• I led and mentored the Cyber Defense Response team, enhancing operational protocols and response efficiency to security events, significantly reducing recovery time.• Serve as the primary escalation contact, managing critical incident response activities for high- priority incidents, streamlining processes, and improving threat mitigation.• Drive strategic development and implementation of advanced cybersecurity systems, tools, and technologies, significantly bolstering detection and response capabilities.• Pioneer the development of a comprehensive Cyber Defense documentation and knowledge base, optimizing incident response protocols and streamlining team onboarding.• Design and implement Python-based automation of key security processes, crafting custom tools that heighten the incident response team's efficiency and effectiveness.• Engineer a custom webhook integration between disparate ticketing systems, elevating inter- system communication and operational workflow for incident tracking and resolution.• Successfully orchestrated the migration of SIEM environments from Splunk to Chronicle, advancing threat intelligence capabilities and operational efficiency.• Conceptualize and deliver a detailed training program for Scion Health’s new incident response team, ensuring they are fully prepared for various cybersecurity challenges.• Conduct interactive training sessions tailored to the organization's unique needs, covering crucial aspects of incident detection, response strategies, and post-incident analysis.• Provide ongoing mentorship and support, leading to the development of a proficient team adept at handling complex cybersecurity incidents.• Develop a strategic and tactical playbook for standardized incident response procedures, guaranteeing swift and coordinated actions during security events.

Served as a cornerstone of the Information Protection and Governance and Cloud Security Team, orchestrating critical initiatives in third-party risk management and setting benchmarks for information security standards. Played a decisive role in the Technical Review Board, guiding risk assessment protocols and cloud security strategies in alignment with NIST standards, which are widely acknowledged throughout LifePoint facilities.Highlights:• Collaborated with C-suite and senior leaders to develop and refine robust information protection protocols, aligning security measures with organizational goals.• Led comprehensive NIST-based risk assessments across the organization, enhancing security frameworks for all facilities, including corporate headquarters.• I drove third-party risk management processes, championing the Technical Review Board's mission to mitigate potential security risks effectively.• Delivered third-party vendor risk management services for Scion Health, establishing a track record of thorough risk analysis and mitigation.• Crafted and managed a repository of information security policies, bolstering the organization's security infrastructure.• Innovated by creating a Python-based scripting platform utilizing vendor APIs to automate reporting, increasing operational efficiency.• Developed dynamic Power BI dashboards to demystify complex data, enabling informed decision-making across the enterprise.• Implemented Azure Information Protection and Microsoft CASB solutions, enhancing data classification and security labeling processes.• Managed and safeguarded a PostgreSQL database for information protection reporting, ensuring data integrity and accessibility.• I led the strategic direction of the cyber liability renewal initiative, reinforcing LifePoint's position at the forefront of cybersecurity defense.

In coordination with the firm’s CIO, I established the firm’s Technical Systems Department and currently serve as the Technical Systems Manager and Chief Privacy Officer for Cumberland – a national healthcare consulting and services firm providing consulting and outsourced managed services to clients in the payer, provider and life sciences verticals. Highlights:• Working directly with C-level management to manage daily operations and support of technology resources including cloud resources, information security management, team management, vendor relations, budgeting, contract negotiation, and performance management • Manage IT resources and infrastructure in multi-state locations as well as third-party MSP management in each location• Lead IT security and compliance initiatives from the ground-up, including policy and procedure development, control selection, user acceptance, and user awareness• Manage the firm’s information security program including policy creation and maintenance, control management and risk assessment• Manage the firm’s annual security and compliance assessments and penetration tests• Spearheaded the firm’s HITRUST certification from planning through implementation• Managed the technology integration of four separate corporate acquisitions over multiple years, providing seamless migration for newly acquired assets and employees• Responsible for the design, implementation, and migration of on-premise to Azure cloud services and Azure AD services• Managed the selection and implementation of Ring Central call center services for Cumberland’s managed services division• Implemented Kaseya VSA for system administration• Implemented Intune MDM for mobile devices and deployed endpoints. Created security policies that aligned with the firm’s business goals as well as our established Information Security Management Program• Established new-hire training and Security Awareness training programs

Served as Information Technology Director for a state agency responsible for post-conviction death penalty defense. Served as a key member of the departmental leadership team as well as management advisory committee member. Responsible for all day-to-day operations as well as long term strategic planning for future IT related resources.Highlights:• Implemented a department wide document management system containing over 1.5 million documents. This greatly increased the productivity of litigation teams preparing for hearings• Implemented remote access technologies which gave “access anywhere” abilities for our department as well as co-counsel• Implemented disaster recovery protocols and technologies to ensure business continuity• Served as member of the management advisory committee working closely with other members to develop viable technology plans for future growth• Digitized evidence and served as expert technology witness in death penalty hearings• Performed all infrastructure implementation and maintenance