Vulnerability Management Program Lead | 12/2017 - Present• Direct a highly technical team of 21 federal contractors, responsible for vulnerability scanning and analysis, penetration testing, and engineering support for on-premises and cloud-hosted enterprise security tools.• Coordinate directly with the NIH Chief Information Security Officer and senior leadership to provide technical recommendations to improve and spearhead the development of long-term plans for IT security systems regarding technology usage policies, procedure, and vulnerability assessments for both on-premises and cloud-hosted IT assets in compliance with the Federal Information Security Management Act.• Increase efficiency and accuracy of vulnerability reporting efforts through automation efforts within the NIH Information Security and Awareness Office, significantly reducing manual reporting efforts.• Created the formal firewall review process for the Operational Division Border to ensure the removal of legacy exceptions, adherence to best practice, and the retirement of legacy protocols.Incident Response Program Lead | 01/2017 – 12/2017 • Directed a multi-tiered team of 15 federal contractors, responsible for threat mitigation, incident response, and engineering support for on-premises and cloud-hosted enterprise security tools across the NIH’s various Institutes and Centers.• Drove all incident response activities including preparation, detection & analysis, containment, eradication, and recovery for both on-premises and cloud-hosted IT assets.• Implemented official process documentation strategy as well as training plans to include all day-to-day standard tasks as well as non-standard escalation assignments.• Championed enterprise-wide initiatives to enhance compliance of industry security standards including FISMA, DHS Binding Operational Directives, and various Office of Management and Budget Memorandums.

Cyber security Emerging Threats Team Manager | 02/2016 – 01/2017• Directed a 24x7 operations team, comprised of both federal employees and contractors, within the Emerging Threats Team of the Computer Security Incident Response Center (CSIRC), responsible for intelligence gathering, proactive defense, network monitoring, and incident response handling to counter cyber-attacks that can compromise the enterprise assets and impact tax administration.• Established technical recommendations and enacted long-term plans for IT security systems regarding technology usage policies, procedure, and vulnerability assessments over Tier 1, Tier 2 and Tier 3 platforms.• Assembled guidance for disaster preparedness and business continuity to recover from national level cyber incidents and physical attacks that have significant cyber consequences on the CSIRC operations. Senior Information Systems Security Analyst | 04/2011 – 02/2016 • Implemented day-to-day cyber security operations procedures for the Computer Security Incident Response Center (CSIRC) that include monitoring network security devices, intrusion detection, event identification, triage, incident response and correlating activities to counter cyber-attacks across the agency’s critical infrastructure.• Coordinated with law enforcement and intelligence agencies and assisted with the investigation and prosecution of individuals and/or organizations for cyber related crimes.• Reviewed policies, systems, and network configurations for potential security risks and ensured compliance with all directives and reporting criteria is met per the guidelines set forth in the Federal Information Security Management Act and Treasury Directive Publications.• Headed numerous tiger teams with the goal of exploring cloud hosted solutions as alternatives to traditional on premises IT infrastructure.

• Developed innovative solutions for cyber security analysts to expedite analysis and utilize heuristic algorithms to identify, evaluate, and mitigate risks to the end users and existing infrastructure. • Analyzed malicious code to determine effectiveness and mitigate vulnerabilities that might be exploited to gain unauthorized access to a computer, asset, or network.• Expertly monitored proxy and firewall logs, as well as intrusion detection alerts for identification and analysis of security events in an 24x7 Operations Center environment.

• Developed innovative solutions for cyber security analysts to expedite analysis and utilize heuristic algorithms to identify, evaluate, and mitigate risks to the end users and existing infrastructure. • Analyzed malicious code to determine effectiveness and mitigate vulnerabilities that might be exploited to gain unauthorized access to a computer, asset, or network.• Expertly monitored proxy and firewall logs, as well as intrusion detection alerts for identification and analysis of security events in an 24x7 Operations Center environment.