Security services consulting focused on optimization of security spend and utilizing open source security stacks and affordable solutions. Assist small businesses, non profits et al. manage the risk, security and compliance of their organizations people, process and technology.* Specialization of Risk Management through Cloud Hardening and Endpoint Hardening techniques, utilizing best practices found with contributing members of industry led coalitions. * Establish Principles, Policies, Standards and SOPs for organizations* Perform security assessments for audits* Establish third party risk management programsAWS Partner Cloudflare Advanced Implementation

Responsible for leading the growth of Storable's Cybersecurity program through advancements in people, processes, and technology. I am directly responsible for decisions and strategy of DevSecOps, Cloud Security and the assimilation of Enterprise Security Architecture. Critical Focus Areas* I have direct experience implementing and hardening a very large scale AWS Org (75+ Accounts) utilizing CSPM's and Control tower.* Establish a DevSecOps organization - analyzing and implementing OWASP SAMM best practices for the techniques surrounding SAST, DAST, Secrets Detection, IaC scans, Image scanning in addition to hardening applications.* Implement world-leading Web Application Firewalls and AWS WAF utilizing IaC. Establishing custom rules for the reduction of risk for DoS and traditional web-based attacks.* Implementing best practices for data protection and data treatment tooling.* Responsible for the establishment of an Enterprise Risk Management program leveraging native Google workflows to create an active risk register, an Enterprise Security Council and the management of risk.* Responsible for an advanced analytics program leveraging Tableau to ingest multiple sources of truth to directly identify and advance mitigations on highest priority risks.* Responsible for creating multiple variations of views from board levels through engineers to ensure a consistent understanding of the risk profile for the organization.* Established a capability maturity model and artifacts to ensure alignment for strategic imperatives created in cybersecurity roadmaps, independent assessments and regulators' needs.* Devoted member of the Storable Impact Council, focused on making the world a better place through a helpful hand, a great attitude, and a passion for making a difference.* Establish a zero trust architecture strategy utilizing and implementing the capabilities in SSE/SASE stack

Provide leadership to the SailPoint CyberSecurity program emphasizing on impact through value creation, demonstrating integrity and innovation. Contribute to a world leading culture, advancing the Information Security team under the direct leadership of the Chief Information Security Officer. Regularly demonstrate the core values of the organization while making something remarkable from our Information Security capabilities, products and solutions. Contribute to the brand through as an ambassador helping others in the community and world. Lead the direction on security capabilities across all domains through an expert team of security engineers and architects, collaboration through the Security Leadership team and helping coalesce a vision from our CISO.Directly responsible for the creation and measured results for the following:Technology / Security Decision Making FrameworkSecurity Optimization Process (Rationalization through Hardening & Implementation)Architecture Review Board & Enterprise Security ArchitectureEnterprise Zero Trust Architecture Strategy Over $400k in savings due to duplication of capabilities in year 1.Over 50% improvement in adoption of Layer 7 NGFW FeaturesToastmasters Corporate Club

Serve as Principal Security Architect providing technical direction to the Chief Information Security Officer, Security Operations, Chief App Dev Arch et al. Assist in detailed analysis and design from specific incident Response and Policy decisions to design of logical and conceptual architecture. As the head of security architecture, I have quickly assessed current state and the gaps to mature the Information Security Program. I engage each of our clients as if they were my own, focusing on making complex risk, security and compliance challenges easy to consume. • Established and indoctrinated NIST CSF organizationally.• Assessed current state architecture and identify gaps based on risk (CMMI based), prioritized design and provided immediate ROI with remediations. o Established Container Security Direction & Hardening - Docker Images/Kubernetes o Assessed and designed the core requirements for a CDN based DDoS solution. o Hardened Infrastructure Vulnerability Management Program o Led the design and implementation of Layer 7 Firewalls. o Provide direction on escalated security incidents.• Established data protection standards and policies.• Established direction and implementation of Oracle Data Vault and TDE controls for SOX Compliance and increased preventive and detective controls.• Lead Architect for Architecture Review Board Approvalso Reviewed in detail each request for potential gaps, weaknesses in design and implementation.o Validated any risk introduced was within organizational risk appetite.• Lead Architect for Change Control Board evaluating CIA impacts to organization. • Designed and implemented Phishing simulation, training and education solution resulting in a reduction of over 20% in click-through rates.• Evaluated key capabilities and provided direction on hardening (e.g Configuration of Spam Filters, SEPM, HTTP Security Headers, etc)

Provide technical direction and innovation to the overall initiatives for Octarine Security Cloud Native offerings. Assist in the analysis of market opportunities, key drivers and capabilities et al. Serve as a subject matter expert on topics such as enterprise vulnerability management, needs from a CISO perspective and the obstacles that organizations identify in special interest groups.Contributions led to the acquisition of Octarine by VMware in May 2020, thus ending my work as an advisor.

