Managed security policies and procedures, maintained FedRAMP High ATO, and developed POAMs to address vulnerabilities.• Partnered with Sales and Technology teams to ensure consistent application of security policies.• Maintained FedRAMP High ATO and facilities clearance, ensuring compliance with regulations.• Developed and managed Plans of Action and Milestones (POAMs) to address security vulnerabilities.

• Spearheaded the development and implementation of comprehensive Operational Security Playbooks, enhancing threat detection efficiency through meticulous metrics analysis. • Championed the mentoring and support of client employees, fostering a culture of security awareness and operational excellence. • Led the successful adoption of a Threat Intelligence (TI) program, integrating multiple TI tools and practices, which resulted in a reduction in security incidents by establishing a practical and actionable Threat management and reporting framework

• Former Co-owner of the Colgate 12 companies (Access Point Technology and Appian Way Advisory) • Developed organization’s M365 Cloud native technology platform • Served as billable CISO for a client for over two years – developed and implemented a Zero-trust, cloud-native security program from scratch and led multiple M&A and Application migration projects to enable client business growth through acquisition • Defined Information Security services practices for Managed client services as well as advisory services for Colgate 12 companies • Provided mentoring, leadership, and management of a director-level team of 15 in broader support of the staff of 110 W-2 and 1099 resources • Delivered services that led to the growth of the company from $6 Million to $16 Million annually over two years

• Pioneered establishing offensive security and security advisory services, directly contributing to a fortified cybersecurity posture for clients in crucial retail, healthcare, and financial sectors. • Orchestrated the recruitment and leadership of a specialized advisory team, enhancing the delivery of client services and significantly improving client cybersecurity resilience. • Spearheaded virtual CISO and CxO services, leading critical compliance assessments (CMS, HIPAA, ISO 27001, NIST CSF) across diverse industries, bolstering clients' compliance with global data privacy and security regulations. My years of security operations, incident response, and Identity & Access Management experience enabled Rubicon to provide more than an academic view of the practice of information security; we focused on the business value and enablement that Information Security provided.

• Led successful implementation of a client's ISO 27001 readiness certification project, enhancing global compliance across multiple regions and business units by establishing rigorous security standards. • Directed comprehensive Incident Response activities, significantly reducing post-incident recovery time by 45% through strategic planning and restoration efforts. • Formulated and executed a strategic plan for the global implementation of ISO 27001, resulting in a 35% improvement in security posture by identifying and addressing control gaps and weaknesses.

• Architected and implemented a comprehensive enterprise security reference architecture, establishing foundational security principles and practices across identity, encryption, network security, and data governance domains. • Led the evaluation, selection, negotiation, and deployment of advanced information security technologies, securing the organization with solutions valued at over $15 million, including Thales HSM, Qualys, and Okta, enhancing the overall security posture. • Developed and executed enterprise-wide identity management strategies, significantly streamlining the rapid hiring, change, and termination process of employees and contractors, improving operational efficiency and compliance.

Converted from Contract to Full-time employee role with Vertiv in October 2019.• Established information security design patterns for IAM, Authentication, data protection, and data governance, resulting in 60% more efficient adoption of technologies.• Drove adoption of Cloud Security Architecture for Enterprise ERP, Sales, HR, and Fulfilment applications.• Led revision and adoption of enterprise information security policies and standards• Provided leadership around organizational Digital Risk Management and adopting the ServiceNow GRC platform and practices.

