Franchise Store Co-Owner

• Nov 2022 - Present

Lego Reseller Store Lego Reseller Store

Sr. Data Protection Enterprise Security Architect - Remote

• Aug 2022 - Present

Cloud Enterprise Security Architect - Remote

• Mar 2022 - Aug 2022

Security Architect - Remote

• Oct 2020 - Mar 2022

- Part of a team of Security Architects to design solutions for Fidelity National Financial (FNF) and all of its various subsidiaries - Work with Operations, Legal, Information Governance, etc. teams to build secure solutions - Use of ASC, M365 Security and Compliance, MCAS, and other MS security tools to protect a primarily Azure cloud environment - Assist subsidiaries with other non-MS cloud environments, such as GCP or AWS - Work with Operations to secure various corporate… Show more - Part of a team of Security Architects to design solutions for Fidelity National Financial (FNF) and all of its various subsidiaries - Work with Operations, Legal, Information Governance, etc. teams to build secure solutions - Use of ASC, M365 Security and Compliance, MCAS, and other MS security tools to protect a primarily Azure cloud environment - Assist subsidiaries with other non-MS cloud environments, such as GCP or AWS - Work with Operations to secure various corporate environments, roaming users, and third-party applications ex. Monitor and eliminate unauthorized OAuth consent of Enterprise Apps in Azure - Creating a DLP Program, from the ground up, to build processes and standards around AIP/MIP data discovery, M365 Compliance DLP, Zix, and other non-MS DLP products, in order to increase data visibility and protection across the whole organization

Founder, Owner, and Personal Consultant

• Jan 2022 - Present

SIC offers IT and Security career assistance and guidance. A Personal Consultant (PC) is assigned a one-on-one responsibility to mentor, coach, and meet our client's personal needs. This personal, career consulting service is for those entering the industry, crossing over from another career discipline, or already an IT/Sec professional and need to plan out next steps and goals. SIC offers IT and Security career assistance and guidance. A Personal Consultant (PC) is assigned a one-on-one responsibility to mentor, coach, and meet our client's personal needs. This personal, career consulting service is for those entering the industry, crossing over from another career discipline, or already an IT/Sec professional and need to plan out next steps and goals.

Sarasota InfoSec Community - Founder and Owner

• Mar 2019 - Jan 2022

SIC is a local security community I started in SW Florida. Its goal is to spread the awareness of security in Florida, collaborate with established security organizations and other communities, and grow opportunities for virtual/physical security events, conferences, training sessions, and in-person meetups for locals who can't travel to large FL security hubs, such as Tampa or Orlando. SIC is a local security community I started in SW Florida. Its goal is to spread the awareness of security in Florida, collaborate with established security organizations and other communities, and grow opportunities for virtual/physical security events, conferences, training sessions, and in-person meetups for locals who can't travel to large FL security hubs, such as Tampa or Orlando.

Sr. Security Engineer/Architect/InfoSec Team Tech Lead

• Jun 2018 - Oct 2020

- Acts as Technology Lead who mentors, guides, and openly shares my knowledge/experience with the PODS InfoSec and other IT teams. - Core member of PODS Architecture Review Board (ARB) - Engineer, design, implement, and support security products and solutions for endpoint, network, systems, mail, applications, etc. - Work alongside the PODS IT and app/web development teams to promote and support secure, technical practices and improve the overall corporate security posture. -… Show more - Acts as Technology Lead who mentors, guides, and openly shares my knowledge/experience with the PODS InfoSec and other IT teams. - Core member of PODS Architecture Review Board (ARB) - Engineer, design, implement, and support security products and solutions for endpoint, network, systems, mail, applications, etc. - Work alongside the PODS IT and app/web development teams to promote and support secure, technical practices and improve the overall corporate security posture. - Provide product, vendor, and implementation security reviews to the business. - Architect and Design secure Azure solutions Show less - Acts as Technology Lead who mentors, guides, and openly shares my knowledge/experience with the PODS InfoSec and other IT teams. - Core member of PODS Architecture Review Board (ARB) - Engineer, design, implement, and support security products and solutions for endpoint, network, systems, mail, applications, etc. - Work alongside the PODS IT and app/web development teams to promote and support secure, technical practices and improve the overall corporate security posture. -… Show more - Acts as Technology Lead who mentors, guides, and openly shares my knowledge/experience with the PODS InfoSec and other IT teams. - Core member of PODS Architecture Review Board (ARB) - Engineer, design, implement, and support security products and solutions for endpoint, network, systems, mail, applications, etc. - Work alongside the PODS IT and app/web development teams to promote and support secure, technical practices and improve the overall corporate security posture. - Provide product, vendor, and implementation security reviews to the business. - Architect and Design secure Azure solutions Show less

