• Prepare, manage, and conduct compliance, security, privacy, data protection related audits and assessments of Information Technology infrastructure, applications and services to evaluate compliance with Information Technology security policies and standards • Apply knowledge of Information Technology security management frameworks especially International Organization of Standards to the context of broader Information Technology management frameworks and related systems and processes • Engage in the third party vendor legal documentation processes including Master Service Agreements, Statement of Work, and Request for Proposal responses • Lead efforts with contributors from multiple business, service delivery, and supplier teams and provide guidance in the following areas: Access Control, Security management, Security architecture, Application security, Operations security, Physical security, Cryptography, Telecommunications networking, Business continuity planning, Privacy laws, investigations, and ethics. • Provide advice on the risk and security implications of technology projects within the context of any compliance undertaking, to establish that systems are implemented with appropriate approved security controls commensurate to the business risk • Report security and compliance audit/assessment findings clearly using Information Security Risk and Compliance's structured report format and communicating the results to the relevant stakeholders • Identify and actively contributing towards the continuous improvement of operational processes, productivity and quality within the team and managing these initiatives • Respond to inquiries regarding general information security and information risk management issues • Work with key stakeholders to provide reports and metrics• Lead and manage multiple projects simultaneously while effectively prioritizing work • Deliver completion of audits in accordance with the annual audit plan and established timelines

• Consult Fortune 500 clients in a variety of industries (e.g. industrial products, banking, telecommunications, technology, etc.) regarding cybersecurity. Evaluate current strategy, compare to best practices, and provide strategic enhancements. As well as define and implement security governance programs including business critical asset identification, TVM, DLP, third party management, access control and customer requirements validation to achieve goals relevant to both security and business needs • Perform analysis to validate that processes, policies, and procedures are functioning as planned and in an efficient fashion, and provide process improvement development recommendations • Analyze complex security concerns, then provide recommendations to leadership that align and support both security and business initiatives• Work with senior business and technology leaders to review standards and frameworks (ISO 27K, NIST, etc.) and regulatory requirements (PCI-DSS, etc) and work towards compliance or enrichment goals • Lead team members to ensure that goals and budget requirements are met

• Verified systems security and configuration for multiple government Information Systems and platforms• Handled user account administration resulting in 100% compliance with 0 incidents • Provided technical application support for Windows based government applications• Executed incremental and full backups for proper data recovery to ensure 100% availability• Conducted comprehensive log reviews for significant events to minimize and identify incidents• Performed software updates, installations, device firmware upgrades, and administers the change management program for patches of all Information Systems• Encrypted data transmission to conceal confidential information of digital transfers• Ensured adherence set forth by the National Security Agency and other government agencies• Carried out hands on audits of 7 different groups for compliance and proper security measures• Served as senior communication security advisor for 500+ personnel having direct impact on policies • Oversaw physical and environmental security procedures and access control for restricted areas that contain classified communication security equipment and networks with 0 incidents• Trained users promoting information security awareness improving efficiency saving countless personnel-hours responding to security related incidents• Managed projects requiring multiple month and annual application• Developed, maintained, and tested a business continuity plan for emergency situations• Led a disaster recovery team during the 2014 Southern California wildfires utilizing the business continuity plan allowing for classified information systems to resume within minutes with 0 degradation• Average of 97.5% on two yearly audits• 100% accountability and integrity of over 1,000 cryptographic items valued at over $15 million • 100% success rate for maintaining and destroying physical and electronic classified materials within prescribed timeframe

• Supervised 37 varied ranking personnel conducting various duties such as: risk assessments, physical and environmental security, safeguarding and handling classified materials and information, and logistics.• Traveled to different locations in Afghanistan conducting risk assessment of ammunition handling and storage• Oversaw day-to-day operations of ammunition, embarkation, and maintenance for multiple entities across Afghanistan• Responsible for assets having a combined worth of over $32 million• Ensured accountability of 84 department of defense identification codes for ammunition and explosives • Tracked inbound and outbound flights in support of continued operations throughout Afghanistan and globally utilizing application on classified information system

• Supervised risk management procedures for missions, day-to-day operations, and authorized operational risk management documents for personnel and training evolutions• Directly responsible for acquiring, handling, coordinating, and executing support request for special operations evolutions • Implemented technology changes resulting in a greatly improved system and performance via an automated information system saving countless man hours thus significantly reducing cost • Systematically formulated and networked with both internal and external sections• Supervised the dispatching of tactical, commercial, and non-standard transportation assets• Ensured accuracy in record keeping