• Prepared and educated clients on emerging technologies and assisted in aligning technology requirements to capabilities • Coordinated client and product member interactions, including scoping purchases and assisting in budget and solution development opportunities • Enabled multiple clients in healthcare, state, and local government to select or replace managed security services • Provided Security architecture advisory for extensive health system Epic migration to include the design of security controls, policies, and governance requirement gathering • Provided engineering and solution design and advised Forsythe customers across the Ohio Valley region. Eventually supported multiple clients within Northeast(NYC), East (North Carolina), and West Coast regions • Provided support for over 18 named account managers and 100 diverse clients across multiple industries with a solution set of over 90 Security and Network products. Provided support for scoping expanded information security advisory engagements (Assessments, penetration tests, etc.) • Achieved over 428% of targeted combined product and services sales attainment numbers, resulting in over $2.4 million in organizational and regional security solution revenue

• Directed a security operations team of three, enhancing daily operational efficiency and security responsiveness, as evidenced by a 75% decrease in incident response times, by implementing strategic security measures. • Spearheaded the development of an enterprise security reference architecture, achieving a 80% improvement in system security compliance by fostering cross-disciplinary collaboration and governance. • Orchestrated the organization's inaugural FedRAMP certification process, leading to a 65% enhancement in cloud security posture by defining and executing comprehensive System Security Plans against NIST 800.53 Moderate baseline.

• Expertly managed and optimized a suite of operational security tools including ArcSight, Qualys, Websense, and IBM AppScan, enhancing system security and operational efficiency at the State of Ohio Department of Taxation. • Served as the pivotal security subject matter expert during the organization's Office 365 e-mail migration, ensuring seamless integration and security compliance. • Provided strategic guidance for the design of the taxpayer transcript system and tax bulk file upload design, significantly improving data handling and security measures.

• Spearheaded the strategic planning and execution of Information Security initiatives, achieving stringent PCI-DSS and SOX compliance, and significantly enhancing risk management and reporting capabilities. • Led the selection and deployment of an IT Governance Risk & Compliance (GRC) management tool, streamlining compliance activities and bolstering the security posture by implementing a comprehensive Identity & Access Management (IAM) strategy across the Scotts companies. • Orchestrated the redesign of business area networks, concentrating PCI-DSS scope and monitoring, which resulted in a marked reduction in security vulnerabilities and enhanced operational efficiency.

• Directed the Incident Response service practice, enhancing cybersecurity readiness by designing and implementing comprehensive incident response strategies, as evidenced by a marked reduction in recovery times by 60% through effective crisis management and technical team coordination. • Spearheaded customer engagement and resource allocation for incident response engagements, achieving an increase in client satisfaction through meticulous scoping, resource identification, and executive-level communication.• Innovated managed service offerings in forensic investigation and crisis communication, delivering targeted technical training that bolstered organizational resilience against cyber threats and improved crisis response capabilities.

• Elevated Interhack's security standards by leading forensic laboratory execution and integrating media relations, resulting in a marked enhancement of client satisfaction and engagement, as evidenced by a 90% increase in client retention. • Promoted to Senior Specialist in 2012, taking on expanded responsibilities including the management of daily technician workloads and the strategic screening of potential candidates, directly contributing to a 65% improvement in operational efficiency. • Spearheaded an analytic approach to casework management, fostering a culture of continuous learning among technicians and ensuring the highest security practices were met, leading to a 45% reduction in security incidents.

I joined Interhack in November 2011 as a Specialist focused on executing Interhack forensic laboratory work and developing and mentoring the technicians working for the firm. I used my diverse experience in media relations, writing, and the management of information security and information technology to play an important role in connecting technical production work to the analysis and presentation that clientele expected at Interhack.

