- Empowering clients to Outwit Complexity. - Serving the mission of securing our nation's critical infrastructure

Teach Information Assurance online, asynchronous, for MSU's Cybersecurity program offered through a collaboration between the Criminal Justice and Computer Science departments. Create and maintain relevant content based on NIST CSF, CIS Critical Security Controls, CISA ZTMM, OWASP, NIST AI RMF, CISA KEV, and leading vendor threat intelligence and incident reports. Evangelize "shifting left", DevSecOps, policy-based cloud native migration, SBOMs and supply chain security management. Build and deliver course content on MSU's Canvas platform. Support MSU's participation in the CENTURION (formerly PISCES) program and collaboration with the National Cybersecurity Center.Researching how we can use LLMs and ML to automate system and application security posture management, to replace static audit checklists, and promote data-driven, quantitative risk assessment.

Provided guidance for IT, OT, IOT, Cloud and DevOps security architecture. Assessed and applied security controls per NIST CSF, CIS CSC, ISA 62443, HIPAA and PCI. Created foundation to achieve Zero Trust Architecture. Established and improved metrics related to continuous threat/vulnerability detection and response, security awareness training and testing, cyber incident response (inc training and testing), and operational service catalog supporting Identify, Protect, Detect, Respond, Recover. Implemented continuous improvement for all NIST/CIS controls. Created and completed the first iteration of an annual third party risk management (TPRM) process. Served in various roles including management consulting, SME on a portfolio of cybersecurity related projects, architecture design POC and analyst operations.

Contract SecDevOps. Integrated secure development practices into continuous delivery using cloud native technology. Built secure configurations using Infrastructure as Code. Ensured capabilities for event alerting and response are defined, established and developed in a way to enable automation in CI/CD and cyber incident response. Referenced and implemented OWASP, NIST, DISA, industry and platform SDLC guidelines. Tracked vulnerabilities, supply chain dependencies, configurations, exploits, TTPs, patches and mitigations. Ensure accuracy and auditability in FISMA attestations. Created supply chain security risk evaluations and submitted SCRM (TRM) approvals for all software, libraries and plugins.

Managed cybersecurity program utilizing NIST CSF and CIS Critical Security Controls. Mapped to ISA 62443, FERC, HIPAA and PCI audit specs and guidelines for critical infrastructure cyberdefense. Created system security plans, policies, procedures. Identified gaps, architected improvements and new solutions. Facilitated secure adoption of SaaS, IaaS, cloud automation. Created and improved IR plan and procedures, documented steps for proactive threat hunting and handling compromises utilizing PICERL, MITRE ATT&CK, Cyber Killchain and NIST 800-61r2. Coordinated IR across organization. Managed employee awareness and training including custom content and annual incentives. Supported SLAs for team service catalog including VPN, PAM/PIV, MFA, IDS, Web Proxy, EDR and SIEM. Handled break/fix tickets along with direct reports. Served on 24x7 oncall rotation. Managed direct reports, facilitated staff success, identified training, set goals, nurtured talent, promoted team cooperation and communication. Served as a technical SME on projects related to network segmentation, NAC, asset inventory, secure configuration baselines and implementing an ICS Purdue Model. Work closely with BU's, operational technology and physical security for coordinated risk management and incident response.

Inspired to leave NCAR by an offer to 1) build a measured risk-based ICS security program to supplement existing AWS Security AppSec assessment and monitoring and 2) help develop a custom IDS that would allow me to apply content from current SANS SEC503 for deep packet inspection. Sadly, once in, the IDS project was nixed. Undaunted, I created a process and framework for assessing IT security risk in new DC projects. Adopted and carried forward two projects related to reducing risk and detecting security incidents on datacenter networks and in datacenter business processes. Evangelized CIS Critical Security Controls, NIST RMF and 800-82, as well as adopting measurable and consistent controls with continuous testing and improvement. Wrote "6-pagers" and COEs to support recommendations. I really enjoyed Amazon's work culture, however our "ICS Security" team was split up and redeployed along with projects and tasks as part of 2019's global datacenter operations reorganization.

Recruited back to build a cyber risk assessment practice along with an organization-wide program modeled on previous success in the COSMIC Lab. Based on NIST guidelines, the program goal was to implement functional IT Security that also met compliance requirements (HIPAA, FISMA, CUI, PCI, GDPR, CO/CA Privacy). Highlights:* Created Risk Assessment library, templates and processes* Created Vendor Security Risk Assessment process (pre-HECVAT)* Managed POA&Ms and continuous monitoring for FISMA contracts * Built out Jira epics and tasks for the team, maintained backlog* Established BIA and Conops templates* Wrote and maintained organization Incident Response Plan* Trained and socialized central incident response proceduresBuilt a SOC with: * Incident Response tools, procedures, roles, responsibilities, IR Plan, training and tabletops* Log correlation: ElasticStack based SIEM and syslog forwarders* Network security monitoring: assisted implementation of new cloud based solution with sensors designed to detect pivoting and strategically placed on most valuable network segments* Revitalization of organization-wide vulnerability assessment and remediation, plus IT asset identification* Palo Alto Firewall expansion* Configured Jira Helpdesk SOC queue for IR investigation ticketsBuilt community, shared information with partner organizations, NSF funded FFRDCs, and fellow security professionals. Continued to serve on the CTSC NSF Cybersecurity Summit Planning Committee.