Sr. Information Security Engineer

• May 2016 - May 2018

Technical Lead on multiple projects - SIEM, Multi-factor Authentication, Internet Resiliency WAF - Akamai Kona Site Defender Vulnerability Scanner - Tenable Security Center, Nessus Firewall - monitor access and verify rules on Checkpoint appliances Monitoring - Solwarwinds Orion Suite, Riverbed ARX, Ixia NTO 7300 Tap Aggregation Proxy - McAfee Web Gateway Reporting - McAfee Web Reporter IDS/IPS - McAfee NSP (Network Security Platform) Endpoint Security - McAfee ePO… Show more Technical Lead on multiple projects - SIEM, Multi-factor Authentication, Internet Resiliency WAF - Akamai Kona Site Defender Vulnerability Scanner - Tenable Security Center, Nessus Firewall - monitor access and verify rules on Checkpoint appliances Monitoring - Solwarwinds Orion Suite, Riverbed ARX, Ixia NTO 7300 Tap Aggregation Proxy - McAfee Web Gateway Reporting - McAfee Web Reporter IDS/IPS - McAfee NSP (Network Security Platform) Endpoint Security - McAfee ePO (ePolicy Orchestrator) DLP - McAfee DLP AAA - Cisco ACS, Gemalto/SafeNet Authentication Server with MobilePass OTP two factor auth VPN - Juniper/PulseSecure PSA 3000/5000 appliances and Pulse Connect Secure mobile clients Certificate/PKI - Microsoft 2012 R2 internal CAs, Trustwave and Symantec external CAs Show less Technical Lead on multiple projects - SIEM, Multi-factor Authentication, Internet Resiliency WAF - Akamai Kona Site Defender Vulnerability Scanner - Tenable Security Center, Nessus Firewall - monitor access and verify rules on Checkpoint appliances Monitoring - Solwarwinds Orion Suite, Riverbed ARX, Ixia NTO 7300 Tap Aggregation Proxy - McAfee Web Gateway Reporting - McAfee Web Reporter IDS/IPS - McAfee NSP (Network Security Platform) Endpoint Security - McAfee ePO… Show more Technical Lead on multiple projects - SIEM, Multi-factor Authentication, Internet Resiliency WAF - Akamai Kona Site Defender Vulnerability Scanner - Tenable Security Center, Nessus Firewall - monitor access and verify rules on Checkpoint appliances Monitoring - Solwarwinds Orion Suite, Riverbed ARX, Ixia NTO 7300 Tap Aggregation Proxy - McAfee Web Gateway Reporting - McAfee Web Reporter IDS/IPS - McAfee NSP (Network Security Platform) Endpoint Security - McAfee ePO (ePolicy Orchestrator) DLP - McAfee DLP AAA - Cisco ACS, Gemalto/SafeNet Authentication Server with MobilePass OTP two factor auth VPN - Juniper/PulseSecure PSA 3000/5000 appliances and Pulse Connect Secure mobile clients Certificate/PKI - Microsoft 2012 R2 internal CAs, Trustwave and Symantec external CAs Show less

