• Lead a cross-functional team in analyzing complex security incidents, leveraging deep expertise in firewalls, IDS/IPS, SIEM, and WAFs to mitigate risks and secure the enterprise• Drive the creation, optimization, and documentation of robust processes for the management and monitoring of security solutions, ensuring continuous improvement and adherence to industry best practices• Oversee the tuning and configuration of security devices, utilizing a metrics-driven approach to enhance threat detection and response capabilities• Manage the timely deployment, maintenance, and upgrades of critical security platforms, including IDS, IPS, and SIEM systems, to maintain a resilient security posture• Act as the primary technical Subject Matter Expert during security incidents, effectively communicating with stakeholders and advising on strategic improvements based on detailed analysis• Utilize advanced log analysis and correlation techniques to identify and respond to security threats, minimizing the impact on the organization and supporting forensic investigations• Lead the incident response process, collaborating with internal and external partners to detect, respond to, and mitigate cyber threats, while providing actionable insights through detailed analytics• Serve as a key liaison between Information Security and managed/unmanaged service providers, ensuring alignment and effective collaboration on security monitoring and incident response• Manage and optimize cybersecurity incident response technologies, including network forensics, SIEM tools, and security analytics platforms, to ensure rapid and effective threat mitigation• Provide strategic security consulting to business and technology units, leveraging metrics and data-driven insights to advise on risk management and control practices• Continuously adapt and enhance security operations based on emerging threats, industry trends, and organizational needs, fostering a proactive security culture

• Analyze complex cases involving a pattern of security events from firewalls, IDS, IPS, SIEM, Web Application Firewall (WAF), and other security data sources.• Create, improve, and document processes for the management and monitoring of security solutions.• Tune devices for blocking and reporting based on identified threats.• Configure, manage, and upgrade Intrusion Detection Systems (IDS), Intrusion Protection Systems (IPS), and Security Information and Event Monitoring (SIEM) platforms.• Participate in security incidents and act as technical Subject Matter Expert. Effectively communicate with key stakeholders and business partners and recommends adjustments and improvements to management.• Review alerts from managed services providers, perform log analysis/correlation, determine malicious software behavior, vet out False Positives, assist in remediating system misconfigurations, tracking system state changes and other information across multiple systems. Leverage outputs to support forensic reconstruction as needed.• Detect, respond, mitigate, and report on cyber threats/incidents that may impact the environment. Utilize analytics to identify potential threats.• Collaborate with technical leads: Engineering/Operations, Service Desk, Applications, business stakeholders and external partners on matters related to security monitoring.• Collaborate with and serve as InfoSec liaison to managed and/or unmanaged service providers.• Manage cyber security incident response technologies including network logging and forensics, security information and event management tools, security analytics platforms, log search technologies, and host based forensics as applicable.• Act as an internal information security consultant to the business and technology units, advising on risks, threats and control practices related to Rapid Response.• Performs other related duties, tasks and responsibilities as required, assigned and directed.

Performs day-to-day information security functions.• Monitoring, threat hunting and validating firewall effectiveness; optimizing firewall policies and security configuration for both Internet, hardware, virtual and software defined platforms.• Vulnerability scanning and configuration, validating effectiveness and prioritizing implementation changes to improve or correct scanning and assessment.• Optimize logging, eventing and alerting for ASH and MSSP data flows.• Resource ITO and ESP projects, change management events, security and ITO incidents, can vulnerability/patching events as a subject matter expert and representative of Enterprise Security Programs.• Optimize end point security architecture, edge and boundary security architecture, including 802.1X.• Promote understanding and adherence to the necessary policies, standards, and procedures to maintain security posture.• Participate in incident response planning as well as the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessary.• Build system baselines to be adhered to for all future build outs.• Keep abreast of emerging security technologies and make appropriate recommendations regarding their implementation.• Coordinates security issue and remediation efforts between different ASH teams, sets clear expectations about responsibilities, communicate about outcomes and measure success, escalates and communicates to management appropriately.• Responds to security alerts and identify alerts from raw observations.• Maintains updated documentation of technical controls, processes and procedures.• Implements, manages, and enforces company information security policy and procedures.

