• Current SME of Splunk, Crowdstrike, Veracode and Qualys• First Security Engineer in the company and was responsible for building out Security Operations team• Led numerous large scale projects to build out our security infrastructure in a meaningful way while continuously monitoring and tuning said platforms• Excelled at utilizing a defense in-depth cyber security strategy to help provide a layered approach for our overall security posture• Designed architecture diagrams for presenting upgrades and changes to engineering or leadership• Utilized internal Github repositories for remote storage of code• Investigated security anomalies to help with detecting and identifying potential vulnerabilities or gaps within our environment• Performed quarterly administrative audits of sensitive production systems to validate user access• Deployed Canary tokens in the form of honeypots, fake services, Word documents, shell scripts, and others• Worked with IT to design IAM and RBAC schemes for all security platforms which allowed for Help Desk to assign groups mapped to roles in their respective systems• Assisted with implementation of varying IAM/PAM tools such as Auth0, Cyberark, and Okta• Worked with DevOps to automate CI/CD pipelines in Jenkins for our production code releases by utilizing Veracode API• Created scan policies in Veracode to align with CWE’s found in OWASP top 10 and SANS 25 • Reviewed SAST scans in Veracode and worked with Developers to assess the risk and what remediation or mitigation steps will be• Brought TruffleHog in-house and used Python script to scan Github code repositories, find clear-text secrets, and report on what was identified• Incorporated SEDATED into SDLC to block commits that were identified as having clear-text secrets• Led project to rebuild entire Splunk environment which included upgrading from v 7.3.3 to 9.0.1• Full scale deployment of Crowdstrike and Qualys into pre-production and production environments

• Operated in a 24/7 SOC that performed Incident Response, Advanced Threat Detection, and Digital Forensics• Recommended and coordinated the implementation of security counter-measures and with appropriate organizations• Monitored security dashboard alerts (SEIM) to identify and lead the response and mitigation activities for security events• Performed vulnerability and configuration management scans and communicates results to system owners for remediation.• Assisted with Botnet and Denial of Service detection and remediation efforts• Analyzed OSINT, SIEM, IDS logs, packet captures, and various other tools to correlate data and accurately identify root cause of the problem at hand• Review and analyze data looking for anomalous or suspicious behavior that indicates a potential security related incident• Follow the Cyber Kill Chain to determine how an attacker may be trying to exploit our environment and leverage it against us

• Escalation point for any issues that are unable to be handled by tier 1 agents• Responded to various customer related incidents and remediated the issue or engaged the correct team• Reported and maintained database consisting of account in DMCA program• Ran campaigns using data pulled from Damballa, Shadow Server, and SIEM to assist in remediating the incident• Monitor and efficiently respond to escalations received through phone, email and chat• Responsible for scrubbing and delisting of IPs on Spamhaus, SORBS, Trend Micro and other various black lists• Determine scope of impact for incident at hand and respond according to criticality • Administered our compromised email process which used varying detection methods to identify subscriber email accounts that were being used for malicious purposes• Engaged all stakeholders on a weekly basis to alert each of their role for the incident being worked on• Responsible for coaching Charter employees who were caught not adhering to authentication, verification, and other security related protocols • Ensure that new technical requirements are properly integrated with existing processes

• Responded to abusive complaints concerning our customers private networks• Provided recommendations and remediation steps for devices that have become infected• Quarantined residential customers who were violating our AUP due to abusive network traffic• Followed strict account security guidelines to verify and authenticate end users• Assisted with DoublePulsar campaign to effectively communicate to customers the vulnerability• Located accounts using correlation tactics consisting of DHCP tied with billing system information• Mitigated brute force and abusive email traffic attempts using router configurations such as port blocking and filtering techniques• Utilized troubleshooting skills to accurately define problem at hand and provide resolution steps

