After proven success, my role as Director of Cybersecurity was broadened to leading IT Operations as well.Oversee Cutsforth's cybersecurity and IT operations management functions and programs. Responsibilities include leading the design, implementation, administration, and support of technology solutions that enable business operations. Develop, implement, and monitor a strategic comprehensive cybersecurity and risk management program. This includes guiding security strategy in Cutsforth products and customer facing deployments to ensure security due diligence is performed and contractual and regulatory requirements are met.

Responsible for the development and execution of regional information security initiatives. Lead a variety of engagements across Eurofins business lines (e.g., pharmaceutical, genomics, environmental, food testing, etc.) within North America to bridge the gap between information security requirements and business processes. Consult with legal entities to assess physical and digital security controls and practices, based on ISO27001, to recommend appropriate risk mitigating controls. Acted as a Global Incident Manager during significant targeted malware and ransomware attacks. Lead security risk assessment during the merger and acquisition process.

NIST Guest Researcher and Contracted Support:Assisted in the development and on-going management of NIST’s Framework for Improving Critical Infrastructure Cybersecurity (NIST CSF) in response to President Obama’s Executive Order (EO) 13636. Managed RFIs, RFCs, workshops, and other public-private collaboration activities. Championed the Presidential Commission on Enhancing National Cybersecurity (EO 13718) by corresponding with industry to gather and provide cybersecurity recommendations to improve national cybersecurity. Furthermore, provided cybersecurity expertise in a variety of areas at NIST’s request including small-medium businesses (SMB), supply chain risk management (SCRM), HIPAA security rule guidance, and more.Commercial Consulting:Traveled internationally to assess and improve organizations’ security programs. Clients have included governments, financial institutions, universities, ports, R&D organizations, and medical providers of all sizes. The assessments often include risk assessments utilizing the NIST Cybersecurity Framework and several other industry leading security standards including ISO27001, CIS critical security controls, and NIST 800-53. Created and implemented various policies and procedures including asset management, security authorization and accreditation (SA&A), incident response, business continuity, and disaster recovery. Created methodologies for technical testing including application vulnerability assessments, network vulnerability assessments, and penetration testing. Supported business development through marketing and branding, creation and delivery of proposals, and opportunity capture activities.

Performed business development (BD) activities including identifying commercial and federal opportunities to compete for new contracts and drafting technical proposals. Collaborated in establishing new company capabilities for commercial consulting including footprinting, vulnerability assessments, penetration testing, and secure code review. Led a small team of interns in completing cybersecurity projects including building a web scraper, generating custom rainbow tables, and compromising devices. Developed a hacking capture the flag (CTF) that emulated an enterprise network environment and supported over 100 participants performing exploits against purposefully placed vulnerabilities in a controlled environment. Reverse engineered and recreated an Atari game in Python. Engineered a virtual nuclear power plant that functions realistically including complex mathematics such as thermodynamics in a pressurized system.

Acted as a student leader, mentor, mediator, and role model. Facilitated communication and interaction among students and community. Promoted academic excellence, safety, and involvement in campus events.