- Collaborate with multiple stakeholders to perform white box and black box web application penetration testing incorporating Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Container Analysis, Dependency Analysis, and manual security testing for Key’s most valuable web assets using industry standard tools to assure vulnerabilities are remediated in a timely manner.- Provide subject matter expertise for Web Application Firewall (WAF) implementations which include oversight, analysis and design, policy and architecture recommendations, application selection and evaluation, development and maintenance of documentation, reports, and dashboards, and coordination with various teams to deliver implementations.- Create and maintain tools to help automate processes for Web Application Firewall configurations and vulnerability report generation. - Manage Key’s Vulnerability Disclosure and Bug Bounty programs by providing first line of defense review and validation of submissions, and work with application stakeholders to develop appropriate and timely remediation plans- Deliver technical security consulting support to address complex business and technology projects and requests while interacting with partners as needed to explain work product, security techniques, methodology and results to ensure appropriate business value. Acts as senior resource for incident response related activities. Collaborate with technical teams for security incident remediation and communication.- Act as senior resource for incident response related activities. Collaborate with technical teams for security incident remediation and communication.

- Responsible for helping to secure Kay Bank’s web infrastructure by creating, maintaining, and integrating Web Application Firewall (WAF) security policies into existing application structure. This includes testing WAF Security Policies to assure policy components are behaving as expected, working with application and support teams to validate application attributes to eliminate false positives, and monitoring and analyzing WAF violations to determine potential application or security impact and provide remediation and guidance when necessary. - Develop custom tools to support the WAF Team’s initiative. This includes custom Web Based applications which directly interact with WAF Policies to provide automation, bulk policy manipulation, audit documentation creation, and simplify the overall WAF policy creation process.- Provide support and guidance to application teams on complex Web Application Security issues. This includes acquiring and maintaining knowledge of application architecture, design and behavior as well as communicating with application and security stakeholders to assure knowledge transfer of security related events. - Help refine the Software Development Lifecycle to assure that ongoing application updates are reflected in WAF Policies. Create and maintain policies, procedures, standards, and guidelines to assure overall project success and repeatability.

- Responsible for leading the Web Application Security Team in securing web based application attack vectors while assuring the highest level of availability for legitimate users. Serve as an application security subject matter expert to our customer base and other Alert Logic Security Teams. - Assure that new and emerging vulnerabilities and threats are addressed before they can impact our clients while also helping to Help facilitate Information Security compliance requirements such as PCI, SOX, HIPPA, and GLBA.- Provide support for Web Application Firewall (WAF) tuning requests to eliminate false positive attack signatures.

- Responsibilities include leading the Log Review Team to help clients manage security and compliance related issues such as PCI, SOX, and HIPPA by analyzing security, operational and functional events within the customer’s environment.- Define polices, guidelines, and standard operating procedures to help reduce risk by defining analyst workflows, managing customer interaction, and creating quality control procedures.- Provide technical training to the Log Review team, assist with tooling requirements for continuous service improvement, maintain team schedules and metrics, complete analyst performance reviews, finalize new customer on-boarding process, and help with the interview process for new analyst candidates.

- Provide technical support for multiple Alert Logic customers by analyzing and reviewing logs and reporting on any abnormalities to security, operational or functional events within our customers’ network systems.- Escalating technical or security related issues and communicating the significance of these issues to our customers in a timely fashion.

- Worked as part of Global Security Services, helping to keep McAfee’s global network secure and reduce risk by monitoring, analyzing, and remediating information security related events as part of the Security Incident Response Team.- Helped analyze McAfee’s external vulnerability scan process for continuous PCI DSS regulatory compliance.- Helped locate and remove unsupported servers from McAfee’s network. - Training in EnCase and Autonomy software while working with the Digital Forensics and Litigation Support department.

- Responsible for IT Support of end users, including software and hardware troubleshooting, printer and network connectivity issues, and help desk.- Training in network security issues, including Windows network environments, wireless networks, routers, and firewalls.- Responsible for custom workstation, server, and mobile police unit builds.