Cybersecurity Engineer | Enhancing Security & Compliance at Christian Healthcare MinistriesIn my role as a Cybersecurity Engineer, I play a pivotal role in securing CHM’s digital assets and information by leading cybersecurity initiatives, ensuring compliance, and implementing forward-looking security solutions. Key aspects of my work include:Security Architecture Design: Developing secure IT infrastructures and systems architectures to safeguard sensitive information.Incident Response Leadership: Leading and coordinating response efforts for security incidents, driving swift and effective mitigation.Compliance & Governance: Ensuring alignment with CHM policies and industry frameworks like CIS, and maintaining adherence to regulatory standards.Strategic Cybersecurity Initiatives: Spearheading projects and initiatives that fortify CHM’s security posture against evolving cyber threats.Advanced Security Solutions: Designing and implementing solutions that address complex cybersecurity challenges.In addition, I collaborate with cross-functional teams, manage vendor relationships, and lead key projects, contributing to a proactive cybersecurity strategy. Highlights of my responsibilities includes:Developing business use cases to support cyber strategies, creating roadmaps for enhancing security across CHM.Crafting incident response playbooks and standard operating procedures aligned with best practicesDesigning cybersecurity tabletop exercises to prepare teams for real-world threatsContinuously identifying and addressing security gaps, supporting each initiative with a business case, challenges, benefits, and implementation plans.With a commitment to continuous learning and professional development, I stay informed on emerging threats and evolving technologies to maintain CHM’s robust security standards.

Certification exam writer for the Certified Incident Handler and Ethical Hacker courses.

Authored and developed course: "Enterprise Incident Response"

Customer Success Manager | Trusted Security Advisor Driving Operational ExcellenceAs a Customer Success Manager at Cyderes, I served as a dedicated security advisor to managed security clients, guiding them in optimizing their security operations and strengthening their cyber defenses. By working closely with our Managed Security Services (MSS) delivery teams, I ensured that every client experienced measurable improvements in their security program performance and maturity.Key elements of my role included:Proactive Security Guidance: Partnering with clients to build tailored, mature roadmaps that highlight the strategic value of our services, aligning security practices with business and IT objectives.Identifying & Resolving Gaps: Assessing customer processes, quality-checking deliverables, and addressing weaknesses to drive continuous improvements and enhance defensive postures.Long-term Relationship Building: Establishing sustainable relationships by aligning with customer needs, offering consultative advice on best practices, and regularly reviewing progress toward security goals.Collaborative Issue Management: Working directly with SOC teams to manage technical issues, support implementation, and deliver knowledge transfer to empower client teams.Documentation & Reporting Excellence: Creating and maintaining critical documentation and reports that align with organizational standards, delivering insights that support informed decision-making.By partnering proactively with clients and focusing on service quality and maturity, I ensured they achieved substantial value from their security investments, reinforcing Cyderes' role as a trusted cybersecurity partner.

Lead SIEM Engineer | Exabeam Specialist Driving Security Innovation and Incident ResponseIn my role as Lead SIEM Engineer, I managed and administered Exabeam, providing strategic oversight and driving continuous improvements across our security environment. I developed and refined critical security processes, empowering our SOC analysts and clients to strengthen their defenses and proactively respond to threats.Key responsibilities included:Exabeam Management & Strategic Improvement: Owning Exabeam’s configuration, tuning, and integrations to optimize security operations, ensuring our environment was consistently fortified against evolving threats.Incident Response & Threat Hunting: Designing and implementing incident response, insider threat, and threat-hunting procedures to address security incidents effectively and proactively.Use Case Development & Alert Tuning: Creating and refining use cases, explaining alert logic, and tuning custom frameworks to enhance detection accuracy and minimize false positives.Collaboration with SOC & Client Support: Partnering with the Customer Success Manager and SOC to support clients, aligning security objectives with business needs, and offering tailored security recommendations.Mentorship & Leadership: Providing guidance and knowledge-sharing for SOC analysts, empowering them to interpret alerts and refine security protocols effectively.Forensic Analysis & Threat Intelligence: Conducting forensic investigations, processing threat intelligence, and implementing insights into Exabeam to bolster detection and response capabilities.This role required staying current with industry trends, offering infrastructure support, and engaging in continuous knowledge sharing to maintain a resilient, proactive security posture for our clients.

• Provide quick and accurate response to any to computer security incidents, such as security breaches and viruses on client’s systems• Conduct security research and digital forensics investigations to identify and resolve wide-ranging security breaches by recommending effective solutions and communicating with technical teams and clients• Delivered excellent network security to small and medium sized business • Ensured the maintenance of all work-related documents, while assessing network and security measures for computer networks and information protections• Educated clients on various security best practices and system configuration standards to ensure system security and resolve issues

Incident Response Leader | Expert in Advanced Threat Management and Client-Focused Security SolutionsIn my role leading incident response teams, I provide strategic guidance and technical expertise to navigate complex security incidents, ensuring comprehensive and effective support for clients facing advanced threats. I specialize in managing high-stakes investigations, aligning security response tactics with client needs, and driving collaborative success across teams.Key responsibilities include:Leadership in Advanced Threat Response: Guiding teams of skilled incident responders and security experts in addressing complex incidents, focusing on advanced persistent threats (APT) and sophisticated threat actors.Client-Centered Incident Management: Collaborating closely with clients, third-party providers, and internal stakeholders to deliver end-to-end incident response services tailored to each client’s specific security needs.Expertise in Threat Actor Tactics: Maintaining an up-to-date understanding of the tactics, techniques, and procedures (TTPs) used by advanced threat actors, ensuring our response strategies evolve alongside emerging attack methods.Proactive Incident Handling & Remediation: Leading efforts in live incident management, analysis, and remediation, with a focus on minimizing impact and reinforcing clients' security postures.Mentorship & Skill Development: Supporting team growth through mentorship, identifying training needs, and encouraging research into new and emerging threats and attack techniques.Comprehensive Incident Response Proficiency: Expertise across all areas of incident response, including incident management, technical investigations of system attacks, forensics, and utilization of incident response tooling.This role requires a commitment to delivering high-impact results, developing client trust, and advancing industry knowledge, ensuring our team stays at the forefront of cybersecurity.

