Reporting to the Chief Operating Officer, I oversee the cybersecurity program for Renovo Financial.

Oversee Cybersecurity Operations for 96 facilities from a reactive to a proactive state and empower businesses acceleration and transformation of technology in a digital age. Utilize next-generation digital workplace technologies and business solutions powered. Optimize business value, security, and efficiency. Manage $18M budget, $9M allocated for employees and projects. Established a forensics lab for malware analysis. Collaborated with Compliance and Internal Audit to create Risk Register tool and establish a Risk Committee. Established plan to integrate the Mitre ATT&CK Framework into future state of operations. • Significantly reduced critical patches and from five years behind schedule to only behind sixty days. • Reduced overall data footprint for sensitive information by identifying 180M+ duplicate and unencrypted files of data (PHI, PII, and PCI) by driving data governance programs to optimize the company’s data footprint.• Shrank outsourcing costs by 76% by insourcing digital forensics.• Saved $400K through allocations and reduced licensing costs across 99 facilities.Direct and supervise 40 employees on four separate teams:1. Security Operations Center and Incident Handling, increased maturity scale from .5 in maturity scale to 3.0., and reduced Incident Ticket times from 21 days to 4 days2. Threat and Vulnerability Management, track & mitigate risks, manage attack and penetration test findings, resolve issues mapped to the CIS 20 framework. Track and measure patch levels, coordinate scanning, and up-to-date patches are. 3. Security Engineering and Project Management Team, executing multiple simultaneous projects, including an EDR proof of concept project, data loss prevention project, anti-virus project, Google Cloud migration projects, and SEIM replacement concept project. 4. Security Support Team, reduce average daily helpdesk tickets 70%, from 800 in the queue to 240.

Managed and supervised 14 employees (grew from 10 employees) and oversaw $2.5M project budget for security operations center (SOC) for a Fortune 50 entity in support of SIEM application SPLUNK. • Reduced task requirements by 20% by collaborating with team to prioritize SIEM whitelisting and tuning.• Maintained extremely low turnover rate (one employee in two years) by creating dependable talent pipeline and competitive salaries to retain talent while established business relationship with security training company to onboard effective junior analysts.

Oversaw government and military entity's cybersecurity and intelligence contracts. Assisted with business development, contract proposals, budgeting, and contract profitability assessments. Determined benefits and drawbacks of insider threat COTS versus customer program. Conducted proactive searches, performed incident response, and managed open tickets.• Assisted with work management for security incidents; trained and developed 5 company and government employees.• Monitored various SIEMs for events and supported development of insider threat SIEM for DoD customers.• Generated $5M in revenue in 2018 by playing a critical role in company’s selection for military entity contracts.• Received multiple $4M awards in support of development and credited with the creation of enterprise security sales program, including presentation development. • Facilitated contract expansion from 3 to 5 technical professionals with additional slots with prime contractor.• Achieved 100% compliance by preparing CERT for inspection by gathering artifacts.

Oversaw corporate security for 2000+ corporate and franchisees’ stores for one of the world’s top 3 restaurant chains, with $1.9B in sales. Managed, monitored, and tuned enterprise SIEM. Oversaw security incident investigations. Advised on security for IT projects implemented in corporate environment. Created reporting and tracked metrics for executive-level leadership review.• Ensured optimal performance and detection results by expertly monitoring and administering assigned security controls.• Spearheaded $1M LogRhythm SIEM implementation project, monitored for attacks, tracked system metrics, and improved functionality through creation of signatures and tuning of set signatures. • Evaluated tools provided by 3rd party security vendors, including cost analyses, which helped CIO determine optimal solutions for franchisees.• Served on Incident Response Team; participated in security incident response efforts by maintaining up-to-date knowledge of common security exploits, vulnerabilities, and countermeasures.• Provided technical assistance with initial setup and secure deployment of virus detection systems, firewall content filtering systems, Web site blocking systems, intrusion detection and prevention systems, and other security / compliance systems.

Served as Defense Enterprise Computing Centers (DECC) Columbus Information Assurance (IA) point of contact (POC) and technical advisor for DECC Area of Responsibility (AOR) customers including US DoD combat support agency providing IT and communications support to President, Vice President, Secretary of Defense, military services, combatant commands, and other individual and system contributing to defense of US networks.• Provided IA services, assistance, and guidance on intrusion incident reporting, containment, restoration, and responsive procedures. • Planned and performed real-time assessment analysis and evaluation of ADP systems and network problems. • Directed and implemented immediate solutions affecting containment of detected network intrusions. • Conducted assessments and reporting of technical findings and offered recommendations on issues relating to IA Operations Control and Incident Management.• Coordinated efforts in isolating, analyzing, identifying, and resolving highly complex intrusion response procedures with AOR IS managers located in DISA Computing Services DECCs, and other DoD departments.• Served as technical advisor and consultant on matters involving DECC network IDS components.• Supported IA management infrastructure, provided system administration implementation and relocation of automation infrastructure, UNIX, NT, and WIN2000 network servers and remotely deployed IDSs at DoD DMZs, DECC detachments, and other network intrusion ADP systems.

Monitored, analyzed, and researched security incidents on government networks for DISA. Served as IA POC for DECC AOR; provided IA services for intrusion incident reporting, containment, restoration, and responsive procedures. Monitored remotely deployed IDSs located within DoD DMZs and DISA CSD NIPRNet and SIPRNet Network enclaves and information systems. Utilized intelligence gathered from commercial IA vendors and government agency websites to tailor intrusion detection systems to combat ongoing threats. Performed in-depth analysis to determine nature and extent of issues following network security events.• Oversaw International Security Assistance Force (ISAF) network and Multi-national Information Sharing Network, which included Combined Enterprise Regional Information Exchange System (CENTRIXS) and Griffin.• Maintained and updated IA contacts for AORs coordinating with identity and access management (IAM) at local sites to acquire information for threats posed, initiated remediation, and corrective action.• Updated versions and patch levels of software and wrote signatures for IDS to prevent DoD network exploits.• Trained 10 personnel on additional IDS systems, including Cross-Domain Enterprise All-Source User Repository (CENTAUR), Monitoring Analyst and Response System (MARS), and Host-Based Security System (HBSS).

Served as lead system administrator for multiple sites in Afghanistan. Handled server issues, updated and patched servers, and removed vulnerabilities quarterly. Troubleshot server and customer workstation software and hardware issues. Managed country helpdesk and trained users on various functions in systems and helpdesk.