Responsible to forecast, budget and initiate infrastructure improvements to ensure Health Net hardware and software are kept current and in compliance with SOX, HIPAA, DIACAP and PCI. Leads project managers, IT architects and outsourced vendors in a collaborative environment. Escalates infrastructure and application outsourcing issues to senior leadership, if necessary. Drafts governance process to ensure infrastructure and application outsource vendors are meeting expectations. Prioritizes currency portfolio with regard to compliance, information security, stability, service life and customer need.

Implemented risk-based application security program using NIST 800-30 framework to ensure HIPAA and PCI needs are addressed. Used proprietary and open source tools to perform dynamic scans of applications. Assisted Director of Application Development by communicating information security risk and providing strategy to improve risk posture. Provides advice to developers on remediation of software flaws. Drives improvements to Software Development Lifecycle (SDLC) and coding standards to reduce potential vulnerabilities during development. Managed 3rd Party application security audits and ensures findings are remediated. Mentored software developers on security and privacy issues. Built small, adhoc teams of three to address ecommerce architecture and software vulnerabilities.

Instructs students via lectures and demonstrations in a classroom or laboratory setting according to program objectives and course syllabi. Courses instructed: “Information Security Perspectives,” “Legal and Security Issues,” “System Forensics Investigation” and “Security Architectures of IT Platforms,” "Auditing ECommerce," "Desktop Operating Systems" and "Hacker Techniques and Incident Handling"

Management 414: SANS® +S™ Training Program for the CISSP® Certification Exam

Led successful certification and accreditation projects for Department of Defense applications and networks. Performs analysis of security risks and vulnerabilities. Conducts specialized tests, analysis and studies of application “net-worthiness.” Meets with customer to determine needs and communicate progress. Provides consultation to other projects for development of DoD security requirements (DODI 8500.1 and 8500.2) and documentation. Consults the ICBM System Program Office on compliance with National Industrial Security Program (NISP) regulations.

Lead Functional Analyst for the Agile Munitions Support Tool (AMST), provides inventory capability analysis to the United States Air Force Chief of Staff. Expertly administrates security and maintenance for two unclassified web servers (Windows Server 2003 & HP-Unix) and one classified network (Windows Server 2003). Expertly documented system requirements to satisfy overall munitions business strategies. Wrote detailed description of user needs, program functions and steps required to develop a web-based information system.

Responsible to administrate security of Sperry/Unisys System 1100, ATT 3B2, and HP9000 munitions logistics mainframe computers. Performed Site Certification projects for two systems. Developed information security policy and inspected compliance of eight subordinate locations in Europe. Performed duties as Assistant Information Security Manager for United States Air Forces in Europe – Theater Ammunition Control Point. Directly managed 27 employees.

Patrol assigned areas on foot or in vehicles. Interview witnesses, victims and suspects in the course of investigating crimes. Guard entrances and direct traffic. Arrests and assists in charging criminal suspects