• Spearheaded the strategic development and application of the OSU IT security framework, leading to enhanced security posture and compliance through comprehensive risk assessments and targeted IT security awareness campaigns. • Directed the evaluation and selection of cutting-edge IT security tools, including the pioneering acquisition of the Secunia vulnerability management tool, as part of a $2 million enterprise vulnerability management initiative, significantly bolstering organizational security. • Championed the ISO 27001 & 27002 implementation across Ohio State, managing the security standard and compliance practices for the OCIO IT Security team over three years, markedly improving the university's security and compliance landscape. I was responsible for information technology security planning and implementation, to be accomplished by developing and applying the OSU IT security framework, risk assessments and IT security awareness campaigns. * Crafted the IT Security program strategic charter in 2010 scoping the seven initiatives (totaling $2 million in budget) within the charter.* Led IT security tool and technology evaluation teams for the Office of the CIO and established selection criteria for data loss prevention, vulnerability management and risk assessment products. This also led to initial purchase of the Secunia vulnerability management tool as a part of the enterprise vulnerability management strategic program.* Managed the security standard and compliance practice for the OCIO IT Security team * Crafted and delivered key communications resource for university IT security initiatives. I managed, programmed and delivered the content of the university's monthly security working group meeting (SECWOG) for five years; developed internal training, and delivered targeted instruction to technical and non-technical faculty and student groups regularly.

The Cybersecurity Outreach Specialist was responsible for creating and maintaining documentation to promote and support security conscious computing habits in faculty, students and staff. In this role I consolidated three disparate websites containing IT security information into a single branded portal aimed at technical and non-technical university community members. I generated and delivered presentations on information security topics and developed evaluative resources as well as general information campaigns.I also began the process of information security standardization and compliance measurement as a key team member of the IT security program, managing exception and compensating control requests and evaluating and interpreting direction for community members.I was recognized for these efforts and in 2010 my job title was adjusted to reflect the IT Security planning role I had taken on organically over the course of my employment as an outreach and education specialist.

Contract position for GameFront (http://news.gamefront.com) Expertise Areas: • PC and Video Game Hardware• Massively Multiplayer Online Games• Strategy & PC Games• Game Modifications• Game Design Tasks: Create daily news articles, develop in-depth "How-To" features related to PC & Console Hardware and Game Modification.

Writer of Technology and Video/Computer Game related stories for Dispatch Media Group publications. I began as the primary video game writer for the Columbus Dispatch's Connect technology section.In February of 2005, along with Connect copy editor Chuck Nelson we launched the GameOn! podcast, the first completely original podcast content for a mainstream newspaper in the United States. The podcast ended in May of 2010 - over 3 years of weekly episodes were produced.I also wrote a parenting column for Columbus Parent Magazine covering traditional games and parenting from 2006-2011.

Contract position. I wrote articles covering video game news. • Created editorial features for Gaming Today's news operation.• Gaming Today was a Kotaku-style blog with an eye on writers voice and an active community. Wrote 50+ articles a week for the website.Authored longer editorial content such as the "File-N-Forget" podcast and weekly columns like "The Analog Gamer" and "The Open File" for Filefront's readers.

I served as a senior support engineer for the editorial services portion of The Dispatch Printing Company. During my employment, I was the technical lead on the company's NICA Archive project. I managed the company antivirus solution, supported and trained users in the use of RSA SecurID and oversaw the Active Directory systems used by editorial employees in daily production of news products.When the company transitioned from the ATEX publishing system to the CCI editorial front end I assisted in the design and implementation of the new system including integration of existing wire and archive systems. Upon implementation of the project, I transitioned into an application support role with a focus on the text and image archive processes, newswire support and content translation to and from XML via XSLT.

I was responsible for daily maintenance and upkeep of Middle school classroom systems, computer libraries and labs. * Supported Macintosh and Windows (Novell) Operating systems, including installation, tuning and troubleshooting.* Aided school staff in using instructional technology and resolved software and hardware related problems. * Managed trouble ticket workload independently and maintained a very high problem resolution rating.

Served as an operational level Aviation Ordnance Technician - MOS 6531 Worked on AH-1 and UH-1 helicopter weapon systems and avionics. * Received meritorious promotion and attained rank of Sergeant in under 5 years.* Work Center Supervisor, Shift leader and Desk Sergeant* Explosive Ordnance Quality Assurance/Safety Inspector.* Responsible for verifying and inspecting aircraft maintenance on flight critical systems.* Managed crew of 4-16 Marines in accomplishment of daily maintenance and weapons arming and loading evolutions.