IT Security Engineer

• Feb 2015 - Mar 2016

Sole IT Security Engineer at JH covering all areas of security such as Network Security, Application Security, Systems Security, and Endpoint Security. Collaborated with various business departments and IT Operations team to design secure network, server, web application, and end point security solutions. Worked in partnership with Network Engineers on Palo Alto Firewall rules and configuration Utilized Nessus to run weekly vulnerability scans for review and… Show more Sole IT Security Engineer at JH covering all areas of security such as Network Security, Application Security, Systems Security, and Endpoint Security. Collaborated with various business departments and IT Operations team to design secure network, server, web application, and end point security solutions. Worked in partnership with Network Engineers on Palo Alto Firewall rules and configuration Utilized Nessus to run weekly vulnerability scans for review and remediation Managed and handled application security, worked directly with developers on custom built software, and examined software and infrastructure for security holes. Used Burpsuite and other Kali Linux tools for website testing. Organized, Configured, and Maintained internal Microsoft PKI with Windows 2008/20012 CA Servers Managed DV/EV external certificates in Entrust Cloud Certificate Portal Created/managed CSRs, PFX, PEM, P7B, CER, CRT, KEY files using certutil, certreq, openssl Facilitated Authenticode EV/DV Code-Signing Certs using signtool.exe commands and safenet 5100 eTokens Redesigned SEP (Symantec Endpoint Protection), reviewed the security policies and features, rolled new system. Monitored the Symantec Mail Gateways to detect DLP through email with custom regex rules Created policy rules and monitored Incapsula’s cloud-based Web Application Firewall (WAF). Used the Incapsula cloud management portal to manage DDOS applications, as well as web security protection such as cross site scripting, remote file injection, etc. Monitored and Configured SecureVue SIEM (Security Information and Event Management) along with Splunk Cloud Administered Orion NPM/NCM, Zenoss, and other network monitoring solutions Created custom server hardening guides for server administrators to follow for new builds that follows NIST guidelines, but were designed with the organization operational/security needs. Maintained Kount Cloud-Based Anti-Fraud Portal Show less Sole IT Security Engineer at JH covering all areas of security such as Network Security, Application Security, Systems Security, and Endpoint Security. Collaborated with various business departments and IT Operations team to design secure network, server, web application, and end point security solutions. Worked in partnership with Network Engineers on Palo Alto Firewall rules and configuration Utilized Nessus to run weekly vulnerability scans for review and… Show more Sole IT Security Engineer at JH covering all areas of security such as Network Security, Application Security, Systems Security, and Endpoint Security. Collaborated with various business departments and IT Operations team to design secure network, server, web application, and end point security solutions. Worked in partnership with Network Engineers on Palo Alto Firewall rules and configuration Utilized Nessus to run weekly vulnerability scans for review and remediation Managed and handled application security, worked directly with developers on custom built software, and examined software and infrastructure for security holes. Used Burpsuite and other Kali Linux tools for website testing. Organized, Configured, and Maintained internal Microsoft PKI with Windows 2008/20012 CA Servers Managed DV/EV external certificates in Entrust Cloud Certificate Portal Created/managed CSRs, PFX, PEM, P7B, CER, CRT, KEY files using certutil, certreq, openssl Facilitated Authenticode EV/DV Code-Signing Certs using signtool.exe commands and safenet 5100 eTokens Redesigned SEP (Symantec Endpoint Protection), reviewed the security policies and features, rolled new system. Monitored the Symantec Mail Gateways to detect DLP through email with custom regex rules Created policy rules and monitored Incapsula’s cloud-based Web Application Firewall (WAF). Used the Incapsula cloud management portal to manage DDOS applications, as well as web security protection such as cross site scripting, remote file injection, etc. Monitored and Configured SecureVue SIEM (Security Information and Event Management) along with Splunk Cloud Administered Orion NPM/NCM, Zenoss, and other network monitoring solutions Created custom server hardening guides for server administrators to follow for new builds that follows NIST guidelines, but were designed with the organization operational/security needs. Maintained Kount Cloud-Based Anti-Fraud Portal Show less

