After PSI was brought on as a sub contractor for the Unified Platform's cloud program, I used my Cyber Security and Cloud Engineering background to move into a DevSecOops Engineering role. I am currently fulfilling the following:Implements secure CI/CD pipelines in GitLab to streamline code integration and deployment while ensuring adherence to security best practices.Develops and maintains GitLab CI/CD workflows for automated testing, security scanning, and deployment across multiple environments.Integrates security tools, including SAST, DAST, and container security scanning, directly into GitLab pipelines to identify and address vulnerabilities early in the development lifecycle.Conducts regular code and dependency reviews, leveraging GitLab’s merge request process and automation to reduce security vulnerabilities in codebase.Configures and maintains GitLab Runners, running in an AWS GovCloud Environment, for optimized performance and security, ensuring isolated build environments with resource constraints for controlled job execution.

After a brief break, I returned to the company in a temporary role as a Cybersecurity Engineer while awaiting the start of a new cloud contract. In this temporary role, I completed the following:Configured, maintained, and optimized Tenable Nessus and Security Center to ensure comprehensive vulnerability scanning across enterprise assets, supporting critical compliance and security standards.Conducted in-depth vulnerability assessments, prioritizing findings, and implemented effective vulnerability management strategies to reduce risk and strengthen security posture.Configured and managed a Host-Based Security System (HBSS) to establish advanced threat detection and response measures, safeguarding network integrity and ensuring compliance with organizational security requirements.

After my previous role at PSI ended due to the loss of a cloud contract, I accepted a position at Accenture as an AWS Cloud Platform Engineer. Following the successful completion of a high visability project at Accenture, I chose to return to PSI, where I was offered the opportunity to contribute to an upcoming cloud contract that was more in line with my overall career goals. While at Accenture however, my accomplishments included:Leading the migration of Jira and Confluence to Docker containers, streamlining deployment, enhancing scalability, and improving application management within the DoD’s Fences environment.Assisting a team in building, configuring, and integrating a Keycloak SSO solution for Jira and Confluence, providing secure and centralized authentication aligned with DoD access control standards.Configured AWS infrastructure, including load balancers, SSL/TLS certificates, security groups, and a PostgreSQL database in Amazon RDS, to optimize application availability, security, and performance for critical DoD applications.

At the end of 2019 I received my first two AWS certifications and was on the continuous lookout for a cloud role in order to full fill my goals of becoming a cloud engineer. I left my previous company after a short time only because a wonderful opportunity came about to allow me to achieve this goal. For this role I returned to support the Airforce Special Operations Command in support of AFSOC Cloud. During this time I provided the following:Led the engineering and support efforts of several Docker based applications to include Jira, Confluence, and the Tactical Assault Kit (TAK) Servers, all within an AWS environment.Demonstrated expertise in automating server deployment through the use of Cloud Formation templates (CFT) and Bash scripts, leading to significant reductions in provisioning time and ensuring uniform infrastructure across various environments.Engineered an Assured Compliance Assessment Solution (ACAS) leveraging Tenable.sc, Nessus Manager, and Nessus Network Manager, resulting in a substantial enhancement of the organization's cybersecurity posture.Successfully implemented a robust Splunk solution within an AWS cloud environment, thereby optimizing log management processes, strengthening security incident response capabilities, and driving valuable operational insights.Applied advanced Linux skills to effectively manage and maintain Red Hat Enterprise Linux 8 (RHEL 8) systems, ensuring their high availability, security, and optimal performance for critical applications.Furthermore, optimized Amazon RDS databases to achieve high availability and performance, integrated Elastic File System (EFS) for shared storage needs, and leveraged Amazon S3 for scalable object storage solutions.