• Provided deskside and remote support for on-site users consisting of roughly 3,500 employees• Initialized BitLocker encryption, SEP, and AES-CCMP as a few of our security efforts • Deployed and dealt with configuration problems of Cisco Polycom and IP desk phones• Utilized Service-Now for ticketing software and asset management system• Responded to and mitigated network as well as local security threats• Utilized SCCM as our imaging tool of choice as well as software repository for end users• Created Root CA certificate for use when authenticating on domain and VPN• Setup users to work remotely while on VPN with Cisco Jabber softphone• Performed tier I/II support for Cisco desk phones and Polycom conference phones• One of the few solely responsible for maintaining IDF including related issues and improvements• Installed, configured, and supported Skype for Business (Lync) on end user machines• Supported Windows 7 and 10 running on primarily Lenovo and HP machines• Troubleshot issues ranging from local encryption to DHCP, DNS, and IP problems

• Provided level two technical support for ProBuild Associates• Worked with Engineers, Directors, and high level associates to complete projects• Documented full MDM configuration procedure for all newly delivered devices• Lead in multiple project rollouts that positively benefited the business and end user experience• Performed software updates on Sentry server running on Window Server 2008 R2• Extensive use in daily work routine with Service-Now ticketing software• Monitor and efficiently respond to requests received through phone, email and chat• Assisted with training of new SD employees on standard operation procedures• Used Active Directory for domain account administration and delegation of access• Moved created accounts to according OU dependent upon which group policy they need to hit• Facilitate in migration efforts going from hosted Exchange to Office 365 environment• Supported associates on navigating and working efficiently with new Outlook and OWA interface• Setup users with configuration of new Office 365 mailbox on Outlook mail client• Create tickets, submit access requests, and complete tasks using Service-Now ticketing system• Remotely managed workstations and servers using RDP and Bomgar remote tool• Managed and configured ERP systems, Windows 7 systems, Virtual Desktops, Citrix, Mobile Iron• Supported 5 total, 2 Dimensions and 3 Gemini, Legacy ERP systems running through Citrix or a Windows client• Provided end user support and training of policies on Enterprise Vault archiving software• Provided QA on calls taken and tickets submitted by giving out reports indicating the fault made• Worked with multiple different teams, administrators, and managers to find solutions• Provided support with thin clients using Citrix Receiver who were in Citrix XenApp environment• Maintained expectations set by handle time, ticket kick-backs, and meeting SLA reports

• Provided end user support for 3,000+ employees utilizing up to 20 different applications• Submitted an average of 15-20 detailed support related tickets daily• Reset user password and created objects via Active Directory• Rebuilt Windows profiles to standardize the desktop for a more efficient work environment• Programmed POS crucial mobile devices with strict security settings for sole purpose use• Extensively utilized, managed, and assisted with SharePoint collaboration software for employee use• Create folders on file server, enable sharing, and map network drives via each workstation• Expertise with iOS devices and supporting backups to iCloud for multiple device accessibility• Imaged new workstations using cloning software with necessary applications, configurations and links• Utilized and supported Cisco VOIP phones concerning connection loss, voicemail setup etc.• Managed external and internal contacts as well as distribution groups through our Exchange console• Configured new inboxes for archiving, added and set permission for calendar sharing in Outlook 2013• Ensure that new technical requirements are properly integrated with existing processes• Set up, configured, and imaged new workstations for employees moving throughout the company• Administered support to users via telephone, remotely, email, and desk-side assistance• Performed preventative maintenance on Ricoh multi-function printers • Supported users on thin clients launching a VDI and working remotely using Citrix XenApp• Adhered to multiple SLA’s that gave time constraints on how efficiently work needed to be handled

• Assisted a campus wide population consisting of students, faculty, and staff • Identify, understand and plan for organizational and human impacts of planned systems• Troubleshoot a multitude of varying issues on complex systems to make the process operational again• Escalate work orders to second level representatives when situation is necessary• Ensure that new technical requirements are properly integrated with existing processes• Resolved problems using critical thinking, an internal knowledge base, and other useful tools• Provided detailed documentation in HP Service Manager for every interaction• Entrusted with user account access in Active Directory for everyone affiliated with the University• Supported users with Microsoft Exchange and Office365 configured to their desktop and mobile device