Making improvements in vulnerability management at a global ISP. Building processes to enhance security through vulnerability management within resource constraints. Ensuring consistency, integrity, and usability of vulnerability information for business owners. Contributing to efforts to establish and maintain compliance with multiple security frameworks and regulatory requirements. Translating deficiencies into risks that are expressed in a multi-tiered risk management process. Coordinating with the Security Operations Center (SOC) and Incident Response (IR) teams for identification, mitigation, and remediation of critical vulnerabilities.

Supported a local utility in evaluating cybersecurity concerns for the enterprise portfolio including financial, human resources, logistics, and specialized systems. Member of the team that assessed security for the Customer Information System (CIS) migration to a newer technology platform. This migration consisted of an integration between on-premise and cloud technologies, that enhanced the ability of the business to manage current and future needs in the changing regulatory environment. Provided continued cybersecurity engineering support through various lifecycle changes on established systems.

Employed as a Senior Cybersecurity Engineer at the Department of Navy Security Control Assessor (SCA) office. Projects include developing process and policy for the Navy transition and execution of the DoD Risk Management Framework (RMF), specifically related to Risk Assessments and technical testing.Led a team of 22 cybersecurity analysts performing risk analysis at the Office of the Navy Security Control Assessor, as Deputy Program Manager.Instructed Sentek Global's Navy RMF Validator courses in addition to developing course material for the DoD Risk Management Framework (RMF) and advanced testing techniques for DoD Cybersecurity customers.Authored numerous position papers in support of the Navy's transition to RMF, highlighting potential efficiency gains and correcting deficiencies in the assessment process.Completed 9 month project supporting the Naval Medical Center, San Diego. Supported Command Information Assurance Manager for all aspects of cybersecurity to include acquisition, planning, impact analysis, engineering, and policy development. NMCSD is a large facility with 30 satellite activities comprised of nearly 10000 IP-addressable assets. Tasking supported all DOD FISMA requirements in addition to HIPAA and JCAHO compliance.

Information Assurance Program Manager for upgrades to range assets at the Pacific Missile Range Facility (PMRF) in Kauai.Performance in this role has included acting as a Certification Agent and consultant. Information Systems supported have included networks, radars, telemetry, and optics. All assets are used primarily for testing of various Ballistic Missile Defense technologies. Other duties include authoring policies and procedures on a system and organization-wide level. Tasking included performing security assessments at the facility, enclave, and system level. Evaluated compliance with technical and administrative Information Security controls and provided recommendations for improvement. Facilitated agreements between security authorities and translated unique security requirements into common elements. Specialties include managing IA for systems designated as Platform IT (PIT).

Senior Systems Engineer for a Foreign Military sales project. Built and maintained testing facility for C4I and Link 16 products being sold under the Foreign Military Sales Program at SPAWAR System Center Pacific. Test environment was composed of multiple technologies including Microsoft Windows, SUN Solaris, CISCO 6500 series equipment, Juniper VPN devices, and an array of supporting equipment.

Employed supporting the Navy - Marine Corps Intranet (NMCI) as a System Engineer. Performed application and operating system testing and evaluation for use in the Enterprise. Tested Microsoft Windows and major applications used for the baseline build across 14 hardware platforms. Evaluated and provided recommendations for Enterprise-wide Group Policy Object (GPO) for enforcement of DoD Information Security requirements. Developed engineering documentation in support of security control implementations.