Founded DigiSOC, LLC in 2021, which works specifically with Companies in the Entertainment Industry to bring enhanced Security Controls around Digital Security. This includes, but not limited to: Collaborating with the Trusted Partner Network (TPN) regarding Digital Security Controls, Assessment TPN Vendors to conduct TPN Assessments, Establishing Managed Security Services (including Monitoring Content, Analysis of Security Controls, and Penetration Testing), and distributing Threat Intelligence via written communications and webinars.

5G Mobile Network Security Consultant for Major Telecommunication Clients demonstrating the following skillsets: Penetration Testing, Security Focus in TCP/IP protocol stack, HTTP, HTTP/2, PKI, SSL, TLS, DTLS, mutual TLS, OAuth, Authentication, Authorization and 3GPP Policies and Test Cases in accordance with Best Security Practices. It is also noted that a primary focus in mobile networks 5G, 4G LTE, Telecommunications, Networking, Application Security, Cloud Security with experienced in platform hardening, access management, certificate management, network security and operating system security.

Assigned to Apple’s Supplier Trust Organization in alignment with their Assessment Program to assess and monitor Third-Party Suppliers supporting and/or providing Services or Products to their Infrastructure. Utilized Third-Party Assessment Solutions to provide oversight on Suppliers/Vendor’s Security Posture, including, but not limited to: Vulnerability Assessment(s) Solutions, Ingress/Egress Security Controls, Patch Management Solutions, implemented Network Security Solutions, and Policy & Procedures for Global Suppliers/Vendors. Leveraged NIST, CIS, PCI, and HIPAA Security Frameworks to analyze and recommend Best Security Practices for Suppliers/Vendors based upon their Business Functionalities and Infrastructure. Responsible for monitoring and managing north of 150+ Suppliers/Vendors in alignment with Remediation Efforts around identified Findings during the Assessment Phase of onboarding, which included the validation of Artifact(s) submitted for mitigation. This included, but not limited to: Firewall/Switch Configurations, Organizational Policies, System Profile Configurations, Vulnerability Analysis and Interpretation, Cloud Security Controls, and “Pro-Active Security Monitoring Solutions. Conducted Risk Assessments on individual Suppliers/Vendors based upon required Security Controls, which included the identification of Compensating Controls, if warranted, and working with Suppliers to implement solutions based upon their Infrastructure and regional location. Responsible for confirming Technical Implementations via either automated Security Tools or Manual Validation based upon the Security Controls, this included, but not limited to: DNS Security Controls, Email Security Controls, Application Security, Software Patching and Web Encryption Methodologies.

Responsible for conforming Developmental Systems to FIPS-199 Compliance Regulations. This included but not limited to: Security Technical Implementation Guide Procedures, Vulnerability Scanning, Maintenance Patching on various Operating Systems, and Security Configuration Auditing. Displayed proficiency in Backtrack and Kali, the Industry Standard in Penetration Testing, which includes, but not limited to: Wireless Pen-Testing, Network Pen-Testing, Social Engineering, Wireless Pen-Testing, and Web Application Penetration Testing. Also, worked in developing and implementing numerous Enterprise Solutions that were essential to the Certification and Accreditation Process for ATO regarding the Federal Project/Contract. Assisted in assessing and architecting security controls in alignment with implementing Cloud-Based Applications across Microsoft Azure and Amazon Web Services (AWS), this included, but not limited to: Actively participating in Steering Committees for appropriate Security Controls, researching and recommending Best Cloud Security Practices, in alignment with NIST and FedRamp Compliance Policies, Setting up cloud Test Instances within AWS to facilitate the integration/vetting of Cloud-Based Security Controls for the purpose of evaluating available security features. Collaborated with Key Departments in USPS to ensure proficiency in Threat Analysis and Hunting, including, but not limited to: SIEM Log Ingestion Management, Utilizing Threat Analysis Applications/Solutions (i.e. ThreatConnect, AlienVault, Anomali), Threat Correlation and Analysis and following Incident Response Protocols per Federal, Department of Defense and Commercial Compliances.