Alliance Data Card Services rebranded in March 2022 to become Bread Financial.Responsible for oversight and architecture of Information Security (Info Sec) controls and patterns for the organization. Lead Security Architect for DevSecOps program responsible for integration of security controls into DevSecOps on-prem and cloud pipelines. Expert in advising on security controls and architecture for monolithic and single page applications, cloud, infrastructure, databases, operations, payment card products, and new facility implementations. Expert in cybersecurity framework evaluation, implementation and business process reengineering.

Responsible for oversight and architecture of Information Security (Info Sec) controls and patterns for the organization. Lead Security Architect for DevSecOps program responsible for integration of security controls into DevSecOps on-prem and cloud pipelines. Expert in advising on security controls and architecture for monolithic and single page applications, cloud, infrastructure, databases, operations, payment card products, and new facility implementations. Expert in cybersecurity framework evaluation, implementation and business process reengineering.

Responsible for Information Security presence on organizational initiatives and projects. Review proposed solutions and architectures for risks that could impact the security of our organization. Provide feedback and solutioning to implementation teams.

Responsible for maintaining PCI-DSS Compliance for our organization. Perform all scoping, onsite assessment, SME interviews, evidence collection and submission, device sampling, and yearly assessment project management. SME for all PCI-DSS internal and external initiatives and project consulting. RSA Archer familiarity and usage as it relates to task and issue management for our PCI program. Utilization of Archer and Excel to provide PCI program health and metrics. Experience with updating and creating Security Program policies and standards. Familiarity with Integrated or Unified Control Frameworks for risk management and control governance.

Responsible for leading the Security Operations Center for the organization. Focused on Event and Incident Response through our SIEM and incident response tools. Member of Security Risk Committee for the organization. Development of my direct reports is an important part of my daily tasks. Also, responsible for researching and providing recommendations to the Event Monitoring and Incident Response processes and tool set as it relates to the development and maintenance of documented procedures and techniques, including process integration with managed security service providers, 3rd party vendors, internal IT organizations, and business units. Provide recommendations on short and long term adjustments to security controls for immediate and future identification, containment and remediation. Responsible for leading all SOC enhancement projects.

• Manages daily operations of two team members responsible for Virtual Infrastructure, SAN, Directory Service Administration, Patch Management, Anti-Virus, and Security.• Tracks operational metrics and manages customer relationships. • Manages and supports security controls for new systems, applications, and managed hosting partners (Cloud computing) including but not limited to: Controls recommendations, Risk Assessment, Disaster Recovery, Firewalls, Web Applications, Vendor supplied Applications, Identity Management, Vulnerability assessments, and penetration testing. • Completes incident response and forensic investigations. • Provides expertise in planning, tracking and implementation for security projects and audit activity. Provides support and point of escalation for security operations. • Provides reporting to management, sets up Information Security dashboards and metrics and information security logs. • Responds to security incidents that are complex and highly sensitive in nature. • Leads and is accountable for security planning for future application system implementations. • Stay current with industry trends relating to information security and supporting infrastructure technologies. • Leads, plans and implements other information security projects / duties as needed. • Provide risk based analysis of IT infrastructure and IT systems and sits on Agency Risk Management Committee• Creates and maintains Information Security Policy, Process and Standards. • Provide quality assurance documentation review and peer review on projects. • Develop and maintain relationships with internal teams. • Providing Security and infrastructure thought leadership, design, and support.

Responsible for the daily administration and monitoring of IT Infrastructure including but not limited to the following technologies: 90+ Physical and Virtual Servers, 10 Visualization Hosts, Virtual desktop environment for agency mobile users, 100 TB of SAN storage replicated between 2 physical sites, Directory Services, Backup and Recovery, Email, Server OS, Anti-Virus. Responsible for identifying needed technologies, conducting research on available solutions, and providing recommendations to management on best strategies to accomplish agency vision and goals with regard to IT technologies.

Installed and maintained PC software and associate hardware systems for 750 FCCS employees. Investigated user technical problems and provided problem resolution services. Developed and maintained PC applications using Microsoft Access, InfoPath, Excel and Word for management tracking systems. Performed preliminary investigation for quotes and acquisitions.

--Conducted child abuse and neglect investigations with a focus on protecting children by strengthening families. --Completed timely assessments to determine needed services and agency response to family crises. --Coordinated community services with local agencies and the court system. --Participated in Alternative Response Pilot Project from 2008-2009.