Developed a Cyber Security practice from the ground up missioned to protect the confidentiality, integrity, and availability of intellectual property.➣ Led high profile incident response engagements against advanced attackers such as the Maze and Snatch ransomware groups➣ Sold and deployed various security solutions based on client needs➣ Built out and led Security Operations programs ➣ Perform vulnerability scans and presented prioritized findings and opportunities of improvement➣ Assessed companies risk posture and identified key areas to focus on to improve overall security posture

Promoted to the Head of Cyber Tactical Operations in charge of a team of 40 technical personnel; lead all hiring, training, and ongoing development of the team. Established a new Client Security Program.➣ Selected to direct and guide the buildout of a new SecDevOps Program focused on security automation/orchestration, custom application creation, integrating open source software, and designing/maintaining custom tool integrations.➣ Aided the Security Operations Center (SOC), by increasing personnel by over 1050% (6 to 69 with turnover), within six months.➣ Lead project contributor for the ISE Southeast Project of the Year nominee, project details.➣ Led the initiative to deploy EDR agents to >30,000 endpoints nationwide.➣ Directed executive war rooms for critical incidents and emergency infrastructure enhancements.➣ Established an IPDS working group to solve bank visibility challenges➣ Led the Shape Security Implementation Project, establishing an advanced bot management solution to protect client credentials and intellectual property.

Recruited to this role to direct and lead digital forensics, incident response, eDiscovery, financial applications, and threat hunting for SunTrust nationwide. Provided hands-on support to the SOC in streamlining internal processes and resolving numerous technical challenges. ➣ Successfully built out a cutting-edge Incident Response Program; hired 50 new technical staff in less than six months to support the program long-term. ➣ Directed and led the forensics team in a high-profile loss investigation that resulted in the discovery of 1.5M lost records.➣ Revamped the Forensics Program with the introduction of new procedures and personnel. ➣ Conceptualized, designed, and implemented a Threat Hunting Program that discovered large security gaps within the bank’s infrastructure.➣ Played a key role in the closing out of multiple Federal Reserve MRA audit findings.

Promoted to Sr. IR Engineer due to a positive impact on the SOC and the IR Program. Accountable for creating and maintaining Splunk alerts for the SOC; served as the official approver of software installation requests company-wide. Performed digital forensics investigations for HR and other internal business units.➣ Selected as a program team lead and acted as an SMI for incident responses and digital forensics. ➣ Helped establish and mature insider threat monitoring via the deployment and tuning of Exabeam.➣ Served as a Tanium, F-Response, Security Onion, and Firepower Administrator/Architect.➣ Recognized as a Tanium SME; played a vital role in Tanium product improvements.➣ Presented at various industry conferences to promote cutting-edge enhancements and workflows.➣ Led interactive classroom training sessions; taught proper operations security and forensic analysis.

Oversaw and maintained the Data Loss Prevention and Symantec Endpoint Protection infrastructure of the NY Stock Exchange. Served as the device protection SME; managed trading floor SEP and WIP instances. ➣ Championed the introduction of cutting-edge incident response and forensic methods to the NYSE.➣ Monitored Tripwire and Imperva alerts to detect unauthorized file changes and to detect privileged database changes; improved SOC ticketing processes and procedures.

Served as vulnerability management liaison for the IS Department tasked with advising business units on how to remediate critical vulnerability findings; acted as incident response and digital forensics SME.➣ Spearheaded IS Department training on proper incident response processes and procedures. ➣ Managed Symantec Endpoint Protection; built out and maintained the bank’s SIEM infrastructure.

Brought on board to provide daily network monitoring for a top MSSP client. Managed IPS and firewall rulesets, created custom alerts, performed incident responses, and provided remediation tactics for clients under attack. Helped create and modify security policy, process, and procedures. ➣ Monitored and triaged thousands of log alerts per day; approved tickets and other security requests. ➣Led enterprise malware/intrusion detection (hunting), managed/tuned custom SIEM infrastructure.➣ Provided incident response and digital forensics training; mentored and trained a new Analyst.