Following a much needed short term career break during Covid, I decided to expand my horizons and venture away from the DoD. I was hired by a private sector company, because of my previous cyber experience, to build their vulnerability management program utilizing Tenable's suite of vulnerability scanning tools. During my short time with this company I was able to develop their vulnerability scanning / management program and completed the following tasks:led the engineering efforts of a newly established vulnerability management program, reporting directly to the Vice President of Security.Proficiently configured Tenable.io assets, dashboards, reports, implemented tagging strategies, conducted PCI audit scans, facilitated web application scans, and executed container scans.Collaborated closely with our cloud engineering team to integrate the Tenable Cloud Security module, enabling us to gain valuable insights into Docker container vulnerabilities.Leveraged in-depth analysis of scan results to proactively identify security vulnerabilities, weaknesses, and misconfigurations, contributing to a fortified security posture.

Employer A (GBSI): Jan 2021 - Jul 2021Employer B (ASRC Federal): Jul 2021 - Nov 2021Due to COVID, my family and I decided it was in our best interest to move back to Florida, which is why my previous position was a little short. I wanted to continue building up my Cyber Security Engineering skills and was hired as an Engineer on the Defense Information Systems Agency's (DISA) Unified Situational Awareness (UCSA) program. I started off working for GBSI and then transitioned to ASRC Federal following the contract’s re-award, ensuring seamless support and continuity in cybersecurity operations for the program. I performed the following duties while with the program:Engineered and deployed Tenable Security Center, Nessus, and Nessus Manager across three distinct enclaves, managing vulnerability assessments and compliance monitoring.Designed and migrated the vulnerability management framework, transitioning from traditional service accounts to a Nessus Manager solution that leveraged Nessus Agents, enhancing scan efficiency, security, and reliability, resulting in reduced vulnerability scanning failures from a 75% weekly average to under 2% across all enclaves, directly supporting the program's successful award of a three-year Authority to Operate (ATO).Engineered, configured, and maintained an extensive suite of McAfee ePO (HBSS) products, including Solidcore, McAfee Agent (MA), Policy Auditor (PA), Rogue System Detection (RSD), Data Loss Prevention (DLP), Host Intrusion Prevention System (HIPS), VirusScan Enterprise (VSE/VSEL), and migrated the program to use the newly released suite of tools, Endpoint Security (ENS).

My family and I decided to move back to Colorado from Florida and I was hired to work as a Cyber Security Engineer in support of the Shared Early Warning System (SEWS) on Peterson Airforce Base, Colorado. This Program provides near-real-time early warning information on ballistic missile launches to the U.S. and its allied nations. While serving as a Cyber Security Engineer on this critical program I performed the following Duties:Seamlessly integrated, and expertly maintained critical cybersecurity solutions such as Splunk, McAfee Endpoint Security (HBSS), and Tenable ACAS/NESSUS across both test and production networks.Diligently tested and implemented DISA STIGs, patches, and updates for all cybersecurity systems, ensuring compliance and optimal security posture.Demonstrated proficiency in system engineering and administration of Windows and Red Hat servers within a dynamic VMware vSphere virtual environment.Conducted thorough STIG audits on Windows and Linux devices, leveraging SCAP and STIG Viewer tools to ensure robust security configurations.Played a pivotal role in supporting ongoing efforts for continuous monitoring, actively monitoring and responding to cyber threats, security misconfigurations, and vulnerabilities.Provided invaluable technical experience to Information Systems Security Officers (ISSOs) in executing Risk Management Framework (RMF) Assessment and Authorization activities, contributing to a well-protected and compliant environment.

I was asked to return to the Airforce Special Operations Command to help establish a new Mobile Device Management (MDM) program based on my previous experience with this at Arma Global. This time I served as the Senior Principal Admin of the new program. As the technical lead, I led the deployment of Mobile Device Management (MDM) and Mobile Content Management (MCM) solutions using VMware's Workspace ONE (formerly AirWatch).Efficiently oversaw services throughout the entire development lifecycle, including Development, Staging, and Production environments, ensuring seamless operations and optimal performance.Collaborated closely with the unit's Information System Security Manager (ISSM) to update the System Security Plan (SSP) and manage Plans of Action and Milestones (POA&M).Served as the go-to Tier 3 support resource for enterprise-level MDM and MCM systems, offering expert assistance for both Windows and Linux platforms, contributing to a highly functional and secure environment.

