TripleLift is the advertising technology company reinventing ad placement at the intersection of creative, media and data. Our marketplace serves the world’s leading brands, publishers, streaming companies and demand-side platforms, executing over 1 trillion ad transactions every month. Customers choose us because of our addressable offerings from native to online video to connected television, innovations that insert brands into content in real-time, and supportive experts dedicated to maximizing partner performance.Some accomplishments in this role include:• Play a critical role in building and maintaining a global security compliance program based on NIST CSF• Enhance SDLC to promote secure application development and infrastructure deployment, and facilitate secure-coding remediation activities• Coordinate with stakeholders to develop and implement a vulnerability management program and to perform threat-hunting activities• Configure and manage security monitoring tools related to protecting servers, endpoints, and the data within, including SIEM and EDR• Assess and improve security posture of cloud-based infrastructure in alignment with CIS benchmarks• Enhance and facilitate security incident handling activities• Evaluate engineering and infrastructure projects for proper alignment to security controls, and report identified risks through appropriate channels• Create and manage security procedure documentation• Evangelize security best practices and provide education and awareness to company employees• Evaluate and continuously improve the maturity of the security program through deployment and management of various security tools and processes

Truepill offers end-to-end management of telehealth, digital services, and pharmacy fulfillment. As a Senior Security Engineer, I help manage and mitigate risks for the large startup company. I collaborate with Security Officers and stakeholders to prioritize and execute risk management initiatives. I often conduct research to identify and report technology gaps, implementing process improvements to reduce risks. In this role, I work alongside Cloud Service Providers (CSPs) to validate the vulnerability management security posture of their products and services.Some accomplishments in this role include:• Serve as the Subject Matter Expert for threat and vulnerability processes and technology.• Spark continuous improvement by analyzing and reporting on program effectiveness.• Remediate vulnerabilities by partnering with Program Managers, Developers, and SREs.• Lead roadmap development for application threat and vulnerability management program.• Collaborate with external Penetration Testers to ensure applications are scanned and remediated prior to major updates and releases.• Design and implement Release Management program to ensure vulnerable application code is discovered and remediated before entering production environments• Achieved HITRUST certification after successfully creating and implementing threat and vulnerability management program.

I multi-tasked to perform the duties of both an Information System Security Officer and an Information System Security Manager while working for the Department of Defense. During my time at the DoD, I monitored security for a large healthcare facility servicing 300+ staff members. I managed a unique system of internal controls to ensure compliance with the risk management and regulatory framework. I leveraged Tenable to conduct extensive vulnerability scanning and identified ways to improve pre-established metrics. My duty was to address all safety concerns, potential risks, and discrepancies and offer proactive risk management.Some accomplishments in this role include:• Ensured compliance across multiple parties by coordinating all cybersecurity inspections, tests, and reviews.• Adjusted strategies to encourage improvement during a key transition from Air Force to DHA.• Boosted efficiency and better mitigated risks after developing 1k+ pages of new processes and procedures deployed throughout headquarters.• Served as a Subject Matter Expert for risk management framework and process improvements.• Served as the Primary Cybersecurity Technical Advisor to the AO for DOD IS and PIT systems under their purview.• Co-authored 25 risk management framework documents detailing network operations and management procedures.

As an ICBM Deputy Combat Crew Commander, I led a team charged with maintaining up to 20 intercontinental ballistic missiles while on alert. I oversaw all aspects of security and field maintenance, often directing staff by phone. I coordinated on and off-site maintenance activities. I also managed safety measures to help support personnel in the flight area.

Bluetowne is a small consulting firm dedicated to providing clients with strategic IT solutions. As a Senior System Administrator, I managed up to 75 client accounts, working closely with each client to better understand their needs and design network solutions and business infrastructure. In this role I planned, coordinated, modified, implemented and mitigated risks for high priority action items.Some accomplishments in this role include:• Promoted after demonstrating success as an Intern and Computer Technician.• Configured a wide range of devices, interfaces, and applications software on information systems devices.• Expanded the client base by conducting research and lead generation to identify new opportunities.• Resolved hardware and software malfunctions and ensured all systems were properly maintained and operational.• Improved services by leading new hardware and software updates for client network assets.