Responsible to establish, maintain and oversee the execution of the enterprise-wide vision, strategy, architecture, policies and programs to ensure information assets are protected, while maintaining an understanding of the challenges facing retirement benefit providers; information technology (IT) systems are secure, and security and business continuity risk/reward decisions are balanced and comply with external regulatory and legislative requirements. Create an information privacy and security-conscious culture. Develop and implement information security initiatives; conduct and oversee monitoring and auditing of compliance with regulatory and internal standards including investigations related to policy violations, security breaches and computer crimes. Proven areas of expertise include:• Incident Management (CERT)• Security Operations Center • Security Engineering• Security Architecture• Application Security• Systems Development Life Cycle• Information Security Program Framework• Information Security Standards• Security Strategy• PCI• Budget• Information Security awareness• Strategic Planning • Process & Performance Improvement• Security / Risk Management• Contract Negotiation• Vendor Management• Employee Development

- Serves as lead technical expert in the overall analysis, design, implementation, monitoring and support of an enterprise-wide technical architecture focusing on information security. To lead and conduct analysis of critical information security systems, network architectures and infrastructures to detect information security deficiencies and provide complex problem resolution. - Serves as lead technical expert in overseeing the analysis, design, implementation and support of an enterprise-wide technical architecture based on business requirements and information technology strategies focusing on Information security. Designs, develops and implements specific information security solutions, processes, best practices and methodologies, architecture, and technology evaluations. Analyzes e-business drivers and defines information security architecture requirements. - Provides expert technical consultation for new technology implementations. Oversees the evaluation and selection of hardware and software product standards, and the design of standard configurations for information security services. Reviews and revises systems documentation to maintain information currency.- Leads and conducts analysis of critical architecture and infrastructure to detect security gaps or deficiencies in the information technology environment; recommends and implements solutions for improvement. Identifies and communicates opportunities to maximize value of information security technologies to Information security management and peers to improve/increase effectiveness, reliability, efficiency, performance and service.- Serves as expert consultant for all ISD security issues and problems. Evaluates problem, identifies root causes; coordinates resources, determines temporary measures and/or permanent solutions, and recommends and/or implements measures to restore full service. Leads Information Security staff in coordinating and ensuring problem resolution.

* Serves as the subject matter expert for security best practices regarding IDS, IPS and SIEM configurations * Coordinates, develops, and evaluates security monitoring systems and architecture for the enterprise. Recommends information assurance/security solutions to support Company requirements.* Establishes and satisfies information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands.* Works closely with management to develop training program for new intrusion analysts within the Company, and authored training manuals for SIEM, IDS and IPS administration team.* Performs daily as the IDS, IPS, SIEM and Senior Analyst team lead, watching over all technical aspects and analysis of the enterprise IDS, IPS sensors.

Lead Engineer of a 3 person Firewall Migration Team. Responsible for the transfer of zones from Cisco FWSM’s to the FortiGate-3600C Next-Gen Firewall platform. Provided AppScan and Retina Scanning, provided Vulnerability Assessment and Application Scanning with FortiAnalyzer, and ArcSight and reported to upper-level management.

Configure and maintain 26 NOS boundary protection devices to include intrusion detection systems, firewalls, web proxies, and load-balancers.Identify unknown or unauthorized sources which attempt to access the AFNET and notify the appropriate USAF agencies when such events occur.Implement appropriate boundary protection counter-measures to secure the Air Force network.Provide management and maintenance of Air Force level DNS domains, and management of the AF Gateway Mail relays and Name servers.Manage various DNS systems employing Nominum Vantio Cashing Name, Nominum Authoritative Name Server, Bind Berkeley Internet Name Daemon (BIND), and McAfee Email Gateway.Maintain services providing authoritative control of af.mil and af.smil.mil DNS domains for the Air Force.Administer Tactical IP (TACIP) addresses and provide DNS services for deployed unit exercises and real world contingencies.Responsible for overseeing intrusion detection, boundary protection and vulnerability assessment operations to defend the Air Force Network (AFNET). Provide senior level interface between AFCERT’s NetD operators and the 24th Air Force leadership. Monitors, operates and maintains intrusion detection systems, firewalls, load balancers, and web proxies’ servers to protect AFNET resources from both internal and external threats while conforming to DISA Security Technical Implementation Guide (STIG). Provide management and configuration of the security devices in the Gateways, the IMS, and local LAN boundary (both SIPR and NIPR)