Senior Security Engineer. January 2017-May 2017. Member of fast-paced DevSecOps team managing and deploying defense-in-depth security solutions. AWS, VMware, Linux, BSD, Atlassian, Puppet, git, and open source emphasis for tools and operating systems. Conducted supply chain security risk assessments and implemented security awareness training and phishing campaigns.

COSMIC Lab (2/16-1/17) - Accepted limited term position for the opportunity to design and deploy a FISMA moderate security stack including 2 NG Palo Alto Firewalls for SC and SI controls, Tenable Security Center for RA and AU controls, Incident Response Plan and Procedures integrated with other labs and programs; SELinux CentOS, Ubuntu KVM. Contributed to all documentation, audit preparation, created Continuous Monitoring Plan, risk assessment plan and report. Identified metrics and operational support requirements. Educated and evangelized NIST 800-53 translated into practical application. Helped establish a Compliance office in CISL and wrote POA&Ms for centralized AU and IR. Handed off environment to COSMIC dedicated System Administrators. CISL Lab (12/14-2/16) - Coordinated security and practice decisions across multiple teams and individually-funded labs and departments. Evangelized, gained executive sponsorship, and launched IAM project to migrate from Heimdal Kerberos to Active Directory with 2F SSO, and InCommon Federation. Launched Cloud Vendor Security Assessment program, working closely with Legal, HR and Contracts. Handled incident response. Work with Legal on DMCA takedown notices. Monitored abuse alias. Installed Nessus Pro and established a semi-annual vulnerability scanning program as a service to the labs. Managed legacy Heimdal Kerberos AuthN cluster. Advised division sysadmins on security best practices for MS Windows, Linux/Solaris, Android, iOS, and MacOS, Drupal, Apache, web applications. Prepared and published security bulletins and advisory actions. Deployed and managed micro private cloud consisting of racked servers, Open-E iSCSI storage and KVM. Attended and presented at global conferences for large scale supercomputing and scientific research: NSF Cybersecurity Summit, Internet2/InCommon, CTSC, XSEDE.

Worked on a global devops team to build automation of Linux and Windows VMs on VMware vSphere 5.5 and physical hardware, using custom scripts. Built AWS EC2 POC for possible off-premise hosting. Worked with the InfoSec team to build a virtual distributed processing IDS cluster. Trained on and started Puppet deployment for automating configurations. Served on 24x7 oncall rotation. Redeployed into CorpIT during pre-SAP-takeover company restructuring. Traveled to branch offices for IDF upgrades and facilities moves. Took over Project Management for IDF/MDF redesign and consolidation. Conducted global inventory and documented assets. Deployed asset management system (Device42), planned and trained Bangalore system engineers on inventory process. Designed Corp IT virtual systems lifecycle management. Provided direction for process and documentation through Jira and Confluence Wiki. Worked on project team to implement SSO portal with Okta; mapped requirements and deployment milestones. Started project to identify new backup and recovery solution.

Classic startup venture offering consulting services for system integration with VMware virtualization, HP, Cisco, and multi-vendor solutions, with emphasis on platform integration. Served in “multiple hat” role, with wide consulting scope. Primarily managed internal projects for business definition, consulting scope, standards of practice, CRM (Zoho, Salesforce analysis), data repository, website content and development. Conducted risk and security assessments for projects and internal systems. Evangelized security in virtualized environments. Managed VMware partnership relationship. Served in VCP/VTSP/VSP required VMware partnership role. Started as equity-seeking partner, eventually transitioned to part-time backup project manager.