Cisco Network, Voice, Security Engineer

• Oct 2013 - Feb 2015

• Researched, Designed, Implemented, Troubleshot, and Maintained the following Network Security/VoIP/Infrastructure solutions: • Network Security Tools: o Cisco 5505 and 5520 Firewalls/VPNs o Cisco AnyConnect Secure Mobility Client o Cisco 2960 series switches with Layer 2/3 Protection, o Nexus 5548 core switches with FEXs (Fabric Extenders) o Barracuda Email and DLP protection o Security Onion open-source NIDS, Snort, Squert, Bro, DLP regex scan, Syslog, network… Show more • Researched, Designed, Implemented, Troubleshot, and Maintained the following Network Security/VoIP/Infrastructure solutions: • Network Security Tools: o Cisco 5505 and 5520 Firewalls/VPNs o Cisco AnyConnect Secure Mobility Client o Cisco 2960 series switches with Layer 2/3 Protection, o Nexus 5548 core switches with FEXs (Fabric Extenders) o Barracuda Email and DLP protection o Security Onion open-source NIDS, Snort, Squert, Bro, DLP regex scan, Syslog, network security monitoring • Wireless Infrastructure with WPA2 Enterprise, WPA2 Professional, and Guest SSIDs o Windows 2008/2012 CA Servers o Cisco 5508 WLCs (Wireless LAN Controllers) with FlexConnect, Autonomous, Standalone APs o Windows 2012 R2 NPS (Network Policy Server) for Radius Authentication • Network Monitoring Tools: o Orion NPM o Cisco Prime Infrastructure o UCS Manager with PowerTool PowerShell Module • VoIP o Cisco Unified Communication Manager with CUCX, CUC, CUPS, and CER o Cisco 8945 phones, CIPC, and jabber communications Show less • Researched, Designed, Implemented, Troubleshot, and Maintained the following Network Security/VoIP/Infrastructure solutions: • Network Security Tools: o Cisco 5505 and 5520 Firewalls/VPNs o Cisco AnyConnect Secure Mobility Client o Cisco 2960 series switches with Layer 2/3 Protection, o Nexus 5548 core switches with FEXs (Fabric Extenders) o Barracuda Email and DLP protection o Security Onion open-source NIDS, Snort, Squert, Bro, DLP regex scan, Syslog, network… Show more • Researched, Designed, Implemented, Troubleshot, and Maintained the following Network Security/VoIP/Infrastructure solutions: • Network Security Tools: o Cisco 5505 and 5520 Firewalls/VPNs o Cisco AnyConnect Secure Mobility Client o Cisco 2960 series switches with Layer 2/3 Protection, o Nexus 5548 core switches with FEXs (Fabric Extenders) o Barracuda Email and DLP protection o Security Onion open-source NIDS, Snort, Squert, Bro, DLP regex scan, Syslog, network security monitoring • Wireless Infrastructure with WPA2 Enterprise, WPA2 Professional, and Guest SSIDs o Windows 2008/2012 CA Servers o Cisco 5508 WLCs (Wireless LAN Controllers) with FlexConnect, Autonomous, Standalone APs o Windows 2012 R2 NPS (Network Policy Server) for Radius Authentication • Network Monitoring Tools: o Orion NPM o Cisco Prime Infrastructure o UCS Manager with PowerTool PowerShell Module • VoIP o Cisco Unified Communication Manager with CUCX, CUC, CUPS, and CER o Cisco 8945 phones, CIPC, and jabber communications Show less

Network/Security Engineer - Temp Contract

• Jun 2013 - Oct 2013

Escalation point for level 2 and 3 tickets Support internal and 3rd party client firewalls, routers, switches, and servers Monitor network devices using Nagios, Cacti, and Rancid Work with Sonicwall GMS, CommVault Simpana, F5 Loadbalancers, and various Cisco equipment Escalation point for level 2 and 3 tickets Support internal and 3rd party client firewalls, routers, switches, and servers Monitor network devices using Nagios, Cacti, and Rancid Work with Sonicwall GMS, CommVault Simpana, F5 Loadbalancers, and various Cisco equipment

