Serves as a Director running Jefferson Wells Penetration Testing group, also serves as an IT Consultant to multiple companies and across various business segments to lead IT security-specific projects designed to increase compliance, transparency, stability, and security. Maintain a constant pulse on project activities to drive increased velocity and resilience through consistent delivery of project management services. Ensure that project stakeholders analyze organizational impacts, manage deliverables, and align resources outlined in project plans for vulnerability testing and compliance auditing success. Develop and deliver security programs that address identified risks from testing and propose changes to existing policies to ensure operational efficiency and regulatory compliance.Manages seventeen Penetration Testers through a variety of penetration testing engagements. That include infrastructure / Applications /APIs/ Wireless/ Security Reviews and various Social Engineering engagements.Increased overall revenue by over 80%.Manage the process of gathering, analyzing, and assessing the current and future threat landscape to perform technical assessments and recommend remediation strategies.Lead security-related projects from inception to successful completion by assisting the IT staff to respond to security audit failures, threats, and vulnerabilities.Consult with the client’s broader IT team to ensure security remains at the forefront and is factored into the evaluation, selection, installation, and configuration of hardware, applications, and software.Coordinate, measure, and report on the technical aspects of security management to keep client stakeholders current on residual risks uncovered.

Serves as a Senior Technical Manager running Jefferson Wells Penetration Testing group, also serves as an IT Consultant to multiple companies and across various business segments to lead IT security-specific projects designed to increase compliance, transparency, stability, and security. Maintain a constant pulse on project activities to drive increased velocity and resilience through consistent delivery of project management services. Ensure that project stakeholders analyze organizational impacts, manage deliverables, and align resources outlined in project plans for vulnerability testing and compliance auditing success. Develop and deliver security programs that address identified risks from testing and propose changes to existing policies to ensure operational efficiency and regulatory compliance.Manages ten Penetration Testers through a variety of penetration testing engagements. That include infrastructure / Applications /APIs/ Wireless/ Security Reviews and various Social Engineering engagements.Manages the process of gathering, analyzing, and assessing the current and future threat landscape to perform technical assessments and recommend remediation strategies.Lead security-related projects from inception to successful completion by assisting the IT staff to respond to security audit failures, threats, and vulnerabilities.Consult with the client’s broader IT team to ensure security remains at the forefront and is factored into the evaluation, selection, installation, and configuration of hardware, applications, and software.Coordinate, measure, and report on the technical aspects of security management to keep client stakeholders current on residual risks uncovered.

Assessed the security and compliance of client firms against FFIEC, GLBA, and HIPAA security standards, industry requirements, and best practice frameworks. Designed security program transformation activities by understanding the interdependencies and interconnectivity of applications and services. Led client-facing meetings to develop risk assessments, Business Continuity Plans (BCP), and IT security policies. Worked in tandem with project managers and other delivery team members to manage project timelines and deliverables. Interact with clients throughout the entire auditing engagement to serve as a subject matter expert on FFIEC, GLBA, and HIPAA compliance standards.Documented the execution of information security controls and any findings uncovered during the control validation lifecycle.Consulted with system administrators and application owners to develop repeatable control processes, including procedures, narratives, and metric reporting.Communicated potential control gaps along with recommended remediation plans to assist clients in passing IT regulatory examinations.Provided mentorship to junior-level team members to increase their knowledge and assist them in progressing on their career path.Developed internal processes, audit methodologies, and programs to assist clients in transforming their business into a fully compliant and audit-proof organization.Led 80+ IT audits for financial institutions and healthcare organizations, which significantly increased efficiencies within the client’s IT Security and Compliance Departments.Completed 20+ web application security reviews (ASRs) and penetration tests according to PCI and OWASP Data Security Standards.

Delivered security administration support for Active Director policies, monitored suspicious network activity, and cleaned up systems once viruses were identified. Served as the lead trainer during a company-wide technology upgrade by educating end-users on use of equipment and applications. Developed SOPs and policies associated with a wireless Data Center and initiated the purchasing process for employee-requested software. Completed desktop maintenance, peripheral repair, installations, application support, troubleshooting, and end-user support. Translated technology-related concepts into simpler terms to assist employees to work through technical difficulties and resolve workstation-related issues. Analyzed system capabilities to resolve application issues by understanding the interdependencies across the entire operating platform. Investigated system problems and provided solutions using specific product knowledge, system utilities, and operating environment protocols.