June 2009-August 2012 - Managed strategic accounts at all stages of design, architect, implement, optimize, for vSphere, vCloud and VMware infrastructure. Highlights: TPM for Symantec account deploying over 10,000 VMs in a secure lab, using Altiris Deployment Manager integrated programmatically with vSphere/vCloud API. TPM for Concur account, lockstep rollout of dev and prod, over 3000 VM environment on vSphere. TPM for Mentor Graphics, rollout of over 5000 VM environment. Created close relationships with clients; held daily and weekly conference calls, delivered "lunch and learns", frequently on site, directly working with the operations teams. Presented quarterly status reports, cutting edge advances, and evangelized Cloud to executive level. Maintained VMware VCP (5/4/3) expertise. Identified, defined and managed milestones, resource requirements, risk, throughout engagement. Evangelized Security; scheduled frequent customer feedback to VMware Security PM. Engaged SME resources, applied best practices, and coordinated team efforts. Gathered metrics for customer relationship management and industry trending. Served as a trusted adviser. Provided ROI analysis and projections for cloud and virtualization investments. Drove support incident resolution. Networked and nurtured relationships throughout VMware and partner ecosystem, in order to more efficiently and effectively bridge teams, technology stacks, and exceed customer expectations. Passionately advocated a Customer First approach throughout my relationships.May 2008-June 2009 - GSS center support engineer for ESX/ESXi/vCenter/vSphere; resolved technical issues spanning all HCL supported third party servers, SANs, switches, applications, as well as core VMware vSphere products. Utilized command line, API, and vSphere Management appliance (vSphere SDK for Perl, packaged on Linux). Leveraged existing Linux/UNIX and Windows administration experience and added additional MS SQL database management.

Project manager and technical consultant for datacenter virtualization and IT automation. Projects included: VMware Server installation, Windows Server 2003 installation and configuration, Microsoft Exchange migration, Vulnerability Assessments, and development of Disaster Recovery Plans.

Weekend 3x12 technical support engineer for Horizon Clinical Healthcare systems. Supported HIPAA controls and security requirements for Healthcare Data. Tracked security bugs and vulnerabilities in the solution stack. Platforms underlying Horizon Clinical software included HPUX, RedHat on x64, and Windows 2003 Server. Utilized HL7 healthcare data format standard.

Assisted with all areas of startup. Installed solar panels, handled bookkeeping and office tasks, upgraded software, deployed cloud services for small business.

On site Consultant, "Quickstart Professional Service" deploying Altiris Server and Client Management Suites on, primarily, Windows 2003. Engaged customers and jointly developed installation plan. Created and deployed customized end-point security solutions. Created Configuration Management policies and hardened OS Golden Images. Installed and configured PXE boot solutions, automated patch installations, configuration lockdown. Trained clients on the products and the importance of Asset Management, Configuration Management, and scaleable security management. Deployed solution stacks to monitor and quarantine endpoints with malware, virus, or configuration violations. Deployed Altiris Helpdesk server and defined workflows, roles and knowledge base management. Wrote and/or modified existing VB custom scripts. Installed and configured SQL Server 2005.

Architected, implemented and managed secure clustered server/storage clusters for remote hands-on student labs. Managed 100+ systems data center with 24x7 on-call, 99% uptime, serving global classrooms. SunBlade servers, SunFire midrange, SF15k, SAN, Solaris, Red Hat, Win2k, VMware Workstation, Apache, VNC, Cisco switches, PIX firewall, Solaris Jumpstart config and deployment. Ran NMAP and Nessus scans to lockdown services. Patched and hardened systems. Provided senior technical resolution in support. Responded to customer reported security incidents and analyzed cases of unauthorized access. Reported security bugs and tracked CVE progress. Served in backline role for Veritas Netbackup, Tape Libraries, and Disaster Recovery (planning and response); resolved issues with Sun branded SANs and Veritas Volume Manager. Gained expertise in a wide array of Sun products in addition to Solaris OS, including SunMC, SunONE JavaApp suite, Sun Linux. Wrote and edited documents for knowledge base. Mentored and trained team members. Participated in user studies, needs analysis and tools rollout. Represented team members in management decision meetings, held weekly technical review sessions, managed the team calendar, scheduled vacation and coordinated incidental time response.

Second tier support specialist focused on Disaster Recovery solutions. Provided architectural design, "how to" answers, and resolved technical issues with Spectralogic branded tape libraries and Alexandria backup software. Worked primarily with UNIX and Linux Operating Systems including Sun Solaris, DEC Alpha, SGI Irix, HPUX, and Red Hat Linux. Wrote and utilized Perl scripts, also ksh and csh scripts, developed expertise in Alexandria and disaster recovery planning/implementation.

Primary daytime operator of WANG mainframe system (ie, the original stateless client implementation). Conducted backups to tape on 8mm, 4mm, and 9-track tape reels. Ran batch jobs. Assisted end users with batch job issues and reporting issues. Maintained HP printers (replaced cartridges, did upgrades, fixed print queue pileups and jams). Helped business teams migrate to Sparc/Solaris and Windows 95 client/server model. Assisted with creation of a helpdesk phone tree and case tracking system. Swapped out dumb terminals for Windows desktops. Worked with business process re-engineering consultants in identifying tasks and dataflows to convert to the new system. Trained on Solaris 2.5; implemented and managed backup solution with Legato Networker.