Roles and Responsibilities:- Enabled Cyber Incident Response Team (CIRT) with SIEM / SOAR detections and automations to more quickly identify and respond to threats, minimizing time to resolve security incidents and preventing attackers from having sufficient time to move laterally, exfiltrate data, or obtain any other end goal.- Developed and implemented Microsoft Sentinel KQL-based queries, functions, and data normalizations to enable ecosystem-wide log correlation, reducing operational complexity by 40%.- Developed, documented, and socialized risk-based cybersecurity strategies necessary to lead technical implementation and translate InfoSec initiatives and requirements to business-value-focused executives.Successes- Consistently demonstrated technical expertise with cross-functional engineering teams to lead narratives that convey balance between confidentiality, integrity, and availability resulting in gained trust and improved working relationship between teams.- Conducted risk analysis and threat modeling to identify threat vectors and designed cost-effective detection and response solutions resulting in 99% automated threat identification and prevention.Major Projects- Documented and diagrammed ecosystem-wide assets and threats to enable cross-functional team coordination and facilitate organization-wide InfoSec initiatives. Required virtual one-on-ones with each member of Operations team. I successfully leveraged Dale Carnegie's principles to guide conversations with intent, through a few difficult engineering personalities, to a quick completion of the project within 30 days. Enabled seamless communication and quick completion of 14 follow-on projects.

- Lead and manage the development and implementation of security controls and processes to meet NIST CSF, NIST RMF, and SOC 2 Type 2, and CMMC requirements.- Conduct security assessments and audits to identify and mitigate risks.- Develop and maintain security documentation, such as System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), and Security Assessment Reports (SARs).- Work with cross-functional teams to implement and enforce security policies and procedures.- Analyze and recommend security controls and procedures throughout the information systems lifecycle, from acquisition and development to change management. - Ensure that security controls and procedures are in place for all business processes that use information systems and assets.- Develop monitoring and visibility capabilities, and report on incidents, vulnerabilities, and trends.- Respond to information system security incidents which includes investigating incidents, developing countermeasures, and recovering from computer-based attacks, unauthorized access, and policy breaches.- Administer authentication and access controls through IAM, utilizing principles of zero trust architecture.- Analyze trends, news, and changes in the threat and compliance environment with respect to organizational risk. - Analyze and develope information security governance including developing and implementing organizational policies, procedures, standards, baselines, and guidelines with respect to information security and the use and operation of information systems.- Develop and administer, or provide advice, evaluation, and oversight for, information security training and awareness programs.

• Provided an innovative approach to cyber security• Developed new evidence based security and compliance assessment method, reduced time required to one week• Sectors included but not limited to: Federal and State Contractors, Medical Practices, Dental Offices, Law Firms, Financial Firms, Manufacturers, Marketing Firms, and Small-Medium Businesses (SMBs)• Engineered BigData Log Analytic System which uncovers Cyber Threats across enterprise• Ensured Regulatory Compliance for each clients’ Federal, State, and industry imposed requirements• Designed and coded with an automation and integration mindset which ensured continuous security and reliability• Orchestrated IT operations and IT staff to design, develop, implement, maintain, and secure customer infrastructure • Designed and implemented high-availability redundant data center servers and systems to provide customers with essential business services and regulatory compliance• Provided regulatory compliance to the commercial and private sectors through the use of proprietary cost-effective tailored solutions• Developed tailored technology road maps to diversify and advance verticals of business operations• Interfaced with multiple development and operations teams, external clients, and reported to C-Suite• Architect and lead efforts to build proprietary all-inclusive turn-key Cybersecurity offering• Implement cyber threat analysis automations to assist security researchers and thwart cyber-attacks faster and more reliably than manual threat hunting alone• Successfully built unique infrastructure and security technologies that enabled growth of an MSSP established in 2015, leading to multi-million dollar investment.• Designed, coded, and led development teams to generate 30 plus unique Cybersecurity related services with NIST Cybersecurity Framework from the ground up• Lead teams and participate in Risk Assessments, Penetration Tests, and Incident Response

• Established infrastructure support and security incident communication channels for Lang Support Center• Led team to configure, monitor, and secure 350+ endpoints and associated networks for first Lang I.T. cli-ent• Managed and secured the existing technologies; Cisco Prime Infrastructure, 200+ Cisco Aironet AP, Active Directory, Hybrid Exchange, SCCM, and GPOs• Led Configuration Management and Change Management initiatives and implemented ITIL guidelines to ensure security baselines were implemented and enforced• Spearheaded creation of new IT and Helpdesk services designed to support Lang Company’s IT and Secu-rity Services clients, resulting in first ever $20M annual revenue year• Assisted in developing automated integration between PSA and On-Site ticketing system using REST API• Managed secure identity management including Active Directory, Azure AD, and on premise Identity Pro-vider• Enabled secure remote access support for all Servers, Desktops, Laptops, Phones, Tablets with RMM• Maintained regulatory compliance and cyber risk mitigation through NIST best practices• Ensured client business continuity by designing and implementing geographically redundant backup solu-tion• Directly answered calls from End Users to resolve their issues and track in ticketing system• Performed Network Assessments to identify and mitigate vulnerabilities, PII, and risk• Managed and secured networking equipment such as Switches, Routers, IPS, and Firewalls• Monitored and correlated security alerts from multiple systems, identifying threats and adjusting security posture• Installed and configured endpoints with EDR, log collection, and host based web proxy• Managed Exchange mail flow rules and email security appliance

• As a COMSEC (Communications Security) Responsible Officer, duties included safeguarding, controlling, and destroying COMSEC material routinely and during an emergency• Responsible for accessing, using, producing, developing, moving, storing, accounting for, and disposing of COMSEC material, including two-person integrity (TPI) for all TOP SECRET COMSEC keys and TOP SECRET key-generating equipment • Position inspired security and accountability posture that translated into every aspect of Information Technology• Achieved the rank of Staff Sergeant (E-5) prior to separating after a 6 year career• Managed $10 Million IT infrastructures and multiple teams of personnel• Honorably discharged and achieved many awards including an Achievement Medal for Meritorious Service and PACAF 2008 Communications-Electronics Systems Outstanding 2E Airman• Proudest achievements was engineering a security methodology that the entire Air Force has now implemented, 802.1x, submitted the idea to the Pacific Air Forces early in career while stationed in Japan and was authorized to lead Misawa AB in the testing of the system which ultimately saved over 2,000 man hours per base each month (3 seats/24hrs). It replaced "Port Security" management for all network switches on baseMajor Accomplishments:• U.S. Air Force Veteran - SSgt (E-5) - Top Secret Security Clearance (expired) - 6 Years• Decorated in the traditional manner as well as for technical expertise• Engineered security methodology that the entire Air Force has now implemented, 802.1x, submitted the idea to the Pacific Air Forces early in career while stationed in Japan and was authorized to lead Misawa AB in the testing of the system which ultimately saved over 2,000 man hours per base each month (3 seats/24hrs). It replaced "Port Security" management for all network switches on base.• Managed multiple teams of personnel through multi-million dollar network upgrades