Started a Cybersecurity consulting practice advising clients on cyber threats, risk assessments, control effectiveness, and risk management. Key engagements include:• Global Law Firm (Oct 2020-Nov 2021) – Assessed multiple regions of a global law firm for compliance with ISO 27001/27002 and control maturity. Led policy and governance development for ten risk reduction initiatives resulting in a formal review and approval process and development of key global information security policies and standards for the firm.

Provided cyber risk analysis and advisory services to a technology firm offering services for real time, complex risk analytics, cyber threat intelligence, cyber security services and insurance. Analyzed assessment reports, designed remediation plans, tracked and verified client’s progress to completion. Advised client on their key initiatives including: cyber insurance underwriting and pricing applications for cyber threat intelligence, stochastic modeling of malware propagation for use in insurance portfolio aggregate risk modeling. Conducted due diligence on client’s service providers for loss prevention and ransomware threat actor intelligence. Conducted security due diligence on a threat intelligence firm to support client’s M&A initiatives.

Oversaw cybersecurity operational risks. Influenced governance committees, senior executive level work streams, major change management programs. Reviewed operational risk events. Implemented the firm’s Operational Risk Management Framework (ORMF) for Cybersecurity and Technology Controls. Delivered an independent view of Cybersecurity risk to management and the Board of Directors; Challenged business unit Risk and Control Self Assessments (RCSA) results.

Led current operations, exercises, training, and evaluation activities for the Air Force’s Cyberspace Operations headquarters in support of USCYBERCOM. Managed oversight of Air Force’s Computer Network Defense Service Provider program. Oversaw preparation/post-inspection fix actions for DoD network defense inspections.

Led Air Force global network offense and exploitation operations. Oversaw/directed 5 geographically separated combat units utilizing a $125 million Air Force weapon system and mission partner infrastructure. Directed the development of training, standardization, evaluation and oversight of all Air Force special cyberspace operations.

Developed network warfare doctrine, policy, guidance, plans and programs for the Air Force. Oversaw and managed $130 million in in network warfare programs. Developed Air Force Network Warfare investment strategy and force structure. Oversaw development and approval of Air Force’s first holistic Cyberspace Operations Policy.

Led a 60-person team planning and executing intelligence support for all phases of E-3 Sentry Airborne Warning & Control System (AWACS) combat operations in support of 1,650 aircrew. Directed and established new requirements procedures to provide current intelligence, target data, order of battle, threat analysis and threat training to combat aircrews. Managed specialized intelligence resources ensuring training/readiness of all wartime personnel.

Directed a 240-person network operations organization. Led day-to-day operations and crisis management for three distinct and separate network operations areas, including the Air Force Computer Emergency Response Team (AFCERT), and direct support to full spectrum operations. Led daily network defense for the Air Force protecting over one million computers world-wide--analyzing 8.2 million suspicious network connections and capturing/correcting 150+ critical network intrusions. Organized AFCERT network defense operations on Prevention, Detection and Response activities.

Selected for 3-year technical leader development program. Successfully completed program academics and worked in multiple NSA offices focused on remote operations, software development, and digital network intelligence analysis. For program’s Capstone project, led survey team to understand 802.11 WiFi signal propagation.

Led Red Team assessment of the President’s Council on Y2K Interagency Coordination Center; Conducted penetration testing on DoD networks to simulate outsider threats; Assessed DoD classified and unclassified computer networks to discover vulnerabilities.