise: SureView (Data Leak Protection and Active Malware Protection), Symantec Endpoint Protection suite to include whole disk and messaging encryption. In addition, I helped establish the methodologies and protocols for working with the recently outsourced IT services to CSC corporation. This included prioritizing critical patches, software pushes, end user support for compromised systems and authoring security specific help-desk scripts.

Responsible for assisting in the development and management of Raytheon’s global corporate Security Operations Center (SOC) that provided continuous 24/7 monitoring and incident response of Raytheon’s global enterprise. Directly oversaw the performance and training of 14 cyber analysts and team leads to include performance evaluations, proficiency checks and shift scheduling. Established processes and procedures for cyber security incidents in the form of checklists and written documentation. Established shift workflows and distribution of duties for all SOC members. Coordinated Raytheon’s proactive responses to emerging zero-day attacks that could have impacted the enterprise. This included leading meetings with multiple internal IT and security teams to develop mitigation strategies against current threats and/or vulnerabilities. Responsible for coordinating and tracking the implementation of remediation action(s) for affected systems within the enterprise.