Assigned to USCIS Department of Homeland Security.Lead Exabeam Engineer.Develop and implement strategic improvements and integrations across the environment.Develop incident response, insider threat, and threat hunting procedures.

• Monitor and investigate security systems for any and all signs of intrusion, infection or fraudulent activity. • Analyze and respond to incidents regarding malicious email attachments and links.• Actively involved in all initiatives regarding our anti-virus application Symantec Endpoint Protection.• Member of 24/7 on-call Cyber Emergency Response Team (CERT). • Develop search parameters and dashboards to identify, investigate and remediate cyber or product-related incidents through our log management tool, Splunk Enterprise Security SIEM.• Responsible for log management and feeds into UEBA tool.• Assist in the writing and review of our Incident Response Playbook (security awareness, anti-virus, insider threat procedures, etc.). • Analyze multiple Threat Intelligence feeds and proactively scan our environment for potential threats. • Perform forensic evidence collections of network devices, machines, external drives, and mobile devices during an investigation.• Technical lead for the deployment and development of Endpoint Detection and Response tool – CrowdStrike.• Technical lead for Insider Threat investigations.• Technical lead for Incident Response and investigations.• Technical lead for an insider threat and credential-based attack tool – Exabeam.• Technical lead for cyber intelligence investigations and research, utilizing Open-Source Intelligence, various cyber intelligence groups, and intel sharing teams.• Technical lead for the incorporation of cyber intelligence into other security tools.

• Rollout of EDR tool to all PCs, servers, tuned and reporting results • Implement process to identify all new equipment being deployed on the network • Improve Cyber Operations Playbook • Cyber Operations • Develop action plans as necessary to reduce risk and implement mitigating controls • Implement at least 2 external Penetration Tests with specific targets • Incident Response • Respond to global security issues and ensure timely processing of incidents • Consume, apply and develop threat intelligence and demonstrate active participation in Intelligence Sharing Communities • Develop search parameters and dashboards to identify, investigate and remediate cyber or product related incidents through our Enterprise Security SIEM • Perform forensic evidence collections of machines, external drives, and mobile devices during an investigation • Threat Hunting • Drive accountability for project outcomes through governance • Implement Top 10 projects for 2018 and meet major milestones for projects spanning multiple years • Member of 24/7 on-call Cyber Emergency Response Team (CERT)

I worked as an Information Security Consultant as part of the Incident Response team within an Advanced Threats Defense practice. This involves using the latest security monitoring technologies to detect malware and hackers, as well as performing essential research and investigations to confirm wide-ranging security breaches.This position includes using Security Information Event Management tools (SIEM), Endpoint Detection & Response tools (EDR), and Network Security Monitoring tools (NSM) including but not limited to: • FireEye Threat Analytics Platform • Splunk • McAfee Enterprise Security Suite • McAfee ePolicy Orchestrator - ePO • Cybereason • Tanium • Resolution1  • CarbonBlack  • FireEye NX • ExabeamThe Incident Response consultant will respond to security alerts, perform investigations and research the threat to confirm security breaches, and drive IT success by drafting recommendations to resolve issues and communicate with teams / clients. The Incident Response consultant must also work directly on client projects as available.

- Utilized broad scope of industry knowledge and dynamic business acumen toward planning, reviewing, and implementing forward-thinking network- and security-related projects at client sites, along with developing solutions to complex network and security issues on clients’ networks.- Delivered results-focused network security assurance to both small- and medium-sized businesses.- Contributed sharp analytical abilities toward planning, implementing, upgrading, and / or monitoring network and security measures for the optimal protection of computer networks and key information.- Consulted with clients to determine IT systems’ role in their organizations, along with making valuable recommendations to clients regarding specific ways to secure all systems and resolve security issues.- Led targeted preparation of analysis of costs and benefits for computing infrastructure upgrades.- Installed, configured, and updated network and security devices, including Windows-based servers.- Successfully responded to computer security breaches and viruses on the client’s behalf.- Designed and developed new systems by choosing and configuring hardware and software.- Actively recommended security best practices and system configuration standards to clients.- Designed and implemented disaster recovery solutions; network-level WAN and LAN connectivity, routers, software firewalls, and security; and hosted and Cloud solutions for customers using technologies that met comprehensive requirements.

Strategically steered set-up, configuration, support, and troubleshooting for Office 365 users, including assisting and performing troubleshooting on Windows Server 2008 and 2012 systems.Exhibited solid multitasking proficiencies toward providing services using VPN and Remote Desktop, along with facilitating Active Directory configuration and management; configuring Group Policy; supporting Exchange Server; and adding and / or removing users, groups, and / or permissions.Expertly supported end users on software applications and provided training as required, along with resolving technical issues involving workstations, servers, printers, networks, and hardware / software.Performed email migrations, and configured, supported, and performed troubleshooting as required.• Improved overall processes by researching, analyzing, and recommending new technologies.• Resolved connectivity issues, including configuring IP addresses, wireless routers, and access points, along with removing viruses, malware, spyware, and adware and installing software.• Configured, supported, and performed troubleshooting duties on Windows XP, 7, 8, and 8.1 operating systems for direct clients, including small businesses, and provided support via telephone, hands-on, and remote access software using different connection tools.