In this position I transitioned from a traditional Systems Administrator and went into a Cyber Security Engineering role, supporting the Joint Preflight Integration of Munitions and Electronic Systems (JPRIMES) on Eglin AFB Florida. I led the engineering and technical implementation of several point-to-point systems tailored to meet stringent government requirements, crucially supporting operational needs. These systems encompassed a diverse range of components, including Windows and Linux clients and servers, Domain Controllers, DHCP, DNS servers, ACAS, and NAS systems.I played a pivotal role in advising the Information Systems Security Manager (ISSM) by providing technical expertise and guidance in the development and execution of the unit's Cybersecurity program, adhering to the DoD Risk Management Framework (RMF) and NIST 800-53 standards.To ensure robust security measures, I meticulously configured Secure Host Baseline (SHB) system images, leveraging the Microsoft Deployment Toolkit (MDT) for efficient deployment and compliance.Furthermore, I conducted comprehensive ACAS (Assured Compliance Assessment Solution) and SCAP (Security Content Automation Protocol) scans, proactively identifying and mitigating security vulnerabilities to bolster our overall security posture.

This position was working on a contract for the Airforce Special Operations Command (AFSOC) on Hurlburt Field, Florida. I led a skilled team of System Administrators responsible for the day-to-day Operations and Maintenance of the VMware Workspace ONE Mobile Device Management (MDM) server suite. Our efforts were pivotal in supporting the Air Force Special Operations Command Electronic Flight Bag (EFB) program, managing the mobility needs of over 4,000 iOS devices.Collaborated closely with the Information Systems Security Manager (ISSM) to meticulously review Monthly ACAS Scan results, ensuring continued compliance of Windows 2012 R2 servers, maintaining a robust security posture.Drove the implementation of new Security Technical Implementation Guides (STIGs) within Development and Staging environments, followed by thorough functional testing. I presented detailed test reports to leadership, facilitating their decision-making process for the approval of Production rollout.In addition to these responsibilities, I provided Enterprise Tier 3 MDM support to the EFB user community, offering expert assistance to enhance their mobile device management experience.

This role was in support of the service desk for the Defense Intelligence Agency (DIA).As a dedicated member of the Advanced Support Team, I fulfilled the role of providing Tier 2 technical support and mentoring to junior Service Desk Agents who were instrumental in supporting a global user base exceeding 50,000 individuals within the Defense Intelligence Agency.Within my responsibilities, I expertly administered MS Exchange and Active Directory, ensuring the seamless operation of critical email and directory services.I played a key role in delivering remote technical support for Thin Client workstations that utilized roaming profiles within Citrix Xenclient Virtual Desktop Environments, facilitating efficient and secure computing environments for end-users.Furthermore, I extended my technical support expertise across a diverse array of environments, including JWICS, NIPR, SIPR, StoneGhost, Bisen, US Bices, and Korea SIPR, ensuring uninterrupted and secure operations across a multitude of systems and networks.

The almost 9 years in this role was serving in the active duty Army. I started out as a network engineer and remained in that position for almost 3 years. After that time I transitioned to a desktop support / system administration role. While in the Army I deployed twice to Iraq in support of operation Iraqi Freedom. The first time I deployed to Iraq with the 32nd Signal Battalion out of Darmstadt Germany while the second deployment was with one of the most decorated units in the Army, the 65th Engineer Battalion, out of Scofield Barracks Hawaii. While serving in the Army I fulfilled the following duties:In the role of Senior LAN Manager, I assumed responsibility for delivering comprehensive desktop support within a Windows environment, catering to the needs of a user base exceeding 500 individuals.My tasks encompassed the installation, configuration, and adept troubleshooting of workstations, printers, operating systems, software applications, as well as Cisco network switches and routers, fostering a smooth and productive work environment.I additionally took on the role of Battalion Information Systems Security Officer (ISSO), overseeing and ensuring the security of information systems within the battalion. This included meticulous management of Information Assurance Vulnerability Alerts (IAVA), assessing their applicability and impact on systems, and taking appropriate measures to guarantee that all systems remained patched and in compliance with established security standards.