Strategic Leadership· Lead the development and execution of the organization’s enterprise security strategy.· Align security initiatives with business goals and manage security compliance and engineering teams to create a unified security posture.Governance, Risk, and Compliance (GRC)· Maintain a comprehensive IT risk management program, ensuring compliance with NIST, FISMA, PCI-DSS, CJIS, SOC2 and other regulations through regular audits and assessments.Security Architecture & Engineering:· Oversee the design and implementation of advanced security solutions, including Zero-Trust, IAM, XDR, SIEM, and more.· Strengthen infrastructure security across AWS and On-Prem environments.Incident Response & Crisis Management· Act as a lead during security incidents, coordinating response efforts and managing communication with leadership and regulatory bodies.· Implement post-incident recommendations for improved resilience.Stakeholder Engagement & Communication· Liaise with internal teams, external partners, and regulatory agencies.· Provide data-driven security insights and updates to the executive team to ensure informed decision-making.Vendor & Technology Management· Manage security vendors and optimize technology investments to enhance the organization’s security posture with minimal disruption.

• Lead and manage the security compliance and engineering teams, promoting a culture of security awareness throughout the organization.• Develop, implement and monitor a comprehensive enterprise information security and IT risk management program.• Work closely with the IT and other departments to fortify security protocols and response strategies.• Provide regular status reporting of the security program, focusing on ensuring stakeholders are apprised of risk.• Ensure compliance with applicable laws, regulations, and standards (e.g., NIST, CJIS, HIPAA, FISMA, FedRAMP, SOX, PCI-DSS, etc.) through regular audits and assessments.• Lead the design and implementation of security policies, procedures, and controls that address current and evolving threats while meeting compliance requirements.• Oversee the management of security services, including incident detection and response,vulnerability management, threat intelligence, and threat hunting.• Coordinate security projects across multiple teams, ensuring alignment with organizational goals and compliance requirements.• Serve as a key liaison with internal and external partners, regulatory agencies, and audit bodies.• Provide leadership in the event of a security breach or compliance audit, coordinating response efforts and mitigating impacts.• Work with vendors and BI stakeholders to ensure security requirements are satisfied.

• Lead the effort and take charge of Information Security stack; SIEM, XDR, Vulnerability Management, IAM, Email Security, and more to align with contractual requirements and business objectives.• Drove the Vulnerability Management program with a risk-based approach to achieve compliance with security policies and reduce risk to the organization.• Aided internal team members on security-related issues and champion alignment with organizational security objectives.• Supported the Change Control process by reviewing submitted changes and providing risk analysis to the Change Advisory Board and other stakeholders.• Lead the creation, prioritization, and execution of security projects, ensuring timely completion and alignment with organizational goals.• Ensured work is documented thoroughly, kept current, and aligns with security policies and procedures.• Conducted audits in alignment with the compliance team and provide metrics and reports as needed to support leadership.• Contribute to the development of internal security testing and monitoring processes, educating stakeholders on evolving risk and security technologies.• Collaborated with leadership and other departments throughout the company to identify and address security risk, promoting a proactive approach to risk management.• Conducted threat hunting and monitor activities for potential security risk that could impact BI• Took appropriate actions based on identified Indicators of Attack (IoAs) and Indications of Compromise (IoCs).• Drove a culture of inter-team development, continuous improvement, and upskilling of team members and colleagues.• Collaborated with the compliance team to address compliance mandates and contractual obligations through policy development and process improvement.• Participated in 24/7 on-call duties to support essential business functions and respond to emergencies.

As a founding partner, I played a pivotal role in launching NerdTap, driving its growth from inception to a profitable and fully operational business. My contributions were integral in shaping the company's foundation, ensuring that it was not only functional but also poised for sustainable success with a long-term mission oriented towards customer satisfaction.• Spearheaded the initial business strategy, leading to the successful launch and profitability of the company.• Provided critical insights into operational efficiencies that have become cornerstones of the business model.• Advised on financial strategies that improved cash flow management and investment planning.• Continue to provide strategic guidance in financial, operational, and cybersecurity domains, helping the company navigate complex challenges and capitalize on growth opportunities.• Serve as a trusted advisor to the organization, offering insights that drive both short-term successes and long-term sustainability.

• Management of Microsoft Defender ATP Platform. • Management of Microsoft Defender for Cloud Apps Platform.• Management of Microsoft Purview Platform.• Management of Azure Sentinel.• Reduced security alerts presented by over 65% (False Positive reduction).• Creation and Management of Incident Response Program.• Creation and Management of Security Champions Program.• Contributor to Meeting Compliance Requirements for HIPAA, PCI-DSS, GDPR, CCPA, SOX, and other frameworks.• Contributor to AWS Security Posture Improvements.• Developing and maintaining policies/procedures for Engineering and SOC maturity.• Acts and an on-call escalation point of contact for event monitoring and incident response.

• Management of Tenable.io and On-Prem and AWS Nessus Scanners.• Management of Anti-Virus and Anti-Malware (CrowdStrike/SentinelOne/Symantec SEP).• Management of Data Loss Prevention (Symantec DLP). • Management of SIEM (RSA NetWitness).• Architect and design of Zero Trust (Zscaler ZIA/ZPA/ZDX).• Architect and design of Next-Gen Anti-Virus (CrowdStrike).• Contributor to implementation of Microsoft 365 solution and migration to Azure Active Directory.• Contributor to AWS Security Posture improvements.• Developing and maintaining policies/procedures for Engineering and SOC maturity.• Act and an on-call escalation point of contact for event monitoring and incident response.

• Mentoring/Training Security Engineers and SOC Analysts.• Lead Architect and Engineer for Hardware Refreshes and Software Version Updates.• Endpoint Protection and Monitoring Lead for 60,000+ Endpoints.• Management of Anti-virus and Anti-Malware (Symantec SEP).• Management of Data Loss Prevention (Symantec DLP).• Management of SIEM (QRadar and LogRhythm).• Developing and maintaining policies/procedures for Engineering and SOC maturity.• Acts and an on-call escalation point of contact for event monitoring and incident response.

• Interviewed/Hired Personnel.• Microsoft Server administration (2008r2, 2012, 2012r2, 2016).• Symantec Endpoint Protection Manager.• Microsoft SQL Database Management.• Basic PowerShell and Batch Scripting.• Provided IT Help Desk support.

• Oversaw daily operations of rig personnel. • Daily inspection of rig equipment and operations. Training of personnel in proper equipment operation and technique. • Developed and implement safety programs and procedures for the company. Maintain OSHA standards and available materials for employees. Maintain and update (M)SDS materials for each rig.• Enabled a 4 fold decrease in on-the-job injury rate. (TRIR)

• Server and network management• Website maintenance• Development of interactive PDF order forms (javascript)• Customer relations and sales nationwide• GSA account administration

• Measurement While Drilling (MWD)• Configuration and operation of pressure or electromagnetic pickup equipment to receive drilling telemetry data from down hole drilling tools• Programming of MWD tool for proper operation and communication• Maintenance of the MWD tool• On-site 24/7 while the tool was in operation for monitoring and troubleshooting

• Maintaining and cultivating relationships with auto dealerships• Sales of custom wheels and chrome plating

• Lead sales associate for the Computer and TV departments• Conducted training with employees• Customer service• Computer repair

• Shipping and receiving• Inventory control• Paint stripping wheels via stainless steel media abrasive blast