As the leader of the Global Cyber Fusion Center and managed services for MorganFranklin Cyber I am responsible for product and program development, and the delivery, measurement, optimization, and evolution of Cyber Fusion managed services. Within this portfolio of capabilities I lead the client success and engagement team who support ongoing service management, metrics, and reporting for our clients. Cyber Fusion Center Services:• Managed SIEM• Managed EDR• Managed SOAR• Advanced Detection and Response• Detection Engineering• Incident Management• Threat Hunting• Adversary Simulation• Cyber Threat Intelligence

As Vice President of Global Security Operations and Managed Services for Optiv I was responsible for leading, growing, and optimizing the portfolio of managed security services with a global organization of 550+ team members, including accountability for P&L/budget management and portfolio profitability. I was key to managing client and partner relationships, contract negotiations, services pricing, and GTM strategies. I made certain our services maintained SOC2 compliance and aligned to the NIST CSF and MITRE frameworks, while working with client leadership to ensure their managed services provided the necessary controls, configurations, and evidence to both measurably reduce risk and satisfy business and regulatory compliance requirements.Managed Security Services Practice Areas:•Global SOC Strategy & Delivery•Advanced Fusion Center•Managed XDR•Managed EDR•Managed SIEM Platform, Rules/Content, SOAR, and Threat Intelligence•Managed Identity & Access•Vulnerability Management•Technology Management•Managed PKI•Client Engagement, Satisfaction, & Success•TAM (Technical Account Managers)•Cyber Security Awareness Training & Phishing Simulation

As Director of Global Security Operations and Digital Transformation for Lumen, I led the evolution of managed security services and supporting programs. This included operational delivery, program assessment, organizational change management, services measurement and process optimization, and security operations automation across the portfolio of programs. The global teams for these programs were staffed within 8 Security Operations Centers across North America, India, EMEA, APAC, and LATAM.Security Operations Programs•Managed DDoS•Managed Firewall and UTM•Managed Detection & Response•Managed WAF•Vulnerability Management•Managed Endpoint Protection•Managed File Integrity Monitoring•Security Orchestration, Automation, and Response (SOAR)•Security Operations Agile Program Management

As Director of Cyber Security for Cognizant I led the coordinated implementation of technologies, threat intelligence, development of standardized process and metrics, hiring and development of staff, vendor and budget management, and the design and delivery of global Security Operations Centers.Program Elements•Implement standardized SOAR capabilities and support with an integrated technology stack and global execution and measurement•Develop and manage the global Cyber Threat Intelligence program and partnerships•Security Operations Center design, build, and commissioning•Guide the operational strategy, staffing, and process development for technology management and service delivery•Manage partner relationships and efforts•Establish KPIs and deliver metrics reports to enable data driven decisions for security services leadership•Partner with Risk Management and Audit leaders to manage and meet regulatory compliance obligations

As Director of Security Operations and Incident Response at Cognizant for the Healthcare vertical, I developed the Security Operations and Incident Response programs from the ground up. This included security controls management, detection and response, and digital forensics and incident response. For each area I led the creation of standard documented approaches to work intake, process and procedures, and measurement and reporting.•Drive security program maturity through improved security controls, process standardization and metrics for both corporate and healthcare customer environments•Lead, manage, coach, and enable the onshore and offshore security operations team members for improved service delivery•Develop and lead digital forensics, incident response, and eDiscovery processes and communication, including training and tabletop exercises•Provide tactical and strategic guidance and support for the integration of security intelligence and indicators through use case development and tuning of security controls such as DLP, IPS, SIEM, AV/HIPS, EDR and proxy/web content filtering•Collaborate with corporate Legal and Compliance teams to satisfy internal and external audit and assessment requirements and contractual obligations•Create, review, and approve enterprise Information Security policies, standards, and incident response plans

As Senior Manager of the Cyber Risk Defense Center, I led an initial limited 8x5 program with 8 team members, then designed and implemented a next generation 24x7x365 Security Operations program with 22 team members. The new program was designed with 4 discrete focus areas of the attack lifecycle, increasing the fidelity of security events, and reducing the time to identify, analyze, and contain threats. In addition to program development and leadership, I was a key contributor to the design and implementation of a $4M showcase Security Operations Center.•Guide advanced malware, intelligence, and logging solutions selection, configuration, and use•Develop and implement a comprehensive metrics and reporting strategy•Led increased maturity in process development and execution•Manage vendor relationships to deliver strategic partnerships for enterprise security services and staff augmentation•Work closely with Compliance and Audit teams to satisfy regulatory compliance and audit requirements•Create, review, and approve enterprise Information Security policies and standards.

As Senior Manager of Information Security I staffed and led multiple onshore/offshore teams to design, implement, and manage security capabilities, processes, and mitigating controls, as well as detect and respond to threats and vulnerabilities to effectively manage enterprise risk.•Select, implement and manage preventative and detective cyber security solutions for SIEM, DLP, WAF, DAM, AV/HIPS, and vulnerability and configuration management•Develop and implement standard process for security event detection, analysis, and containment•Lead incident response management, investigations and reporting•Partner closely with Legal, Compliance, Audit, and IT business units to address regulatory compliance and audit obligations•Manage vendor relationships and efforts•Create, review, and approve enterprise Information Security policies and standards.•Develop and implement KPI metrics and reporting