Extremely experienced senior security architect with tremendous depth and comprehension of Information Security across all topics. Various roles have led me to acclimate to leading on the innovation side, sustaining service, managing risk operationally and managing IS programs. I believe that security leadership REQUIRES expertise in this field. I believe our senior leadership must understand the issues in this space. I believe that opportunities are earned and my track record in this space represents my capabilities and aptitude.Led complete greenfield security stack on hybrid cloud. Designed robust infrastructure leveraging federated identity, identity proofing, virtual directory servers, directory replication advance SIEM. I have led teams in IAM, Border Protection, Cryptography services, DAST/SAST, Vulnerability Management, Risk Management etc. I participated in courses my teams have such as Checkpoint R75 Firewalls, OpenAM implementation and development bootcamp, Splunk. Bootcamp, etc. I am a servant leader who believes in putting in the time to earn results, not be given a title. A few highlights:Cloud Security / AWS Hybrid and Full Off-Premise DeploymentsExtensible Security APIWeb Application Firewall Design/ImplementationIdentity Proofing & Fraud PreventionApplication SecurityRisk Management Virtual Directory ServersIAM Governance & IIQSplunk/Syslog/QRadar et al.FIM / Cross-Domain SSOSIEM and Integration into HadoopSecurity Patch Management and AutomationOpen Source LAMP StacksCloud Service Providers Governance Risk and Compliance Risk AssessmentsPenetration TestingVulnerability ManagementCode Scanning (DAST & SAST) (VeriSign, OWASP, WebInspect, etc)Next Gen Firewalls and Border ProtectionNetwork Segmentation Strategies (PCI zones, zone segmentation)Host and Network based IPS, IDS and DLPoAuth 2.0, SAML, OpenIDCHypervisor Security Amazon Web Services Security (AWS)NIST CSF , HIPAA, GLBA, PCI, FFIEC, et al.J3101, J3061, OCTAVE

Responsible for leading direction, enablement and execution of the security architecture for State Farm's customer facing platform. Provided architecture direction contextually, conceptually, logically and physically through a variety of common industry artifacts. Responsible as Lead Architect for Security Architecture Direction.Extremely adaptable to providing solution design on any technology or business problem space. I take a creative approach focused on differentiation and strategic advantage. I have a passion for incorporating a focus on customer experience in solution design.Focus Areas:OWASP Top 10 App Sec PracticesSecurity Solution DesignMobile Security Team LeadEnterprise IT Strategy & Direction, Business Plan Creation, SWOT AnalysisSituational Analysis, Problem Solving, TroubleshootingBudget, ROI, ROSI, CBACustomer Experience Focused ArchitectureEnterprise Mobility Strategy, Architecture, DeploymentSelf Service & Automation, OrchestrationDynamic ProvisioningRoad-mapping, Budgeting, Strategy AlignmentExecutive presentations, Executive communications, Verbal/Non-Verbal Communications ExpertiseProduct MarketingIdentity Access ManagementBorder ProtectionPatentsTeam Building, Employee Development, MentoringStrategic Consulting and ReviewLinux Server Cluster Administration, LAMP, Database AdministrationReference Architectures

Experienced IT Product Manager responsible for managing the lifecycle and architecture of the organizations most valuable product architecture. Responsible for all aspects of SDLC including accompanying Sales Engineers and Executive on RFP/RFI execution with customers and prospects. Incorporated market differentiating concepts and architecture into the product model, branding and diversification. Provided direction and leadership for solutions center of excellence responsible for the organizations technology enablement.Lead IT professional responsible for the software management of the Automotive sector / niche. Created and executed the enterprise strategy for the direction and enablement of technology services for the start-up of a new business model. Focus Areas:Design and Implement Federated Identity Solution for Customers via SAMLRisk Management & Compliance Frameworks LeadPCI QSASalesIT Business StrategySoftware Based Dynamic Direct Mail Marketing EnginesNext Generation Digital PrintDynamic Image CreationProduct Marketing, Direct Marketing PortalsSoftware PortalsMid-Tier Integration ServicesOutsourcing & Managed ServicesMicrosoft Based Frameworks (ASP.net, ADFS, AD, GPO)