• Applied secure-by-design principles and best practices to protect Breville's global hybrid environment spanning Azure, AWS, and on-premises infrastructure.• Implemented Azure Identity Protection with User Risk and Sign-in Risk policies, enforcing MFA through Conditional Access Policies to secure high-risk accounts and applying company-wide MFA enforcement for enhanced access control.• Managed and optimized Microsoft Defender solutions, including Defender for Cloud, Cloud Apps, Servers, Storage, Endpoints, and Key Vault.• Built and operationalized a Security Operations Center (SOC) at Breville using Azure Sentinel,integrating data connectors, custom log ingestion mechanisms and implementing custom analyticrules for real-time threat detection and alerting.• Enabled Security Orchestration, Automation, and Response (SOAR) capabilities through AzureSentinel logic apps, automating incident response workflows to enhance operational efficiency andreduce response times enabling actions such as automated antivirus scans, ticket creation, user blocking, MFA enforcement, session revocation, password resets and more. • Implemented robust vulnerability assessment solutions for web applications, cloud environments,servers, and endpoints using tools like Tenable, Qualys, Defender for Endpoint & Servers, andMicrosoft Defender Vulnerability Management (MDVM).• Deployed Microsoft Defender for Endpoints Extended Detection and Response (XDR) across servers and endpoints, tailoring policies to protect sensitive systems.• Established and executed incident response processes for network and application vulnerabilities/attacks, ensuring swift containment and mitigation.• Conducted threat modeling to proactively identify vulnerabilities in system architecture anddesign during our third party risk assessment reviews.• Administered email security and data protection using Microsoft 365 tools such as Purview and Defender XDR, Information Protection, Identity, Cloud Apps, etc.

https://orobi.io

• Implemented and maintained robust security measures to protect network infrastructure and systems, including firewalls, intrusion detection systems, proxies, and vulnerability management processes, ensuring a secure and resilient environment.• Oversaw third-party risk assessment procedures, vetting SaaS and new applications to ensure secure integration into the network while mitigating potential risks to the organization.• Utilized cryptography, Public Key Infrastructure (PKI), and key management to implement secure encryption protocols, manage digital certificates, and oversee the generation, storage, and rotation of cryptographic keys, ensuring the protection of sensitive data and secure communications.• Designed and implemented comprehensive security controls to protect the organization's infrastructure, ensuring robust defense against cyber threats and alignment with industry best practices.• Developed a Python-based program to automate secure email delivery for multiple security functions, improving operational efficiency and reliability.• Conducted advanced incident response operations using Splunk SIEM, investigating and resolving network-related security alerts to safeguard critical infrastructure.• Responded to and mitigated various security incidents, including malware detection, beaconing, system exploits, privilege escalation, and IAM-related threats, ensuring rapid threat containment and remediation.• Managed and optimized the McAfee XDR solution for The Aerospace Corporation, conducting in-depth investigations of AV-based alerts and enhancing endpoint security.• Diagnosed, troubleshot, and resolved complex security issues, including firewall configurations, hardware modifications, proxy adjustments, and vulnerability management, to ensure secure infrastructure operations.• Conducted web application vulnerability remediation for public government websites, ensuringcompliance with regulatory and security standards.

Implemented and managed security infrastructure using Cisco products, including Cisco AMP, Umbrella, Meraki, and multiple ASA Firewalls, to enhance threat detection, secure network access, and ensure end-to-end protection for enterprise systems.• Configured and managed Cisco Identity Services Engine (ISE) to enforce secure network access policies, implement role-based access controls, and enhance endpoint visibility and compliance.• Conducted comprehensive vulnerability scans using Qualys to identify, prioritize, and remediate security gaps across servers, endpoints, and web applications, ensuring a robust and secure environment.• Extensive experience in cloud and on-premises security engineering, designing and implementing robust security architectures, access controls, and threat mitigation strategies to protect hybrid environments.• MonitorednetworklogsandsecurityeventsusingSolarWindsLogEventManager(SIEM)to identify and respond to potential threats.• Conducted incident response operations for alerts generated by Sophos Antivirus, SCEP, Cisco AMP and Defender for Endpoint antivirus solutions, ensuring rapid detection and remediation.• Investigated suspicious user activity through identity management systems to identify potentialsecurity breaches or policy violations.• Spearheaded Azure security operations, including managing identity governance and accesscontrols through Azure AD, ensuring secure authentication, role-based access, and complianceacross cloud environments.• Implemented, monitored, and maintained anti-malware protections on over 1,000 systems tosafeguard against cyber threats.• Enforced technical and administrative controls to maintain compliance with HIPAA, HITECH,PCI-DSS, and NIST security frameworks.Reduced spam emails and enforced data loss prevention (DLP) rules by configuring email filtersand rules with the Barracuda Email Security Gateway.• Applied URL filtering policies using Palo Alto Firewalls

• Directed a team of four, overseeing daily department operations, analyzing workflows, establishing priorities, developing security standards, and managing project timelines.• Accountable for the operation, installation, and maintenance of computer, network, and telecommunications systems valued at over $20 million.• Configured Cisco routers, switches, and IPS/IDS systems to support secure operations on SIPRNET and NIPRNET networks.• Appointed as custodian for the distribution and destruction of COMSEC Firefly and PPK keys, ensuring compliance with security protocols.• Implemented and maintained antivirus clients and definitions on over 600 endpoints, ensuring software security and compliance with patching requirements.• Engaged in incident response, disaster recovery, and business continuity planning to maintain operational resilience.• Performed cybersecurity risk analysis and risk management to evaluate design requirements and ensure secure system configurations.• Configured and defined parameters for installation and testing of LAN, WAN, TCP/IP networks, routing, switching, firewalls, servers, controllers, and multiplexers.• Designed, implemented, and monitored network security solutions, including VPNs, VLANs, DNS, DHCP, 802.1X, port security, and system hardening techniques, adhering to DoD security policies.• Managed System Center Configuration Manager (SCCM 2012) to create and configure devicecollections for deploying updates, patches, and hotfixes, remediating vulnerabilities across thenetwork.• Conducted software and application vulnerability scans on DoD networks using the AssuredCompliance Assessment Solution (ACAS) tool, ensuring alignment with compliance standards.• Monitored and reviewed logs and reports from Splunk, network firewalls, and IDS/IPS systems forsuspicious activities across more than 5,000 systems, identifying and addressing potential threats.

- Push out patches, updates, hot fixes, and packages using System Center Configuration Manager (SCCM) to resolve vulnerabilities on the network.- Monitor industry websites or publications for information about patches, releases, viruses, or potential problem identification. (CVE's, IAVM's, OWASP)-Use the Assured Compliance Assessment Solution (ACAS) to conduct vulnerability scans on the network to identify new or existing vulnerabilities on systems by using Nessus scanners.-Use of Active Directory to create, delete, or edit new users, groups, organizational units, systems, etc. -Perform Security Technical Implementation Guides (STIGs) on windows servers 2008, 2012- Communicate request for changes or technical issues to management or non- technical personnel -Assure all systems on the network remain compliant with security policies and assure no vulnerabilities are over looked on any system on the network.