Identify security gaps across cloud and on-prem environments, identify solutions, and provide risk-based recommendations to leadership • Work effectively with cross-functional teams and people of all levels of IT experience; build lasting relationships across the organization to drive adoption of security principles • Provide security designs, patterns, and standards across a multi-cloud environment (Azure, GCP, AWS, OCI) • Work along-side cloud engineering to provide security guidance and recommendations to ensure environments meet security requirements • Conduct security architecture assessments for implementations spanning all security domains; identify potential issues and work with teams to mitigate risk • Designed and implemented Azure AD Conditional Access and Identity Protection policies to provide protections for a user-base of 50,000; eliminated the usage of legacy authentication in the environment • Build automations for SecOps using Azure Automations, Azure LogicApps and O365 Power Automate utilizing Microsoft Graph API • Strong experience with Azure AD, M365 E5, and Microsoft’s Defender security stack • Act as SME across all security domains and mentor other team members • 14 Years of IT generalist experience enhances ability to understand IT operations and how to best secure them • Creation of security architecture roadmaps aligned to business objectives and zero trust principles • Familiarity with NIST CSF, NIST 800-53, NIST 800-171, and CIS CSC

• Identify Office 365 configurations that result in security risks and mitigate• Perform Active Directory security reviews to identify possible vulnerabilities and coverage gaps• Create security audits, report findings and recommendations to executives • Collaborate with other teams to see where security can provide added value • Configure and maintain email security including solution. Tasks include creating custom email rules, managing information protection policies, email encryption, DKIM/SPF/DMARC validation, and troubleshooting issues• Implemented email security automation platform to remediate unwanted emails from mailboxes• Analyze common malicious emails and craft rules to block based on commonalities in email messages & headers• Configure Azure AD Conditional Access policies to implement identity-based security • Write PowerShell scripts to audit and configure over 50,000 Azure AD user objects• Create automated security playbooks• Determine discovered vulnerability impact by taking into consideration other compensating controls

• Identify Group Policy misconfigurations that result in security vulnerabilities and work with appropriate teams to remediate the findings• Perform Active Directory security reviews to identify possible vulnerabilities and coverage gaps• Create reports showing areas of improvement and present to appropriate IT members• Create Group Policies to harden Microsoft Office products which resulted in preventing several security incidents related to Macro enabled email attachments• Configure and maintain ProofPoint email security including solution. Tasks include creating custom email rules, managing information protection policies, email encryption, DKIM/SPF/DMARC validation, and troubleshooting issues• Block nearly all malicious emails with a combination of custom rules and ProofPoint TAP/TRAP• Analyze common malicious emails and craft rules to block based on commonalities in email messages & headers• Configure and manage Tenable SecurityCenter to perform vulnerability scanning and passive detection of network activity• Create discovery scans to identify unknown assets and roll them into appropriate scheduled scans• Perform manual validation where necessary to ensure discovered vulnerabilities are legitimate• Determine vulnerability impact by taking into consideration other compensating controls• Partner with appropriate teams to assess risk and remediate discovered issues• Configure Windows logging to provide all telemetry required for alerting and investigation• Create queries in SIEM solution to identify suspicious activity and alert appropriate personnel•Use Mitre ATT&Ck framework as a reference for SIEM queries and alerting

Formerly Netelligent• Migrated On-Premise Exchange to Office 365 and rolled out other Office 365 features• Setup Microsoft Windows NPS Radius with Azure MFA to provide Multi-Factor auth for RADIUS authenticated services such as VMware View• Built a VMware View environment to provide virtual desktops for remote workers• Work with security director to remediate assets identified as vulnerable by Qualys scans• Coordinate security patching of servers, workstations and business applications• Monitor Cisco FireAMP for IDS alerts and Indicators of Compromise• Investigate alerts to determine their legitimacy and remediate if required• Manage Cisco AMP endpoint for internal resources and remediate compromised endpoints• Architected and implemented corporate PKI using tiered Windows Certificate Authorities

