Responsible for continuous improvement of defensive Cybersecurity Operations, Incident Response, and Vulnerability Management. Major advisor to CISO/CTO/CIO in all Information Security matters. Additionally, I provide executive support to internal and outside legal teams for compliance and litigation efforts.Current certifications: CISSP, CISM, GCIA, GCED, GSEC, GCCC; GIAC Advisory Board.

• Executed a plan addressing attack surface cyber risk reducing cyber insurance costs by 30%.• Established a risk assessment process to quickly assess and approve requests from business and technology units.• Established a robust managed detection and response program improving incident response key performance indicators.• Expanded cybersecurity use cases to detect and contain modern threats to cloud and on-prem business systems.• Expanded the vulnerability management program to cover a growing cloud footprint increasing asset and vulnerability discovery by 25%.• Improved enterprise-wide incident response processes facilitating purple team exercises and executive tabletops.

I built and led the Cybersecurity Operations Center (CSOC) and Incident Response program for a national ISP-telecom.• Expanded cybersecurity operations, hiring and maturing a large team of high caliber cyber defenders.• Established an effective program to train defensive cybersecurity skills in house.• Fostered an environment of learning and professional growth for all defenders, resulting in an extremely low turnover rate. Something very rare in cybersecurity operations.• Matured capabilities, processes, and use cases reducing meantime to detect and mean time to respond key performance indicators.• Established enterprise threat hunting operations to detect Advanced Persistent Threats and zero-day Indicators of Compromise in the environment.• Led all major cyber incident response efforts across the enterprise containing threat actors before accessing critical data.• Built a robust user awareness training program from the ground up.• Major adviser to the CISO and CDIO in all Information Security matters.• Authored company policies for data classification, system security, and critical controls.• Gartner CISO Coalition participant.• Authored and tested the company Incident Response plan.• Facilitated third-party auditors ensuring successful review of PCI-DSS security controls and monitoring.• Provided latest threat intelligence in a meaningful way to relevant stakeholders.• Provided expertise to shape company policy regarding controls, acceptable use, and industry best practices.

Stopped by for a quick cup of coffee.

Established cybersecurity operations for a national telecom/ISP.• Hired and trained a team of analysts focused on defending the enterprise.• Defined processes and playbooks for security event triage and response.• Coordinated "Purple Team" exercises to train analysts in current threat detection.• Led Incident Response efforts while working with internal and external stakeholders across organizations.

• Led efforts to build out cybersecurity operations tools for a large enterprise including defining workflows, processes, and policies.• Authored the company Incident Response Playbook.• Major contributor for the implementation of SIEM in a large environment, including build out of use cases and correlation rules.• Proficient with CrowdStrike Falcon endpoint detection and response (EDR).• Proficient with WireShark and tcpdump for packet inspection and incident triage (GCIA certified).• Proficient with Indicators of Compromise (IOC) on Windows, Linux, and network device endpoints.• Proficient with Linux and Windows server hardening.• Created security dashboards in Splunk increasing visibility into the PCI-DSS environment.• Updated multiple policies and procedures to incorporate best practices and compliance with NIST 800 series and the CIS Critical Security Controls.• Facilitated third-party auditors ensuring successful review of PCI-DSS security controls and monitoring.• Provided latest threat intelligence to relevant stakeholders utilizing multiple threat feeds and resources.• Major adviser to Governance, Risk, and Compliance leaders regarding controls, acceptable use, and industry best practices.• Major contributor for a large project to implement the CIS Critical Security Controls across the enterprise (GCCC certified).

I was contracted to Frontier Communications during this period. • Engineered and administered Storage Area Networking for critical business applications.• Administered and managed security access to data shares for the enterprise.• Authored company backup and restore, acceptable use, and disaster recovery application policies.

I retired from the Navy as a Chief Naval Aircrewman (Avionics). I have held many leadership positions and technical roles over my 20 year military career. I worked very hard to establish my reputation as a leader within a highly technical and specialized aviation community. I have extensive program management and avionics expertise in Navy Intelligence, Surveillance, and Reconnaissance (ISR) platforms. Most of all; I know how to lead people in challenging environments. If you would like to know more about my military experience; please feel free to ask.• Managed combat reconnaissance operations for the largest special mission unit in Naval Aviation.• Performed various leading technical roles while flying in combat patrol and reconnaissance aircraft.