My current role within Woodstar Labs, a division of AUI, is to assist clients with cyber security program development at a strategic (CISO) level and provide advisory services as a vendor and services agnostic trusted adviser for day-to-day operations and program improvements to IT, security, and business leaders of our clients.--Woodstar Labs is a non-profit, cybersecurity incubator focused on cutting-edge solutions, microelectronics, eLearning, and STEM education. A subsidiary of AUI, Woodstar Labs leverages AUI’s more than 70-years of experience in managing scientific discoveries to build a fast-paced, entrepreneurial environment where good ideas grow into meaningful and impactful achievements.Woodstar Labs’ mission is to support critical infrastructure markets that have not traditionally had the human or financial resources to secure their information systems and operational technologies from malicious cyber actors. We provide high quality services and research and development at a price that makes sense for markets that include state and local elections offices, small-scale energy production facilities, and large-scale scientific facilities.

Our mission is to serve the information security community in and around Charlotte, NC by primarily holding an annual BSides Charlotte Security Conference which offers learning opportunities through talks, activity villages, and capture-the-flag competitions. From time-to-time BSides Charlotte may put on training opportunities and partner with other organizations to bring value added content to the community.

Security+ Instructor for the inaugural National Guard Cyber Boot Camp sessions in 2021 and subsequent 2022 and 2023 sessions for the DoD Cyber Institute at The Citadel.

I served as the Agency CISO for the North Carolina State Board of Elections on a contract through Woodstar Labs, a subsidiary of AUI, Inc. overseeing the agency security program and security liaison for partner entities.

As CISO At LEO, I interfaced with clients and vendors to consult on security programs from the ground level to the board room and work to cater LEO services and our recommendations to specific security program needs.LEO is a seasoned team of cyber trailblazers and creative practitioners who have the deep experience and operational knowledge to combat the cyber skills gap. From information security program and policy development, to virtual security experts to on-demand threat hunting and response, LEO delivers tailored security solutions to your organization through creativity, experience, and commitment.Selected Accomplishments & Activities:LEO Crisis Management Program Team MemberCISO Participation in Charlotte, NC - FireEye Cyber Attack Simulation PanelPanelist AITP Charleston - Outsourcing Risk DiscussionHow to Secure the Four Corners of Modern IT (InfoSecurity Magazine Webinar)

Reporting to the CISO, in this role I was responsible leading a team of information security professionals with duties covering a large variety of tasks, including penetration testing, advanced incident response, malware analysis, equipment loss tasks, governance, audit and compliance activities, risk assessments, employee investigations, and forensics.In addition to the management of the team and operational activities I am also responsible for leadership tasks that include: providing security guidance to IT and business groups, security briefings and presentations at all levels, managing security vendor relationships, strategic program planning, contract review for both internal and external purposes, liaison between law enforcement, policy, governance and compliance relating to security, working closely with and providing security guidance to the audit and legal teams, threat modeling and risk assessment, budgeting, and more.Selected Accomplishments & Activities:• Interim CISO from October 2015 through March 2016• Management of program strategy for combined OpEx/CapEx budget• Setting and extending security program roadmap using NIST CSF• Creation and expansion of an information security playbook providing team documentation and standardized procedures• Key participation in acquisition and divestiture activities, including SPX Flow spin off• Key leadership in yearly goals, projects, and strategic initiatives for the information security program• Key participation in vendor product and service contract review process• Manage regular 3rd party security assessment activities from a strategic level• Successfully drove cultural shift from exclusive to inclusive security culture• Successful roll-out and support of enterprise cloud proxy solution• Participation in annual security webinar, providing presentations on various security topics• Primary trainer for new staff ranging from security analysts to engineers

I am responsible for managing the enterprise server platform across SPX that includes ~1500 systems spanning global data centers and individual office environments. I work to develop and implement system standards, proof of concept evaluations on emerging solutions, perform strategic and capacity planning, facilitate vendor relations, manage platform servers’ team staff, perform cost analysis and budgeting, and work with other operations teams for additional support services. These environments include blade servers and chassis, stand-alone servers, and virtual server farms utilizing VMware technologies, all running a mix of Windows and Linux environments, with platforms ranging from file and print servers to enterprise SAP instances.Selected Duties & Accomplishments• Key involvement with integration and divestment projects• Key involvement with DR, security, infrastructure migration, technology refresh and capacity related projects• Key involvement in process and procedure development to promote standardization• License reduction costs through improvements in capacity and efficiency• Improvement in VM build time through process optimization• Implementation of build tracking mechanism to assist with planning• Implementation of grow-to-size VM build strategy to promote resource efficiency• Management of staff up to a team of 4 senior level engineers and administrators

