• Lead a 17-person organization over the SOC, security architecture, security engineering, vulnerability management, network, endpoint, cloud, container, API, and application security programs via manager direct reports for a 1200+ employee organization with a 95% remote workforce.• Board member on the Architecture Review Board and Change Advisory Board and participating member of the AI Technical Community of Interest, Cloud Community of Interest, and CTO Extended Leadership Team.• Assess risk of technical architectures, perform threat modeling, identify gaps, and craft remediation plans.• Define and disseminate detailed technical security requirements and hardening baselines based on policy and third party guidance, e.g., CIS, and coordinate adherence to these requirements and baselines.• Mentor and guide key stakeholders and practitioners on information security policy, requirements, and best practices.• Lead cross-functional leadership and technical teams to drive architecture modernization.• Eliminated over 80% of critical and high severity vulnerabilities.• Reduced SIEM contract cost by 33% by more focused log forwarding, more efficient use of storage tiers, and contract negotiations.• Research new security solutions and program enhancements, e.g., container, cloud, and API security.• Lead deployment of new and enhancement of existing security solutions, e.g., SSPM, CSPM, and runtime container security.• Manage and coordinate security incident response.• Create and monitor metrics for team and program performance.• Build and maintain the security operations budget.

• Created and led a 9-person team, managing the SOC, security engineering, vulnerability management, and network and endpoint security.• Board member on the Architecture Review Board, Change Advisory Board, and participating member of the Cloud Community of Interest.• Mentored and guided key stakeholders and practitioners on information security policy, requirements, and best practices.• Led deployment of new and enhancement of existing security solutions, including: email security analysis and response, privileged access management, and service account password rotation.• Assessed risk of technical architectures, performed threat modeling, identified gaps, and crafted remediation plans.• Set new SLA for vulnerability closure and reduced MTTR by 50%.• Managed and coordinated security incident response.• Developed security incident response procedures.• Authored request and approval forms for consistent record-keeping.• Transformed script, code, and configuration storage by migrating to git and a code repository.• Documented technical solutions and operational playbooks.

• Assessed risk of technical architectures, identified gaps, and crafted remediation plans.• Designed, deployed, and managed various security solutions, including: EDR, SSO, MFA, Oauth 2.0, PAM, vulnerability management, and SIEM.• Assessed risk of technical architectures, configurations, and processes, identified gaps, and crafted remediation plans.• Documented technical solutions and operational playbooks.• Transformed organization’s knowledge of its IT assets via automated PowerShell scripting and correlation of many data sources both on-premises and in the cloud.• Automated repetitive tasks via PowerShell, e.g., lockdown of computing assets upon termination of remote employees.• Mentor junior cybersecurity staff.

• Led an Information Security program based on the NIST cybersecurity framework.• Developed and enforced information security policies and standards.• Identified regulatory compliance requirements and coordinate financial, health (HIPAA), and police (CJIS) system audits, including audit finding remediation plans.• Provided technical security mentorship and guidance to practitioners across the organization.• Communicated the state of information security, existing risks, and recommendations for risk reduction to executives.• Assessed risk of technical architectures, configurations, and processes to identify gaps, and craft remediation plans.• Performed logical and physical access audits to ensure compliance with the principle of least privilege.• Performed security incident response.• Created, maintained, and communicated policies and procedures.• Architected, engineered, integrated, and implemented cybersecurity solutions, including: ADCS PKI, Palo Alto Networks firewalls and Panorama, endpoint protection, SEG, SSO, MFA, PAM, vulnerability management.• Administered SIEM, VPN, RADIUS/NAC services, and email encryption.• Engaged in proof-of-concept technology demonstrations for security solutions and services such as data loss prevention (DLP), Security Intelligence and Event Management (SIEM), multi-factor authentication (MFA), and vulnerability management.

• Deployed and managed Windows and Linux servers, VMware vSphere/ESXi, Palo Alto Networks firewalls, Lync/Skype for Business, ZixGateway email encryption, Cisco AnyConnect VPN, and Kronos Workforce Central.• Administered Microsoft Exchange, Citrix XenApp, and Active Directory with multiple trusts.• Automated workflows and maintenance tasks via PowerShell.• Implemented SSL/TLS for web applications.• Created and maintained procedural, policy, support, server, and network documentation.• Performed technology incident response.

• Implemented and managed Windows and Linux servers, Windows and Mac OS X workstations, VMware vSphere/ESXi, NetApp SAN, HP and Dell servers, Symantec Backup Exec, Quantum tape libraries, and Microsoft Remote Desktop Services farm.• Administered Microsoft Exchange, BlackBerry Enterprise Server, Ironport e-mail security, Cisco switches and VPN concentrators, and Active Directory including multiple domains and trusts.• Migrated two Active Directory domains.• Created and deploy system images.• Supported multi-site, 600+ seat environment including numerous home office users.• Created and maintained procedural, policy, support, server, and network documentation.• Performed technology incident response and data recovery.

• Implemented and administered Windows servers and workstations, Hyper-V and VMware virtualization, HP and Dell servers, Microsoft Exchange, Active Directory, Symantec Backup Exec, Terminal Services/Remote Desktop Services, Fortinet firewalls and VPNs, and Symantec, Trend Micro, and Sophos antivirus.• Created and deployed system images using Windows Deployment Services.• Created and maintained procedural, policy, support, server, network, licensing, and disaster recovery documentation.• Performed technology incident response and data recovery.

• Performed remote support for 2000+ retail stores’ P.O.S. systems, based on Red Hat 7, SUSE Linux 10, and Windows 2000.• Created and maintained procedural, policy, support, server, network, and disaster recovery documentation.• Performed remote disaster recovery.

• Administered Windows Server 2000 – 2003 and implemented and administered Windows client 2000 – XP.• Administered Citrix server farm and HP thin clients based on Windows CE or Windows XP Embedded.• Administered VERITAS Backup Exec, including LTOx tape technologies and HP StorageWorks tape library.• Administered BlackBerry Enterprise Server 4.x.• Supported 100+ seat, multi-site environment both desk-side and remotely.• Created and maintained procedural, policy, support, server, user FAQ, and disaster recovery documentation.