Provided Dynamic Web Application Scanning expertise to successfully kick start the usage of the Qualys WAS within the client’s environment. Analytical approach to the onboarding of the required applications, shifting methodologies and customization of the tool to meet different business needs and goals according to each application. • Pen-test web applications in Production and Non-Production environments. Vulnerability report creation in appropriate systems and delivery to designated application teams. • Work with the application security teams to advise and guide their remediation efforts to meet remediation time policies per the vulnerabilities risk ranking; Provide additional evidence and Proof of Concepts of the vulnerabilities as needed. • Evaluate and rank vulnerabilities to determine and recommend safeguards for application owners to implement in order to improve the security posture. • Communicate with management inside the client’s organization and provide status updates effectively across multiple teams. • Review and update existing Procedure and Policy Documentation. Making adjustments as needed to meet security compliance requirements and standards. • Design full remediation plans and actions according to each vulnerability need. • Manage Qualys Web Application Scanner by continuously adjusting the scanner configurations based on the latest scan results analysis of each individual application and customizing Selenium Scripts; Pivoting to focus on the necessary application to meet business needs. • Research and implement Advanced Web Application Scanning solutions to meet the demands required by each application’s technology stack. • Serve as a point of contact and lead for the DAST Security Team between the client and Optiv. Maintaining clear and constant communication about challenges and milestones. Maintaining a steadfast track on fulfilling the contractual obligations.

Deliver outstanding on-prem and cloud expertise to support tools in both environments, and identify opportunities for cloud transformation and automation. Successfully identify, design and implement core requirements for security technologies such as Azure Cloud, Web Application Firewall (WAF), and DLP.Completed a proof of concept for several web application WAF vendors.Served as one of the main drivers for reviewing application VIPs in our network and worked with the business unit owners to properly place them behind the On-premise F5 WAF controls. Resulting in an improved security posture and reduced attack surface.Served as one of the main drivers for reviewing and ensuring detections were accurate and not rending false positives, and verified preventions were in place.Deliver technical implementation of systems and communication of security requirements to management and security leadership in addition to assisting within investigations into security threats and remediations.Engage in ongoing cross-team collaboration workshop meetings to continuously improve tools and implement solutions.Build Splunk queries, reports and dashboards.Assist in identifying and engineering security technologies such as Security Incident and Event Monitoring (SIEM), cloud security technologies, and firewalls. Configure the log delivery of the cloud WAF to Splunk, in partnership with other teams.Participate in team on-call rotations, and assist with support/repair activities.Plan and build testing environments using Azure VMs such as Kali Linux, and collaborate with the in-house Red Team to facilitate their use and access via a Bastion hostProvide in-depth support for systems and technologies such as WAF, ePO, CASB and O365.Review, enhance, validate and implement RegEx for DLP.Prepare and update information procedures, standards, and other technical documents.Recommend and evaluate security tools to identify more efficient and effective security measures.

Reviewed and tested web application vulnerabilities to assist with communication and mitigation. Offered working knowledge of OWASP Top 10 and mitigation techniques to complete tasks. Successfully triaged technical support cases, driving them to a complete and successful resolution.Trained four Level I Technical Support Engineers to ensure comprehension of tasks and duties.Recognized as the subject matter expert with regard to supporting integrations with WhiteHat as well as APIs.Delivered outstanding customer service in relation to web application security needs.Diagnosed and troubleshot issues with client web applications to perform optimal security assessments.Created custom REST API calls to meet specific client requests.Assisted customers in the deployment of virtual machines to facilitate vulnerability testing in internal assets, and diagnosed and troubleshot issues with client-hosted virtual machines. Delivered designated technical support to two high-profile clients with a combined Average Annual Return (AAR) of $2MM+.Engaged in special projects as assigned, and served on the Culture Club to plan and organize events for the Houston office.

Engaged in direct client contact to deliver support and instruction at the arboricultural tree care services company. Ensured technology and tools were operating per industry standards.Supervised the performance and tasks of five staff, providing training when needed, while serving as a crew leader and sales leader to ensure efficiency and quality in all work products.Redesigned the marketing strategy, and implemented Breezeworks, a new CRM software.Design and introduced a formal contract/quote document template for use at each client visit.Resolved and troubleshot technology and networking issues.Designed, built, and managed the company website.