Network Security Engineer

• Oct 2012 - May 2013

Support the infrastructure of switches, routers, ASA Firewalls, and other network equipment at Headquarters, DR building, and 26 branch offices across Southwest Michigan Target areas of concern and prioritize based on risk, downtime required, overall usage, and business visibility Propose solutions based on my analysis of the existing network Implement new projects – such as the BYOD wireless solution using Cisco ISE and Mobile Iron MDM solutions Update and build… Show more Support the infrastructure of switches, routers, ASA Firewalls, and other network equipment at Headquarters, DR building, and 26 branch offices across Southwest Michigan Target areas of concern and prioritize based on risk, downtime required, overall usage, and business visibility Propose solutions based on my analysis of the existing network Implement new projects – such as the BYOD wireless solution using Cisco ISE and Mobile Iron MDM solutions Update and build upon existing network documentation Build business relationships with vendors in preparation of future projects Monitor the network connectivity, bandwidth, and security Show less Support the infrastructure of switches, routers, ASA Firewalls, and other network equipment at Headquarters, DR building, and 26 branch offices across Southwest Michigan Target areas of concern and prioritize based on risk, downtime required, overall usage, and business visibility Propose solutions based on my analysis of the existing network Implement new projects – such as the BYOD wireless solution using Cisco ISE and Mobile Iron MDM solutions Update and build… Show more Support the infrastructure of switches, routers, ASA Firewalls, and other network equipment at Headquarters, DR building, and 26 branch offices across Southwest Michigan Target areas of concern and prioritize based on risk, downtime required, overall usage, and business visibility Propose solutions based on my analysis of the existing network Implement new projects – such as the BYOD wireless solution using Cisco ISE and Mobile Iron MDM solutions Update and build upon existing network documentation Build business relationships with vendors in preparation of future projects Monitor the network connectivity, bandwidth, and security Show less

Network and Firewall Engineer

• Sep 2008 - Oct 2012

Troubleshoot Issues with network connectivity and monitor network bandwidth, activity, and security. Assist and mentor our help desk in the basic networking skills required for common support ticket issues, and help them understand the process behind the task. Work with vendors and system administrators to create secure, yet functional network designs and solutions. Troubleshoot Issues with network connectivity and monitor network bandwidth, activity, and security. Assist and mentor our help desk in the basic networking skills required for common support ticket issues, and help them understand the process behind the task. Work with vendors and system administrators to create secure, yet functional network designs and solutions.

LAN/WAN Engineer

• 2008 - 2008

Performed installation, configuration, administration of Cisco 2600 series routers and 3500 series single/multi-layer switches, as well as Microsoft Server 2003, Exchange 2003, and Microsoft’s Internet Security and Acceleration Server. Designed and implemented Cisco/Microsoft Networks from the ground up. Committed time and effort to training in an intensive, multi-certification curriculum involved with enterprise-level equipment. Performed installation, configuration, administration of Cisco 2600 series routers and 3500 series single/multi-layer switches, as well as Microsoft Server 2003, Exchange 2003, and Microsoft’s Internet Security and Acceleration Server. Designed and implemented Cisco/Microsoft Networks from the ground up. Committed time and effort to training in an intensive, multi-certification curriculum involved with enterprise-level equipment.

IT Support Secialist

• 2007 - 2008

Effectively communicated with senior management, third party vendors, technical staff, as well as non-technical end users. Extremely flexible and able to consistently adapt and perform well in unrelated dissimilar tasks and environments. Demonstrated a rigorous work ethic, initiative, and independent thinking. Planned, designed, implemented, installed, maintained, and supported multi-purpose networks. Effectively communicated with senior management, third party vendors, technical staff, as well as non-technical end users. Extremely flexible and able to consistently adapt and perform well in unrelated dissimilar tasks and environments. Demonstrated a rigorous work ethic, initiative, and independent thinking. Planned, designed, implemented, installed, maintained, and supported multi-purpose networks.