I moved into an enterprise role within SPX's Enterprise Platform Services team in a system administration/engineering capacity. My primary duties included support for approximately 1,000 physical and virtual servers across 2 U.S. and 1 European data centers. Support required interfacing globally with SPX owned businesses, vendors and our internal engineering, messaging and network teams to work towards problem resolution. Support included primary responsibility for the disaster recovery data center, provisioning, capacity planning, level 2/3 support and project work as assigned.Selected Accomplishments• Primary enterprise Linux administrator• Primary contact for the DR data center facility• Key participation the DR data center build project• Key participation in enterprise product selection• Key participation in job candidate interviews• Participation in security remediation tasks• Participation in server virtualization & migration tasks• 24x7 availability for priority 1 and 2 incident response

My duties included maintaining 24/7 availability of servers and services on our LAN and working with the SPX corporate team to ensure the same availability on our WAN over 8 locations. These duties included server and workstation installation and support, antivirus, patch and backup validation, daily security log reviews, security/virus incident response, network and helpdesk incident resolution at level 2 and higher, data recovery, purchasing and project work.Selected Accomplishments• SPX Corporate DR Data Center build out• Standardization of network and server maintenance• Monitoring system implementation using What's Up• NAS to iSCSI evaluation & storage expansion• EFS feasibility and security testing• Participation in DR planning and testing activities• Participation in NT4 to AD global migration• Implementation of per-floor VLAN deployment• Data Center power/network infrastructure updates• STAR Award Recipient (Silver Level)• 3 years chairing the KCCC committee with $10k budget• Emergency first responder (First Aid/CPR/AED Certified)

I was hired to assist with Quality Assurance in the ATAC (Advanced Technical Assistance Center) group, as well as, work on refining and administrating the scheduling of staff with the Data Solutions Center group within ATAC. I also helped with call center statistics analysis for the DSC and, in turn, worked to provide recommendations regarding the future scheduling of staff to provide the best coverage and improve service levels. This required work with Microsoft Excel, Erlang formula and Nortel Symposium software.

The duties of my position included direct supervision over the 3 technicians employed in the shop and maintenance of the company's network and server equipment. I was also responsible for web based sales, development and the implementation of consumer dial-up services, the layout of the retail storefront, and some inventory management. I installed and maintained the companies Linux server and standard network services. I also provided second tier support for clients which included installation, repair, general maintenance, advanced troubleshooting and remote administration of their networks and servers.

I was originally hired as lead technician to assist in with computer repair and network services. I was promoted to store manager reporting directly to the owners. My responsibilities were handling customer and vendor relations, advertising and marketing, sales work, managing up to 3 technicians and all business finances.Two major accomplishments in this position included working with our accountant to recreate and restructure the company's QuickBooks file to provide better resource and financial management and remodeling the customer section of the store to provide better product visibility to customers.

I was team lead of the customer service section of the Quality Assurance department that fielded calls for RCN Cable customer service. I was responsible for providing feedback to agents employed with Affinitas and several external companies (such as AOL) in order to ensure better sales and customer service quality. I took initiative to plan, design and begin the implementation of a QA score-tracking database for long term agent analysis. This system used a Microsoft Access front end and MySQL database installed on a Linux server. I was also involved with assisting IT/Network technicians with various troubleshooting tasks and repairs to the companies equipment.I was re-hired as supervisor for the company's newest marketing customer at the time, AOL. In this position I was responsible for the day-to-day supervision of up to 40 sales agents on my team. I was also in charge of training and cross-training sales agents to the AOL program. I officially left the position in May of 2003 but still helped supervise one night a week and train new agents to the program through the fall of 2003.

My primary duties included maintaining the LAN, WAN and dial-up customer services for the Lawrence store. I also handled web sales, development, and other projects as needed.One major accomplishment in this position was planning and implementing the migration of the existing ISP setup from a single NT4 server to multiple Linux servers in order to provide a more scalable infrastructure and work to prevent a single point of failure for all services. All aspects of the migration were accomplished with no downtime.