Lead a 5 person team to support the network security environment for the Environmental Protection Agency. Strong knowledge in IDS/IPS technologies, both stand-alone and firewall-integrated. Knowledge in security policy review and the ability to recommend changes in network architecture to support network security efforts is required. Firewall rule review and recommendations for improvement will be necessary. Cloud security knowledge to ensure the EPA's outsourced WAN environment is secure; integration with cloud providers and the ability to work with external vendors.

Security analysts needed to staff a 24x7 Security Operations Center (SOC). Responsibilities: Provide first level IDS monitoring, analysis and incident response to information security alerts events. Analyze network traffic and IDS alerts to assess, prioritize and differentiate between potential intrusion attempts and false alarms. Launch and track investigations to resolution. Compose and send alert notifications. Advise incident responders in the steps to take to investigate and resolve computer security incidents. Recommend IDS filters to eliminate false positives. The ideal candidate should be able to multitask and give equal attention to a variety of functions while under pressure. Speed and accuracy are essential, as is the ability to make quick, informed decisions while facing a deadline. Knowledge of one or more of the following information security disciplines: Intrusion Detection System (IDS) monitoring, incident response, information assurance, computer security best practices, system hardening, vulnerability assessment, vulnerability management, antivirus, firewalls, and techniques for analyzing TCP/IP network traffic and event logs. Project management skills desired but not required. Experience with IDS software such as Enterasys Dragon, SourceFire, Snort or Cisco Secure IDS, log event correlation / Security Information Management (SIM) tools such as ArcSight, vulnerability assessment tools such as Nessus and network analysis / sniffer tools such as WireShark. Experience working in a large government or corporate enterprise environment.

• Utilization of tools that enable the real-time monitoring of the company's major platforms and telecommunications network. Recommend, develop, and implement enhancements that improve operational performance. • Development, planning, and execution of bi-annual disaster recovery testing of the company's backup, recovery and restore processes. • Administration of access controls to the company's information systems according to procedures and authorizations established by the company. • Development of processes and procedures that ensure the successful implementation of software applications and technology implementations. Involved with operational testing, documentation, and resolution of issues prior to deployment into a production environment. • Work closely with the team to properly report system performance, service level achievements and key statistics on system availability and reliability.

• Monitor system performance on a daily basis to insure adequate response times for production applications• Perform automation, monitoring and consolidation within UNIX platforms• Perform research and development on new products, technologies, and operating systems• Install, configure, maintain, and troubleshoot UNIX operating systems and related system components• Provide 7x24X365 Enterprise level troubleshooting and support for hardware and network devices to include server hardware, disk storage units, backup devices, network printers, and SAN technology

• Serves as an operator at Data Center Operations, Development, OPS Hosting Centers• Ensures that all problems are reported within the Remedy ticket management system• Control production utilizing the automated scheduling systems to ensure that programs and jobs are completed in the time required by the customer• Monitor server software via system monitoring tools, and respond appropriately to alarms• Manage Backup, Recovery, and Restore Remedy tickets with Sun and Dewpoint• Monitor Backups and Recoveries in Windows and UNIX with Veritas NetBackup • SBS Project Liaison between Sun Microsystems and the State of Michigan Server Teams• Help Desk Support includes: responding to and documenting project inquires

Non-Commissioned Officer - United States Marine Corps (1997-2005). Operation Enduring Freedom Veteran, 26th MEU. Numerous Service Decorations and Awards. Honorable Discharge - October 2005.