Merchants, payment software vendors, and merchant acquirers use InterPayments to recover processing fees without compliance risks.

Nintendo Switch proficient, Dutch Wonderland Gauntlet, Great Wolf Lodge Swim Team

The 3 Cs - Cybersecurity, Cloud, and Compliance.100% remote workforce.Creating change within an organization to move the business forward.And tons of Google Cloud Platform architecting and managing.

Designing and implementing a Zero Trust Security Program in a SOC2 and HIPAA compliant environment. Bringing DevSecOps practices with practical solutions to a Data focused organization.

Architecting, integrating, and automating vulnerability management into operational and business processes. Taking an array of disparate tools and bringing them together to help create a cohesive security organization. Automating processes, ingesting data, and making good decisions using a combination of commercial off the shelf and open source tools to implement security controls. Creating meaningful presentations to communicate risk and assessments to be communicated to executives throughout the global organization. Design and implement vulnerability management strategies to meet PCI compliance and effectively reduce risk of the windows, Unix/Linux, IBM zOS/RACF environment. Provide guidance in addressing Vulnerability Assessment and use Hardening guidelines such as CIS on virtual images to minimize attack surface area and exploits.As greenfield cloud services (Azure, GCP) are rolled out make sure vulnerability management is firmly in place as well as other security controls. Work closely with various teams to ensure security is ingrained within the culture.Use my diverse experience to provide leadership, direction, and strategy for the team and the cybersecurity program.

As a member of Comcast Global Audit (formerly CAAT) I was responsible for evaluating scope, creating audit programs, and engaging with executives in the organization to assist in their efforts to align with Comcast/NBCUniversal's policies and priorities. I have come to focus on security from the perspective of Secure Software Development Life Cycle (SSDLC), Application, Infrastructure Vulnerability Management, and Platform Operations. My broad technology experience enabled me to expand the scope of what we are able to evaluate when partnering a client so they are to align with policies, procedures, guidelines, and best practices.

Responsible for threat hunting and remediation strategies throughout the organization.Continuously monitor the security posture of existing controls and evaluate for improvement.Create meaningful metrics and refine them for delivery to Enterprise Risk and Board members.Penetration testing of internal critical applications on a regular basis.Ensure our vulnerability management meets and exceeds PCI compliance.Maintenance of our security infrastructure and expanding its scope and efficacy.Communicating threats to all levels of the organization in an effective manner.Perform incident response as necessary according to established guidelines.Be aware and aid in maintaining compliance with policies created from compliance and audit frameworks (PCI-DSS, ISO 27001:2013, NIST).Monitor, improve, and expand the SOC functionality using various products (SIEM, DLP, IPS/IDS) for detection and data analysis.Manage the transformation, normalization, and analysis of internal threat data.Perform internal and external penetration tests of critical applications on a regular basis.Pro-actively analyze controls and policies for gaps and propose solutions.Monitor our Threat Intelligence feed and react to information that is relevant to our environment.Preform regular audits of Firewall, Cloud, and Identity security policies.And of course, Threat & Vulnerability Management and Cyber-security in general.Auditing our Amazon Web Services (AWS) environment to establish security best practices and guidelines and critical services were transitioned off-prem. Provided regular audits of the CheckPoint firewalls.Engage in Security Incident Response per departmental runbooks and guidelines. Engage in Forensic analysis of company assets as necessary while using procedures to maintain chain of custody.

Responsible for the storage, virtualization, and system maintenance in multiple data centers. Compliance PCI was focus of creating and maintaining a Secure Network Architecture while still meeting the needs of the business.