- DevSecOps and SDLC

• Developed DCO Virtual Capstone environment for and with Amazing Instructors; automated provisioning, configuration, and security of host/network infrastructure using DevSecOps Agile methodologies• Leveraged agile methodology and practices to containerize and automate the deployment of security appliances, applications, and host and network security tools using infrastructure and configuration as code.• Orchestrated automation processes for virtual environment provisioning using Ansible, AWX, and Cloud-Init,facilitating the swift deployment of virtual resources.• Automated deployment of multiple OS ( Red Hat Ent. Linux, Debian, Windows 10, Windows Server 2019), Active Directory enterprise network, with 150+ systems, 15 Subnets environment with full Red, Blue, and Gray space sim.• Utilized Docker and local GitLab source control for efficient deployment of training environments, encompassing threat emulation, security tool suites, blue team operations, and simulated user traffic and activities.• Engineered comprehensive documentation and design for enhanced training experiences, integrating full threat emulation, security tools, and simulated enterprise environments into deployed training environments.

• Directed and managed computer network defense and information assurance programs for a large employee organization, overseeing security infrastructure, event analysis, incident response (IR), and policy compliance while leading a team of security engineers.• Led cybersecurity workforce and user awareness training for administrators and users, ensuringcompliance with Department of Defense cybersecurity training regulations.• Developed and instructed multiple iterations of security training, resulting in 29 Administrators obtaining Security+ certifications and organizational compliance with DoD workforce regulatory requirements.• Deployed network security tool suites on remote networks, including McAfee Enterprise Security Manager, Palo Alto NGFW, Security Onion, and Splunk Enterprise SIEM, facilitating incident response and threat detection.• Created custom Splunk dashboards, aggregating network, system, and security appliance logs, events, and alerts; identified and resolved confirmed threats during exercises and operations.• Established and managed a Tier III SOC directing daily operations and continuous monitoring and incident response team during a 9-month international operation.• Defined Security Operations Center checklists, incident response strategies, and defensive threat intelligence. Provided weekly briefs to multinational executive leadership; outlined quantitative and qualitative measures and efforts to reduce risk and protect critical resources • Engineered network security rules for Palo Alto Next Generation Firewalls adhering to NIST 800-53, ISO 27K, CISA, and CIS best practices.• Recognized by executive leadership for successfully defending against red team operations during major organizational exercises, which provided invaluable feedback to IR/Handling procedures for continual improvement

• Administered and secured healthcare systems and virtualization enclaves in complex, multi-vendor enterprise environments, meeting HIPAA compliance and NIST 800-53 security controls.• Led risk and vulnerability management team through a vigorous cybersecurity program that generated a 99% compliance rate for servers and user workstations across the enterprise network.• Significantly reduced attack-hardened medical information systems; developed Powershell script that parsed, converted, and automated application of security settings specific to the system’s operational environment • Performed as the organization’s Trusted Agent to the DoD PKI infrastructure, ensuring customer and system Identity Access Management (IAM), performed system administration and network administration to ensure functionality.• Provided PKI & IAM technical support, troubleshooting for the Defense Customer Assistance Module, enabling secure SQL database transactions for sensitive controlled medications and medical supplies for remote sites serving patients.• Supported multinational medical theater task force, providing 24/7 security monitoring for healthcare, command, and control systems during global exercises, and a FEMA-directed real-world crisis response.• Performed network and system scanning, vulnerability assessments and implemented remediation strategies for exposed network attack surface via Tenable Nessus / Security Center

Previous experience: Operations Officer / Directorate Operations Security Manager at US Africa Command, Stuttgart, Germany (2011-2014); Jr Network Engineer, US Southern Command, Miami, Floridia (2009-2011), Information Systems Team Lead, 10 th Special Forces, Fort Carson Colorado, (2007-2009), Network Technician, 1 st Armor Division, Wiesbaden Germany, (2003-2007)