- Manages incident response, forensic, and eDiscovery teams- Guides cybersecurity incident response/management planning, execution, and follow-up- Develop incident response and major breach strategies in partnership with business units and technical teams

- Primary for incident management and guiding high-severity incidents from detection through resolution according to security best practices and threat types- Perform incident reporting, capture deficiencies, identify recommendations, and track resolution- Perform proactive incident management planning and policy/procedure development- Drive incident response capabilities maturation for people, process, and technology- Coordinate proactive, reactive, and follow-up incident response/management activity between disparate groups: business owners, compliance teams, legal, executive leadership, vendors, partners, etc.

- Architect security and investigative solutions to defend against cyber threats- Architect secure services and applications- Perform security gap assessments- Create security standards and reference architecture

Leverage the knowledge and experience from decades of cybersecurity and incident management experience that has been gathered and refined across thousands of customers, security incidents, and security & response programs.

Develop cybersecurity and incident response/management courses and curriculum providing training for students and industry professionals at all levels and training needs. The training material includes detailed content, slides, videos, examples, assignments, and tests to drive learning objectives and a deep understanding of related concepts.

- Architect holistic security and investigative solutions to defend customers against advanced cyber threats- Develop the Incident Response methodologies and position FishNet Security and customers for current and future success- Establish partner relationships with security and investigative software vendors for mutual growth and benefit- Perform role of subject matter expert in customer relationships, assess client needs, and scope engagements- Assist customers proactively or reactively with incident response engagements resulting from malicious applications, hactivism, identity theft, data exfiltration, inappropriate use, and other Internet threats- Develop training curriculum and material pertinent to Incident Response and Information Security related topics- Perform speaking engagements, write white papers, and post blogs on information security and digital investigation related topics

- Lead Incident Management team responsible for all worldwide digital investigations (for external clients and internal investigations) - Develop the Incident Management business practice and position team for current and future success- Establish partner relationships with security and investigative software vendors for mutual growth and benefit- Assume role of subject matter expert in customer relationships, assess client needs, and scope engagements- Create or review and approve departmental documentation (statements of work, policies & procedures, business plans, etc…)- Orchestrate, lead, and/or perform incident response engagements resulting from malicious applications, hactivism, identity theft, data exfiltration, inappropriate use, and other Internet threats- Develop training curriculum and material pertinent to Incident Response and Information Security related topics- Mentor team members and outside resources in developing digital investigative skills- Perform speaking engagements, write white papers, and post blogs on information security and digital investigation related topics

- Manage QA teams and day to day operations over five separate product verticals (CIRT, Silent Runner / Sentinel, Enterprise, Agent, Site Server- Design and architect testing process to validate software products meet requirements, enumerate software deficiencies, and ensure robustness- Identify areas needing improvement in new and existing software packages and recommend features and solutions- Comparative analysis between AccessData investigative software products and others in the field.

- Research and design computer forensic, information security, and eDiscovery products, features, and enhancements- Design and perform quality assurance robustness tests and validate functionality & reliability of software products- Design and build testing environments to facilitate robustness testing- Design and implement technical and development related processes- Interface with customers to isolate advanced problems and identify solutions

• Build customer relationships with companies and government agencies in all sectors• Grow and develop Information Assurance product vertical• Computer forensic, eDiscovery, and Incident Response investigations and training• Vulnerability assessments and remediation• Secure infrastructure and application design• Regulatory compliance audits

- Designed, implemented, and managed comprehensive world-wide information security program and infrastructure to comply with regulatory requirements (SOX, FTC, SEC, SB 1386) and security standards and best practices (ISO 17799, ISO 27001, ISO 27002, ITIL, OSSTMM, and Cobit)- Wrote and implemented policies and procedures to comply with regulatory requirements and security best practices. - Led team of subject matter experts in conducting world-wide incident response, ediscovery, and computer forensic investigations.- Managed and performed world-wide risk assessments, penetration tests, gap analysis, and mitigation recommendations on all critical infrastructure, applications, services, policies, and procedures.- Lectured and proctored advanced forensic and incident response technique classes and labs at CEIC

- Managed, trained, and mentored a team of Research Analysts in supporting multiple teams of EnCase and EnScript developers.- Led research, development, and testing of integration between EnCase Enterprise Edition forensic software with leading intrusion detection, security monitoring systems, and other third party products.- Led research and assisted in development of detection and remediation software and methodologies for rootkits, viruses, and other malicious applications in Windows. - Developed and trained hardening techniques for UNIX, Linux, and Windows systems.- Wrote Common Criteria verification test plan and performed testing for EnCase Enterprise Edition Version 5.

- Performed advanced platform configurations to test and document EnCase forensic software and techniques.- Performed Alpha and Beta testing and documentation of EnCase Enterprise Edition forensics software and related modules on Windows, Unix, and Linux platforms.- Deployed to customer sites for key Incident Response / Forensics investigations and troubleshooting issues.- Assisted in development and enhancement of EnCase Enterprise Edition forensic software versions 4 and 5 on UNIX, Linux, and Windows.- Wrote external and internal facing documentation detailing advanced configurations enabling forensic software and techniques

- Managed and administered all computing and security infrastructure on multi-site, wide area network.- Create acceptable use and security policies, ensuring compliance with all legislation, regulations, and security best practices.- Performed frequent vulnerability assessments and penetration tests to verify security posture.- Developed vendor-neutral security, network, and systems solutions to meet business needs.- Performed technical writing and user training pertaining to software/equipment/network resources.

- Developed vendor-neutral security, network, and systems solutions for small to enterprise environments.- Performed and supervised penetration tests, vulnerability assessments, and security audits using proprietary and open-source tools and methodologies on client infrastructure. - Conducted comprehensive research into vulnerabilities and developed risk mitigation techniques on client infrastructure.- Performed risk assessment and gap analysis of client security posture and for the purpose of ensuring compliance with regulatory requirements and security best practices.- Functioned as sales engineer and presented product offerings to customers.

- Performed and supervised security tests and audits on client infrastructure based on the Open Source Security Testing Methodology Manual (OSSTMM) to ensure compliance with legislative and regulatory requirements (SB 1386, ISO 17799, OSSTMM, and Sarbanes Oxley).- Utilized open-source scanning, probing, testing, and intrusion tools to perform vulnerability assessments on client infrastructure.- Wrote comprehensive reports detailing findings and recommending solutions to mitigate problems identified.- Functioned as sales engineer and presented product offerings to customers.- Prepared estimates and quotes and performed relationship management with prospective clients.