• Manage a 4-5 person IT team, allocating resources to ongoing projects and enforcing deadlines• Identify areas of improvement within the infrastructure group; also keep an eye out for areas where IT solutions may benefit other business units• Detected, stopped and remediated a ransomware attack within 4 hours• Tracked source of malware back to compromised website• Implemented mitigations to correct gap in security coverage• Replaced entire wireless infrastructure from individually managed APs to a centrally managed solution• Implemented a managed SSO solution to provide a more secure logon experience for our users and customers• Present and explain problems and solutions to C-Level executives• Deployed and managed BitDefender endpoint protection solution for multi-site, 1000+ endpoint environment• Configured and reviewed daily reports; delegated clean up tasks to helpdesk team members• Continually modified rules and exceptions to ensure as much accuracy as possible• Deployed Tenable SecurityCenter CV in a multi-site environment to provide vulnerability management/metrics• Coordinated security patching activities for workstations, servers and business applications• Created asset discovery scans and compared with known managed systems• Deployed, managed and maintained ForcePoint (Websense)Triton APX security solution (Email, Web, DLP)• Implemented URL sandboxing to help prevent click through to malicious URLs• Configured and maintained Office 365 DLP policies to supplement ForcePoint Triton APX• Architected Microsoft ATA solution and monitored for anomalous activity• Member of Hunter’s Cybersecurity Committee which met regularly to determine security initiatives for the business• Architected logical network and built out VLANs to segment network traffic and allow for firewalling off network segments• Redesigned DMZ to force all web application traffic through Barracuda reverse proxies and WAFs

• Installation, configuration and management of Windows Server 2008R2, 2012, 2012R2• End to end management of the enterprise vSphere environment consisting of 200+ Virtual Machines, and 19 hosts• Implemented several SharePoint environments including 2010 and 2013• Configured OS deployments via SCCM to greatly reduce manual effort and speed up OS installs• Configured and maintained Dell Equallogic SANs at HQ and branch offices used for virtualization• Installed and maintained several Sonicwall firewalls. Managed rules, NAT, IDS, Site-to-Site VPNs• Selected and implemented Websense web and e-mail filtering solution along with DLP component• Moved all VM backups from Netbackup to Veeam B&R. Built a large storage backend for housing backups and off-sited backups to AWS S3 storage• Built a Citrix XenApp 6.5 farm and deployed to 100 branch office employees• Maintained multi-site AD including account management, troubleshooting replication issues, group policy configuration and monitoring for performance & security issues• Managed Exchange 2010 environment and assisted with upgrade from Exchange 2007• Identified unnecessary firewall rules and removed them to greatly reduce the attack surface• Removed over 200 legacy firewall rules that were left over from decommissioned services• Implemented SSL traffic inspection to find and block malicious Internet traffic• Investigated endpoints attempting to communicate with C2 servers and remediated• Identified weak permissions on sensitive data stores and worked with data owners to implement tighter controls

• Managed DNS, DHCP and Group Policy services for Windows servers• Implemented and configured SCCM as the Windows patching solution for 300+ servers (maintained Dev/Production patch cycles)• Assisted with Blackboard Transact Platform and PCI compliance for credit card services• Configured card access hardware and policies for campus buildings

• Managed 650+ workstations, 40 servers and 2500+ users• Implemented tighter security permissions on file shares to prevent student access to sensitive data• Removed local administrator permissions from faculty, staff and students• Created imaging process to allow for quick remediation of compromised machines• Used GPO to redirect local file storage to file servers• Managed Microsoft Active Directory, DNS, DHCP, Group Policy and IIS services• Implemented GPO policies to lock down student machines to prevent access to unnecessary OS functions

• Remediated infected customer computers• Provided pointers for avoiding repeated compromises• Modified system settings to help prevent future malware infections• Created HOSTS file to black-hole many of the known bad domains• Changed permissions on HOSTS file to prevent modification