Security Architect, U.S. Department of Treasury (DOT), Internal Revenue Service (IRS):Serving as a subject matter expert in security architecture, providing guidance and recommendations to align IT initiatives with strategic security objectives. Advocating Zero Trust Architecture principles across various IT projects, contributing to a more secure and resilient enterprise. Writing security-focused Enterprise Architecture guidance to ensure the secure design and implementation of IT systems. Collaborating with cross-functional teams.Cybersecurity Technical Lead, U.S. Department of Treasury (DOT), Internal Revenue Service (IRS):Leading cybersecurity reviews, ensuring compliance with IRS Publication 1075. Managed multiple IT reviews with teams of 8-12, delivering within tight schedules. Conducted Tenable Nessus security compliance testing and manual assessments of various technologies including firewalls, VPN, virtual desktop remote access, network security systems, virtualization (VMware), cloud computing (AWS, Azure), databases (SQL, Oracle), data warehouse, SAN storage, web applications, mainframe, VoIP, Linux servers (RHEL, Oracle), and Windows servers/workstations (Active Directory). Developed comprehensive reports on findings and remediation, ensuring technical accuracy and timely completion. Communicated technical results to leadership and senior management.Cybersecurity Project Manager, U.S. Department of Justice (DOJ) Executive Office for United States Attorneys (EOUSA):Leading a team of 9 professionals overseeing 4 separate initiatives: Vulnerability and Penetration Testing (VAPT), Security Assessment and Authorization (SA&A), Security Audit Logs, and Insider Threat Program. Experience in planning, execution, and cross-functional collaboration.

Vulnerability Program Manager, U.S. Department of Justice (DOJ), Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF):Managed the ATF vulnerability management program, ensuring the protection of agency infrastructure from threats and vulnerabilities. Tracked daily progress of vulnerabilities and agency cybersecurity initiatives, providing daily reporting to senior management. Chaired the vulnerability management working group, overseeing teams throughout the agency. Led recurring and ad-hoc vulnerability meetings, including those with auditors. Monitored dashboards and scorecards to ensure agency compliance with goals and targets, providing necessary updates and assessing for anomalies while offering recommendations for remediation. Conducted preliminary security impact assessments for ad-hoc and requests related to change control and configuration management. Performed scheduled and ad-hoc vulnerability assessment scans on all agency infrastructure components and software applications (i.e. Java), preparing result reports that categorized vulnerabilities based on criticality and prioritized them using risk-based criteria. Communicated vulnerability scan results agency-wide, monitoring mitigation and resolution until resolved. Developed and maintained a baseline of secure configurations for all agency infrastructure components, coordinating, overseeing, and tracking the implementation of secure configurations, and continuously monitoring compliance with the approved baseline. Developed and maintained vulnerability management policies, procedures, system security documents, and training materials. Oversaw compliance for disaster recovery and contingency plan exercises and made recommendations for security tools and techniques to enhance the efficiency and effectiveness of the vulnerability management program.

IT security analyst conducting multiple short-term engagements to include the below projects:U.S. Department of Justice (DOJ), Justice Management Division (JMD):Managed security independently, assessed security controls using CSAM security tool and addressed vulnerabilities. Collaborated on audits, documented findings, and provided remediation recommendations for public reports. Assisted with security assessments and security policy updates.U.S. Security and Exchange Commission Office of Inspector General (SEC OIG):Collaborated with auditors on 5 Congress-bound audit projects. Assessed findings, documented causes, and recommended remedies for public and congressional reports. Ensured accurate, timely, and compliant delivery of audit outcomes.Federal Housing and Finance Administration Office of Inspector General (FHFA OIG):Conducted 2 full NIST based security assessments for general support systems and 1 pre-audit assessment.Federal Housing and Finance Administration (FHFA):Contributed to continuous monitoring support, security report generation, and security policy research.U.S. Holocaust Memorial Museum (USHMM):Led two NIST based initial security assessments, risk assessments, and developed security reports.U.S. Commission on Civil Rights (USCCR):Provided security assessment support for Cyberscope tool, stakeholder meetings, and security documentation.Xerox Datacenter:Led three annual NIST based security assessments, risk assessments, and security reports.Dynaxys Datacenter:Conducted security assessment and web application / automated penetration testing and prepared detailed security assessment reports.North Penn School District:Conducted web application / automated penetration testing for 8 custom web applications and prepared security assessment reports.Madison Bank:Conducted three annual FFIEC based security assessments and prepared comprehensive reports.

Installed and configured internet and network systems for commercial and residential use. Provided technical support, using analytical skills to diagnose and resolve connectivity issues, ensured telecommunications availability, and repaired hardware/software. Applied anti-malware software, security patches, and enhanced operating system security.