Information Security Manager

Technology Risk Consultant responsible for identifying security, technology, & regulatory risks within technology and operational processes. Embedded InfoSec SME supporting definition and execution of Attack Surface identification/prioritization and Vulnerability & Patch Managements processes.

Application Security Test Team Manager with the primary duty of managing and providing ethical hacking services to the enterprise under the Attack Surface Management group. Responsible for managing the day-to-day operations and activities of the Global Ethical Hacking Test Team and Application Security Team (SAST/DAST). Responsible for evaluation and testing of new security tool solutions to determine overlap with existing tools.

Manager of the Information Security Team responsible for security architecture, vulnerability scanning, source code analysis, and risk assessments for internal stakeholders. Execution of security initiatives within AGILE process to develop security certification packages and system hardening verifications. Responsible for working directly with high-level government representatives to define security requirements and development of process and procedures to ensure system/application/network security.

Security Assessments, Penetration Tests, and Security Control Audits. Use automated tools (DISA Gold Disk, STIGS, SRR Scripts) and custom developed tools to evaluate security posture, audit patch level, and security hardening. Evaluation of Solaris, Oracle, Windows, Linux, Network devices, VMware ESXi, DIACAP, NIST, FISMA, ITIL.

Division Manager of Cyber Security managing DoD, DOE, DOT, and commercial projects. Led CT&E, ST&E, and Security Control implementations. Executed network scans using eEye Retina and Tenable Nessus. Monitoring of IAVM and Patch Management, SANS Security Alerts, development of security documentation (SSP, DRP, COOP, CMP). Assist with Penetration Tests. Designated as Navy Certification Agent. Project Manager for Navy and DOE projects. Security hardening of RedHat, OpenSUSE, Microsoft Windows, and network devices.

IT Security, Firewalls, Advanced Technology, Secure LAN/WAN Technology. Experience with ISS, Nessus, Checkpoint, Cisco PIX, routers, switched, Lotus Notes and Domino Servers, . Attained MCSE and CCNP certifications.