- Designs and documents the implementation and improvements (including automation) of information security solutions.- Administers security-related systems including but not limited to: VPNs, firewalls, intrusion detection systems, network monitoring systems, patch management, and monitors logs for unusual or suspicious activity and takes appropriate action.- Works with data, scripting and automation to assist with processing security event data, threat intelligence, et al, for purposes of threat identification, incident response and trend reporting.- Assesses and manages risk with limited supervision.- Acts as liaison between ESP and software development.- Responds to security alerts and identify alerts from raw observations.- Coordinates security issue and remediation efforts between different ASH teams, sets clear expectations about responsibilities, communicate about outcomes and measure success, escalates and communicates to management appropriately.- Works directly with end-users on security related questions, concerns, and new implementations.- Maintains updated documentation of technical controls, processes and procedures.- Participates in security testing and red teaming roles.- Ensures network security best practices are implemented through managing or reviewing configurations of: servers, desktops, routers, switches, and firewalls.- Researches and communicates the latest trends in information security and threat environments.- Researches of industry trends for inclusion to security operations as best practices: new technologies and security intelligence feeds.- Implements, manages, and enforces company information security policy and procedures.Assists systems administration in troubleshooting and resolving network security issues.

• Identify, plan, coordinate, and deliver projects that address security measures and baselines when we acquire new companies.• Coordinate between different security teams, set clear expectations about responsibilities, communicate about outcomes and measure success.• Optimize and enhance existing processes with an eye to reducing a high operational load.• Identify areas of risk before they become roadblocks and bring dependent parties together to agree upon a solution.• Communicate with senior leadership on an ongoing basis about the current highest risks and what steps need to be taken to address them.

• Perform first level analysis and triage of security alerts generated by a risk-based correlation system (SIEM) under supervision• Setup and install log collector hardware and software for use at client sites.• Consulting with appropriate members of the Security team, in order to assist in the resolution of customer system issues• Perform Tier 1 analysis and triage of security alerts generated by a risk-based correlation system (SIEM).• Provide prompt escalation of application/system problems, including assisting in determining root cause of problem through to appropriate solution.• Provide training and support for IT Security Operatives on alert processing and client technical support.

 Incorporate field experience and technical knowledge into learner-centered presentations emphasizing interactive, hands on practice. Trained 360 technicians in subjects including: Reading schematics, blue prints, wiring diagrams, technical manuals. Operation and preventative and corrective maintenance procedures for control panels, cooling systems, circuit card assemblies, transmitters/receivers, servos, pneumatics, power supplies, electro-optical sensors, and weapon systems. Effective troubleshooting and fault isolation techniques and component repair procedures. Aligning, adjusting, and calibrating equipment according to technical specifications. Ensure Curriculum was current and accurate with changing technical specifications. Ensured certification and qualification of 6 Navy Instructors to include 3 E-7s, 1 E-6, and 2 E-5s. Master Training Specialist Instructor. Hold the Navy Enlisted Classification Code for Instructor (9502). Instructor of the Year 2012.

 Led 5 technicians in the performance of preventative and corrective maintenance of $20 million worth of electronic equipment, specifically weapon systems to include 2 Phalanx Close in Weapon Systems to include a 0% downtime on an eight month deployment of both weapon systems. Organized and documented the maintenance process, conducted quality control checks, ordered repair parts, and interfaced with senior-level leadership. Tested faulty equipment utilizing standard test equipment, and applied knowledge of functional operation of electronic units and systems to diagnose and repair defective components  Rapidly promoted to higher levels based on quality of work, speed in acquiring new skills, communication and team leadership. As Divisional 3M Assistant, was in direction supervision of 4 work centers and maintenance responsibilities for all combat system equipment and putting jobs in for system causalities.

 Led 5 technicians in the performance of preventative and corrective maintenance of 2 Phalanx Close in Weapon Systems weapon systems, making sure systems was at 100% readiness. Provided leadership out of rate to junior personnel to correct a workcenter from a mere 45% maintenance completion rate to 100% in a 3 month period. Organized and documented the maintenance process, conducted quality control checks, ordered repair parts, and interfaced with senior-level leadership Installed Ordnance Alterations. Completed an ammunition and weapons inspection with a score of 98% while managing two workcenters out of the 4 being inspected. Tested faulty equipment utilizing standard test equipment, and applied knowledge of functional operation of electronic units and systems to diagnose and repair defective components. Drafted Combat Systems training that effectively trained junior personnel in real world scenarios Conducted Combat System Readiness Review, providing technical training and directions to ship’s force for troubleshooting causalities during inspection