• Lead Respondus’ security & compliance projects and audits (e.g., TX-RAMP, SOC 2, HECVAT, and others) • Work with teams such as Data Privacy, R&D, Legal, and HR to ensure audit readiness and security compliance across the organization • Conduct vendor risk assessments, including new vendors and periodic reviews of existing vendors• Assist with vendor security requests from Respondus customers• Assist with periodic review of company policies and procedures• Facilitate management risk assessment and periodic Business Continuity/Disaster Recovery tests• Manage IT and computer systems for employees; ensure all devices are set up with proper security controls and applications• Continuously evaluate internal IT needs, new hire and offboarding processes, and efficacy of technology used across the company

In between roles, I took the time to carefully find a remote-based at an employee-focused employer that would be a great mutual fit and provided ongoing career growth. During this time I also focused on attending to personal/family matters, started formal education and preparation for CISSP certification (to add to my agile/scrum certification) through a formal online mentor program via FR Secure, learning more about Excel-based data reporting/dashboards, and exploring many facets of AI. I’ve also explored ISO 27001 and PCI-DSS frameworks where I confirmed my ability to transition to them based on NIST and SOC 2 respectively.

- Managed IT infrastructure & support team of 4+ direct reports in areas of end-user & endpoint support (ITSM tickets), server/system administration, PC/network and cloud support, and facilities. Provided leadership oversight, reporting, technical planning/review, also team management including one-on-one sessions, coaching & development, time card approvals, performance appraisals, team development, interviewing, hiring, disciplining, etc.- Primary driver of pre-assessment and remediation efforts for initial SOC 2 Type II compliance for security controls. Coordinated and led corrective actions including policy and process changes to implement security controls, resulting in a successful initial SOC 2 exam.- Created/updated company policies (Enterprise Security, Incident Response Plan, Change Management, Password, Technology Use, Internet Use, Email) and process improvements to meet security requirements, assessment of vendor risk, and support of HIPAA compliance.- Led expansion of cyber security hardening program with the addition of MFA, password management, managed risk & detection system/services, conditional access, role-based access, security awareness training with phishing simulations, security maturity assessment, and data loss prevention (DLP).- Coordinated with Security Operations Center (SOC) vendor, penetration testing contractors, and IT staff to investigate/identify risk remediation needs. Performed risk assessments, and provided risk and remediation recommendations, vulnerability management, and governance.- Administration of phishing and security awareness platform (KnowBe4) for ongoing phishing campaigns, remediation training with notifications/reporting. Created custom course content using SCORM, conducted training.- Assisted with management & support of Microsoft environment (Azure AD/Entra ID, Active Directory, Office 365, SharePoint, Teams, Windows), ITSM, enterprise password manager, firewall, MS Defender EDR, end-user support, etc.

- Providing test management consulting and test services on the business transformation implementation of a commercial transportation client's automotive fleet management system using Infor EAM - Enterprise Asset Management(similar/sub-component of ERP). This includes full procurement process (Offer, Contract, PO, Invoice, etc.), vehicle tracking and maintenance, with multiple systems and integrations, plus role based security testing validation.- Test workstream lead for procurement & acquisitions (PNA), quickly became the system SME for QA and business teams, especially for PNA.- Worked with business to fully understand and translate use cases to test scenarios in the system.- Provided testing services for same above client validating a web API based rates engine using Postman for API testing with data automation.- Created Bid & Proposals & PoC efforts for clients in banking and transportation, specializing in test accelerators & test data analysis (Combinatorial Test Design) and automation.

- Managed team of 11-14 international testers/consultants and the related program that tests and provides remediation consultation for web application security vulnerabilities (OWASP) for all of IBM's 200+ Internet facing and critical internal applications.- Defined requirements and oversaw creation and updates/testing for related applications (engagement/vulnerability tracking application, web form based access request system).- Defined new roles of Compliance Admin and Defect Manager, along with developing semi-automated reporting system and related procedures now performed by that team member.- Interviewed and selected team members, provided ongoing mentoring and twice annual performance evaluations.- Managed wiki and related forums and documentation for end users and customers to communicate program updates and education.- Developed and enhanced procedures for the scanning/compliance team through ongoing process improvement.- Tracking remediation of issues found and related approved risks for any deviation from compliance standards.- Worked jointly with CIO representatives on developing corporate security policies, scope and education, adjusting security landscape, internal policies and development practices.- Managed annual labor and expense budget of over $2 million. - Drove corporate participation/compliance in the new structured program from initial sub 40% to ongoing 98-100%.- Administration & support of web application (AppScan Enterprise) and Win Server 2012

- Led teams of up to 11 international developers and support personnel, supporting hundreds of Lotus Notes databases and over twenty customer groups with thousands of international users.- Defined and/or translated user needs into requirements for multiple releases.- Estimated/wrote support contracts for internal customers prior to engagement. - Co-developed and filed 7 software orientated patent applications (6 approved by USPTO).- Developed and automated routine processes relating to support needs and development standards.- Managed application team support schedule and procedures.- Provided advice and assist in development and support issues as both level 2 and 3.

- Test Manager & Defect Manager on projects ranging from Lotus Notes applications, various web applications to complex automated circuit board factory automation software.- Application developer on over a dozen applications (LotusScript, Lotus Notes/Domino, Excel, DB2)- Primary and joint end user support - Joint system administration for entire Rochester, MN Lotus Notes installation.

On return from summer internship resumed prior role- Manage 80+ node NetWare 3.12 LAN- Assist with administration of UNIX server and WAN equipment- Various trouble shooting and upgrading (hardware & software)- User training and support- Located at UW Health Eau Claire clinic, formerly known as Eau Claire Family Medicine Clinic

Lotus Notes development and network fax setup

- Manage 80+ node NetWare 3.12 LAN- Assist with administration of UNIX server and WAN equipment- Various trouble shooting and upgrading (hardware & software)- User training and support- Located at UW Health Eau Claire clinic, formerly known as Eau Claire Family Medicine Clinic

Provided backend support services for a local ISP with new user setup, troubleshooting/support using Linux administration and computer networking (physical connections, DNS, etc).