- Cyber Incident Management & Preparedness / Crisis vulnerability Management- Manual & automated security testing focused on discovery/exploitation of vulnerabilities - Govern the development & execution of the organization's roadmap and key priorities- Aid development and data driven reporting of performance & risk based metrics

• Drive the Vulnerability Management strategy; focusing on identifying risks and collaborating with the corrective action owners to remediate vulnerabilities.• Responsible for performing scans, researching and analyzing vulnerabilities, identifying relevant threats, corrective action recommendations, summarizing and reporting results.• Manage the tracking and remediation of vulnerabilities by leveraging agreed upon action plans and timelines with corrective action owners.• Partner with the Threat Management team to develop and implement action plans to reduce the enterprise threat landscape.• Generate metrics and reporting on the state of security, threat, vulnerability and patch management for support groups and the IT leadership team.• Manage penetration testing and Red team activities to identify gaps. Work with corrective action owners to develop actions to remediate identified issues

• Managed Symantec Data Loss Prevention policies for Network and Endpoint • Escalated potential data loss events to the appropriate corporate parties and supported Legal Privacy team by providing evidence in order to quantify event for response• Monitored outbound network protocol traffic for potential data loss incidents• Created and tuned DLP policies to identify important data movement events• Performed forensic analysis of workstations/servers in support of internal investigations

• Manageed the Special Investigations Unit (SIU) Technical Team. This team is responsible for:o Analysis of potential new products to be used by the SIU. Upon product selection, the team then implements the product into Cigna's production environment.o The everyday support and maintenance of all technologies used by the SIU.o Provide information from many diverse data repositories to the Investigators to be used in ongoing investigationso Perform data mining and analysis to proactively detect various complex fraud schemes.o Provide all reporting on investigations and financial savings on scheduled and ad-hoc basis.• Acted as a technical subject matter expert to support technology aspects of both internal and external fraud investigations.

• Responsible for working with business functions to ensure business continuity plans are updated annually, as well as developed new plans. Provide LDRPS training to the Business Continuity Coordinators.• Performed Business Impact Analysis’s (BIA) and Risk Assessments. • Identified gaps in the businesses’ strategies and plans as well as provide guidance during disruptions, incidents and events. • Coordinateed with business functions to develop plan testing such as: tabletop walk-throughs, notification testing, mobile testing and hot site testing.

• Develop operational programs to prevent intellectual property loss using data loss prevention (DLP) techniques and software, support electronic discovery requests (Encase & FTK) and mitigate information systems security breaches. • Identification and investigation of potential intellectual property theft and corporate policy violations through monitoring of messaging traffic, removable media usage, unauthorized file movement and internet browsing activity.

• Perform IDS monitoring, forensic Investigations, malware prevention and remediation, litigation support, network/web security audit scans, and web/email security efforts.• Conduct External Service Provider security audits of both on-shore and off-shore vendors prior to the outsourcing of critical business functions.• Primary point of contact for security reviews of infrastructure and applications.• Consult to project teams to mitigate risks identified during reviews of application security designs.• Evaluate and compare various vendor products and services to enhance the security posture within the enterprise.• Graduate of Cigna's Technical Early Career Development Program (TECDP), an executive sponsored program created for the development of IT professionals.

• Performed administration of data and file/print servers including user setup, backup and user maintenance.• Performed image and scratch builds of Windows NT/2000/95/XP network clients.• Conducted hardware and software troubleshooting.• Installed and maintained all hardware and software for divisional Virtual Private Network (VPN).

• After completion of the Naval Nuclear Power Training Pipeline, including Engineering Laboratory Technician (ELT) school, severed honorably upon USS Helena SSN-725, ported in Pearl Harbor, Hawaii. • Held Department of Defense “Secret” security clearance.• Supervised Reactor Laboratories Division to grades of “Excellent” on 2 consecutive Nuclear Operational Reactor Safety Exams.• Awarded Junior Sailor of the Quarter (January - March 1995) for outstanding performance of duty.• Received an Honorable Discharge upon completion of active and reserve duty.