Developed a team of over 50, which included FTEs, engineers at Comcast India Engineering Center in Chennai, and staff-augmentees. Security assessors ensured the security posture of Comcast Cable, Corporate, and Divisions. Team conducted full security white box testing and cataloged findings for remediation by the system owners. This includes devices, web apps, mobile apps, cloud apps, and internally developed systems. Ensured that the systems met the CIA triad (Confidentiality, Integrity, and Availability) by identifying and scoring those vulnerabilities using CVSS 3.1 base.Conducted operations in support of Secure Development Lifecycle (SDL) in a CI/CD agile environment. Ensured internal customers met or exceeded security standards, including MFA, encryption at rest and in transit to adhere to privacy laws. Supported threat modelling and conducted secure design consultations as requested.Operated a budget of over $5 million for staff augmentation SOWs to conduct assessments. Evaluated vendor output to confirm their output was in accordance with our high standards.Coordinated the workload and input queue of the assessors to ensure the high priority systems were assessed immediately. Assessment was on systems on premise and in various cloud providers, including AWS and Azure.Spearheaded a diverse team of engineers who have world-class skills in penetration testing and security assessment. Personally built and staffed the team by finding engineers who possess the grit, skills, and determination to work in a high-paced and large-scale enterprise. Hired and retained highly professional engineers who freely share information among the team and with peer teams.Empowered engineers to match skills with interest and broaden their abilities through organized activities to search for and identify security gaps in the perimeter and catalog them for remediation. Created a culture of full information sharing including lunch and learn sessions for the team.

Assembled a team that conducted all aspects of penetration testing and vulnerability cataloging. Team cataloged the vulnerabilities and worked with the remediation team on the steps needed to fully remediate the issues.Converted the operational team of firewall engineers to full-time penetration testers and augmented them with senior engineers who helped mentor the junior engineers. Added four team members to the staff that expanded to 11.Created a team of remediation engineers that started with one engineer and expanded to five. This team was responsible for tracking high-risk vulnerabilities, which the assessment team created, to work with system owners to remediate those vulnerabilities within SLAs.Developed the in-house tracking system that tied in the existing vulnerability catalog. Moved the intake from Jira to ServiceNow.

Guided a team that was responsible for managing firewalls, performing risk assessments, and applying rules.Charted a catalog of security vulnerabilities and provided a monthly report of unresolved high-risk vulnerabilities to the division president.

Retired from USAR after 30 years of commissioned serviceCMOC Chief, 354th Civil Affairs BDE, Riverdale, MD; February 2016 to presentUSAR Control Group (IRR) November 2015 to February 2016Civil Affairs Planning Team Chief, 353rd Civil Affairs Command, Staten Island, NY; June 2014 to November 2015Assistant Chief of Staff, G4 (Logistics), 353rd Civil Affairs Command, Staten Island, NY 2/2014 to June 2014Commander of the 436th Transportation Battalion (Movement Control) based out of Staten Island, NY. June 2010 through Sept. 2013Deployed to Kuwait 11/2012 to 7/2013Deployed to Iraq from 9/2008 to 9/2009.Deployed to Iraq from 3/2003 to 4/2004

• Responsible for the overall management of a team of five who were responsible for the NSS Group Wide Area and core networks; Cisco Routers, Cisco and HP switches, Cisco CUCM VOIP telephony systems; Cisco VPN/firewall solutions Cisco ACS appliances, RSA, and Checkpoint Firewalls. • A hands-on manager who continued to work as Senior Network Engineer in coordination with the team. Made informed recommendations for the network infrastructure including hardware and data circuits, which met the needs of the organization, while staying within budgetary limitations.• Coordinated with other groups within the CIO organization to best support the user community in the NSS Group. Worked closely with other managers to ensure that there was continuity within the network and any changes had minimal impact. Ensured the network was in compliance with L-3 Corporate directives.• Migrated entire network of over 25 nodes from AT&T MPLS to CenturyLink MPLS in less than four months• Provided expertise to migrate a newly acquired company to bring its data networks into the L-3 NSS WAN with minimal disruption.

• Senior engineer who earned the respect of both peers and management. Identified as the lead engineer in the absence of the manager. Usually assigned the most difficult tasks that involved changes to existing architecture, or to processes.• Designed and implemented the corporate VPN through Cisco ASA platforms connecting VPN clients through two-factor RSA authentication and pre-login checks that verify the devices connecting are corporate assets. Connected over 25 site-to-site VPN and EZVPN connections using remote ASA devices for remote users and smaller branch offices.• Designed and implemented a redundant solution for the division’s extranet (an air-gapped, internet-only network for employees and customers) which added second ISP to the division’s Reston facility, and added an internet connection in a redundant location in Florida. Designed and implemented a backend AT&T MPLS network for these two hubs and for future connections.• Lead wide area network (WAN) engineer responsible for future planning of hardware and software upgrades and for architecture of WANs. Used considerable experience to troubleshoot any frame relay and MPLS issues. Created redundant dual-homed networks using load balancing using BGP route-maps. • Integral team member who implemented a replacement VOIP system utilizing Cisco Unified Call Manager version 8.x and successfully migrated all IP Phones to the new system for the Reston hub and five other locations. Created comprehensive documentation for Tier 1/2 personnel to do adds, moves and changes. Completed the Cisco CCNA Voice training class.• Due to a merger, designed and implemented a new AT&T MPLS network to allow the two divisions to communicate across the same network. This was done using all new local circuits and upgraded technology. • Using Checkpoint firewalls evaluated and implemented firewall rules based upon user requirements, kept within corporate standards and industry best practices.

• Designed, installed and configured WAN connections for MCI/Verizon managed Services customers. Customers were connected using frame relay and ran many protocols over their networks. • Configured Cisco routers remotely via dialup connections to the console port. Configured the frame relay connections, and also configured and tested ISDN dial backup solutions. Gained experience with all types of ISDN switches throughout the world and the various issues with each different type.• Designed, made recommendations and continuously pursued implementation solutions that best fit each customer. When necessary, implemented solutions such as NAT. Used EIGRP, OSPF, BGP and RIP protocols for routing; either based on the customer's existing network needs, or by my recommendations for the new network.

• On a project basis, designed wide area networks for EDS customers to meet their needs for high-speed access to EDS resources and data centers. Transitioned from EDS to WorldCom through a dual outsourcing agreement between the companies, January 2001.• Oversaw implementation of these networks by writing engineering work orders with installation instructions for Cisco routers, CSU/DSUs and connection to installed circuits. Configure the routers for frame relay, point-to-point access with ISDN backup once the hardware is installed and configured for remote dial access. Worked with network providers to bring circuits to working order.• Troubleshot router configuration problems, errors and other connection issues on a 3rd level basis for help desk personnel.