Manage FedRAMP and DoD Cloud Computing Security Requirements Guide Compliance for Zscaler Internet Access (ZIA) and Zscaler Digital Experience (ZDX).

I volunteer in leading Denver's chapter of Trout Unlimited. We work to conserve and protect Denver's stretch of the South Platte River.

The Cloud Service Providers - Advisory Board (CSP-AB) represents the world’s leading cloud companies and supports standards and policies that promote and enable secure cloud adoption in the public and private sectors. Our member companies are global leaders in the drive to provide safe, scalable, and accredited digital government services, with a focus on both the civil servants delivering those services and the end-users receiving them.

Lead VMware's efforts for Department of Defense and Intelligence Community cloud workloads

Lead VMware's efforts for Department of Defense and Intelligence Community cloud workloads

As the leading FedRAMP 3PAO in the industry, we provide FedRAMP advisory and assessment services to CSPs (IaaS / PaaS / SaaS). You’ll benefit from our unparalleled FedRAMP leadership and experience advising and assessing the world’s largest CSPs. View our FedRAMP-authorized clients on the official FedRAMP.gov site.Readiness assessment – we conduct a technical capability assessment to ensure you meet the minimum requirements to achieve a FedRAMP ATO. This is required for CSPs pursuing a JAB authorization. Some agencies are starting to make this a requirement as well, so ask your agency sponsor.FedRAMP assessment – this full technical assessment ensures your compliance with NIST SP 800-53 Revision 4 and FedRAMP controls. We serve as the independent 3PAO to develop the 3PAO-required FedRAMP documentation, including a security assessment plan (SAP), security requirements traceability matrix (SRTM) to document assessment results, and security assessment report (SAR). We assess manual security controls; conduct vulnerability scans on all operating systems, web applications, and databases; and perform a penetration test on your offering.

Managed the Governance, Risk and Compliance (GRC) of five separate U.S. Army networks supporting 30,000+ end users utilizing NIST SP 800-37 | Managed and tested the implementation of security controls using NIST SP 800-53/53a | Audited cybersecurity and physical security controls during inspections on subordinate units | Managed and tracked RMF compliance usingthe eMASS GRC application | Conducted incident response to identify, detect, respond and sustain networks from adversarial cyber attacks | Conducted vulnerability analysis and remediation actions | Managed firewall change requests | Developed a budget and schedule as part of a cybersecurity inspection program | Briefed senior-level military officers and civilian officials on the current cybersecurity posture of U.S. Army networks in Europe | Wrote technical papers and decision memorandum used to enable military commanders to make cybersecurity decisions | Oversaw identity access management | Utilized business intelligence tools to streamline reporting for commanders | Served as a voting member on a cybersecurity configuration control board | Tailored security control implementation to meet customer requirements | Led multiple change initiatives focused on securing the organization and making business processes more effective

Monitored network availability and performance | Conducted vulnerability analysis and remediation actions | Gathered customer requirements and built custom work-flows and tools with MS SharePoint Designer | Implemented meta-data standards for knowledge management | Audited SharePoint and file shares for PII | Delivered SharePoint training sessions | Performed Systems Administration | Monitored performance of virtual machines

Managed the entire IT Department for a 150-user environment | Analyzed and mitigated network vulnerabilities discovered by Qualys vulnerability scanner | Managed group policy and permissions in a Windows environment | Maintained, patched, and backed up Servers | Configured HP and CISCO routers, switches, and wireless access points according to company cybersecurity policies | Assisted and coordinated with the Engineering department regarding the installation, operation,and maintenance of all IT based Television Systems while maintaining cybersecurity compliance