I manage a great team comprised of smart and talented cybersecurity individuals charged with providing strategic and tactical direction for Blackbaud architecture, tools, processes, and products.

Responsible for the successful delivery of secure solutions architecture for BNP Paribas Americas, through partnerships with BNPP global architecture team, ensuring compliance to regulatory requirements to enable the business to securely deliver Banking products/solutions to customers.Directed the security architecture team to perform infrastructure architecture reviews, recommend and design solutions, and improve security in the areas of network segmentation, network security analytics & anomaly detection, endpoint malware protection and EDR controls, data loss prevention (DLP), database activity monitoring, endpoint application allow-listing, insider threat and behavior analytics.Directed risk-based prioritization activities for security within technology roadmaps and managed multiple security remediation efforts and improvement initiatives

Provided technical leadership across various cyber security domains, collaborate with senior business leadership (CIO, CTO, CISO) on key initiatives and special high visibility projects, influence and communicate strategic and tactical information security direction, and balance business requirements against security risk in order to enable the business to succeed and execute on their vision and mission with a security conscious methodology.Key contributor to the overall technology strategy to ensure the realization of goals such as reuse, infrastructure simplification, cost management, and flexibility.Developed cyber technology strategies that promote an integrated customer experience and leverage common services and capabilities across the enterprise.Created security architecture implementation roadmaps aligned to standards and controls, and provide technical security design and architectural guidance, reference architectures and patterns, including documenting and diagramming the logical, physical, and process views across multiple technology domains. Hand-selected by CIO and CISO to provide security leadership on a strategic-focused team working to design an all-new digital cloud banking platform.Led security efforts for public and private cloud reference architecture, and developed cloud security requirements for the BNPP global “Cloud Ring” architecture group.Created standardized templates for implementation strategy guides to be used as an architectural blueprint for engineering teams to deploy solutions according to approved architecture patterns.

Delivered innovative, sustainable and secure network security architectures, primarily in the focus areas of perimeter defense design, cloud-based security and governance solutions, and ensuring newly acquired companies can transition into security requirements of the enterprise.Reviewed IT, IS and business projects for security concerns, provided security consulting and guidance to business partners, engineering teams, and governance and support teams on security risks and developed business cases for the adoption of new technology, standards and processes to address business risk and need.Created an internal JIRA/Confluence portal and workflow for inbound proof of concept requests for the security architecture team, which streamlined the process to initiate and complete evaluations of potential security solutions and resulted in better evaluation management and reduced time to acquisition by 50%.Contributed to the development of annual security road map in support of security strategy, and provided detailed input into the creation of annual information security budget.Created standardized templates for implementation strategy guides to be used as a required output blueprint for engineering teams to deploy solutions according to approved architecture patterns.Performed gap analysis and security tool rationalization projects to ensure complete coverage and mature implementation and usage of deployed security solutions

Led security governance efforts for many network security technologies and engineered network IDS/IPS, malware analysis and network anomaly detection, and provided research, design and engineering support of enterprise class information and network security solutions.Designed and deployed an advanced malware protection service with a heavy emphasis on shared threat intelligence throughout deployed security toolsets to help teams identify and respond to malicious events in the environment. The solution was integrated with web proxies to ensure blocks were registered as such for quicker incident response correlation, and also informed endpoint agents of network attacks traditionally not able to be seen via endpoint. This led to fewer false positives, and higher number ofproactive blocking by endpoint agents.Worked tightly with security operations/monitoring and cyber threat intelligence groups to ensure that detection tools were in the correct locations with the correct visibility, and tuned correctly to provide the highest amount of actionable alert data with the lowest amount of background noise or false positives.

Developed architecture patterns and provided engineering guidance for firewall, proxy, IDS, WAF, and DLP technologies, and life-cycle management of the respective technologies

Provided network security infrastructure design, management, and configuration support for firewalls, internet proxy / WAN optimization devices technologies, and Intrusion Detection and Prevention technologies.Aligned proxy technologies to industry and vendor best practices, and enhanced user experience through the use of proxy “splash” and “coaching” pages, which paved the way for integration with the VISA security awareness training program with regards to safe web usage to better protect the user and the company from accidental data loss events, or other accidental issues.

Designed, implemented, and managed firewalls, routers, WAN accelerators, content filters, switches, and managed Linux servers that provided various core network services, infrastructure monitoring utilities, as well as intranet and extranet services.Researched, designed, and managed the effort that led to the use of open source operating systems for core services like DNS, DHCP, NTP, FTP, and file storage, which reduced the total cost of data center operations to 10% of previous operating cost.

Implemented, managed & monitored WAN/LAN/VPN technologies comprised of firewalls, WAN accelerators, content filters, & switches, as well as Linux servers.

Provided technical support and repair knowledge for PC’s, printers, and networks.

Provided technical support and repair knowledge for PC’s, printers, and networks.