Leads a talented team of Security Engineers focused on securing Infoblox’s products and services. Manages the Cloud Infrastructure Security, Security Consulting, Incident Response, and GovCloud Security Engineering programs. Defines the roadmap and manages security improvement projects to completion. Delegates and distributes leadership. Coaches and develops engineers to succeed and grow in their careers. Oversees the security of Infoblox AWS, GCP, Azure, and data center footprint as well as Kubernetes based SaaS products.• Hired a global team of security engineers and built out new security capabilities. • Pivotal to obtaining and sustaining SOC 2 compliance. Leads FedRAMP, ISO 27001, and SOC 2 security compliance efforts for the Engineering department.• Led team through the remediation of a significant number of container vulnerabilities that jeopardized Infoblox’s FedRAMP compliance; FedRAMP authorization obtained, and subsequent annual audit easily passed.• Established and leading team in the creation of targeted security standards.

Raise the Bar Multisport club, based in Kent, Washington, is one of the largest and most inclusive triathlon communities in the Pacific Northwest. It welcomes athletes of all abilities, from complete beginners to seasoned competitors, providing a supportive environment to pursue triathlons, duathlons, and other endurance sports. Whether you're participating in your first race or have years of experience, the team focuses on building a sense of community and helping members reach their personal fitness goals.Raise the Bar hosts the annual Black Diamond Triathlon and Lake Meridian Triathlon races.

Built-out and matured REI’s Vulnerability Management Program by expanding the identification of vulnerabilities to cover all assets on-prem, in the AWS cloud, web apps, and container images. Established partnerships with key I.T. and business leaders and engineers to quickly remediate critical vulnerabilities. Led an expanding Vulnerability Management team and defined, advocated for, and advanced the programs objectives.• Oversaw the identification and remediation of over 83 actively exploited zero- day vulnerabilities. Coordinated the remediation of hundreds of thousands of vulnerability instances.• Ensured regulatory compliance; successfully passed 3 PCI audits and built out cloud compliance capabilities.• Managed vendor relationships, coordinated the purchase of licensing, and lead the team in engineering new capabilities.• Created responsibility matrix for the remediation of vulnerabilities on client systems; obtained agreement from all responsible parties.

Cybersecurity lead for multiple large-scale revenue-generating projects at Fortune 15 company, such as the migration to SAP HANA, Costco Pay, and the Food Court Kiosks. A leading member of the Information Security Solutions team.• Designed and implemented risk acceptance process by partnering with executive leadership team and lines of business to pragmatically identify, remediate, or accept risk across multiple lines of business.• Navigated project teams through rigorous compliance requirements including HIPAA, PCI-DSS, SOX, GDPR, PIPEDA, & CCPA.• Performed Threat Modeling (STRIDE) against proposed project architecture. Advised on security best practices and worked with project teams to resolve issues early in the development lifecycle.• Threat Models served as the blueprint for penetration tests; coordinated remediation of vulnerabilities following penetration tests.

Responsible for the overall success of multiple classified Information Security programs. Led a team of 3 to achieve and maintain compliance with government Special Access Program regulatory requirements.• Rescued a failing program worth $70,000,000 annually by communicating plan to rectify compliance findings with government customer and leading team to resolve issues. Restored customer faith and was invited to a customer offsite.• Foresaw a potential issue that could impact program’s ability to win and execute an Air Force contract. Gained customer approval to take a FIPS-140-2 compliant hard drive to the classified demo location so that proprietary company demo data could be kept, and development could continue. Northrop Grumman won the contract worth $100,000,000 annually.

Oversaw the day-to-day security posture of 24 classified networks distributed across Southern California.• Instructed I.T. personnel on how to harden systems through Patch Management, Group Policy, and Change Management. Validated security with STIG checks.• Built training material and briefed program personnel on security best practices.• Performed weekly security audits to detect potentially malicious activity.

Managed the Network Control Center and Help desk in support of an Intelligence, Surveillance, and Reconnaissance group. Led and provided mentorship to two direct reports and three other junior enlisted members.• Architected, obtained funding, and acquired new servers and equipment. Built SCCM packages to efficiently patch 1500 servers and workstations.• Ensured that service level agreements were met for all help desk tickets and maintained customer satisfaction.

• Analyzed vulnerability scan results on classified and unclassified networks for 11 Pacific Air Force Bases. Tracked vulnerabilities to remediation; pivotal in the passing of 4 DISA Command Cyber Readiness Inspections.• Led 4-member Small Computer Support team while deployed to Afghanistan; maintained and upgraded 3000 client systems.• Spearheaded I.T. asset management program and maintained 100% accountability of 2500 assets; passed audit.