Chief Information Security Officer

• Oct 2018 - Present

Board Member

• 2019 - Present

The Coalition Against Stalkerware convened in 2019 in order to facilitate communication between those organizations working to combat domestic violence and the security community. The founding organizations have committed to fighting domestic violence, stalking, and harassment by addressing the use of stalkerware and raising public awareness about this issue. The Coalition Against Stalkerware convened in 2019 in order to facilitate communication between those organizations working to combat domestic violence and the security community. The founding organizations have committed to fighting domestic violence, stalking, and harassment by addressing the use of stalkerware and raising public awareness about this issue.

Board Member

• Oct 2018 - Present

Global Manager, Threat and Vulnerability

• Oct 2019 - Present

Responsible for identifying internal and external risks that could affect the security posture of the organization, including the confidentiality, integrity, and availability of its systems and assets. Identifying vulnerabilities and weaknesses in systems, applications, processes, networks. Testing for exploitability, potential vectors of compromise and responsible for aligning people, process, and technology to meet demand & business requirements enterprise-wide while being responsible for the assessment and measurement of the effectiveness of Information Security controls designed to protect assets and secure data. Designed, coordinated, and executed technical vulnerability assessments for all aspects of the company to include, but not limited to network and security infrastructure, servers, workstations, web and application delivery servers, databases, applications, processes, and cloud-based vendors. Full scope assessments of/for server and client-side attacks, web application exploitation, Advanced Persistent Threat (APT) threats, and the tools and techniques leveraged therein. Maintain all tools used in the scanning and identification of vulnerabilities, as well as the tools used to rationalize, consolidate, and apply additional contextual information in other security tools. Identified and assessed specific emergency or priority vulnerabilities, guided by input from other elements (cyber intelligence and manufacturer recommendations), and suggested specific remediation approaches. Coordinated with the Security Architecture team to provide updates to security standards and templates as required to meet new regulatory/audit/etc. requirements. Provided detailed management level reporting and dashboards designed to demonstrate consistency against expected control outcomes, including compliance obligations. Maintained business relationships with key partners across the company with the intention of driving improvements in operational security. Show less

Vulnerability Analyst

• May 2018 - Oct 2019

Heavily working with Rapid7's InsightVM Security Vulnerability Management Platform Planning and Deployment of InsightVM Security Consoles/Engines Reporting and Analysis with Varonis DatAdvantage • Assists in the planning and execution of vulnerability scans of organization information systems • Analyzes data from threat and vulnerability feeds along with patch management results and analyzes data for applicability to the organization • Generates reports on assessment findings and summarizes to facilitate remediation tasks • Implements and coordinates remediation steps across technical verticals and develops and implements plans to prevent recurring vulnerabilities • Effectively works across teams to remediate issues – perpetually reducing threat landscape • Refines focus – tool tuning of the Vulnerability scanning tool • Adheres to applicable Information Security Policies and Procedures • Monitors remediation progress and updates tracking mechanisms accordingly; keeps monitoring software/systems up-to-date • Interface with internal stakeholders on vulnerability management issues • Stays current on emerging threats and associated remediation steps as well as the ever changing information security world • Ensures compliance with all applicable configuration standards • Manages enterprise vulnerability assessment and configuration assessment reports as well as patch management reports • Identifies and resolves false positive findings in assessment results • Documents exceptions and gains stakeholder approvals as required by policy • Performs compensating controls analysis and validates efficacy of existing controls • Recommends security controls and/or corrective actions for mitigating technical and business risk • Produces vulnerability, configuration, and coverage metrics and reporting to demonstrate assessment coverage and remediation effectiveness against the standards Show less

Interim CIO

• Jan 2018 - May 2018

Performed a variety of responsibilities including Security Operations, Systems Administration, Network Administration, Management, Consultant, and MSP Sales Performed a variety of responsibilities including Security Operations, Systems Administration, Network Administration, Management, Consultant, and MSP Sales

Presales Engineer

• May 2017 - Jan 2018

https://metrodatacenter.com https://metrodatacenter.com

Technical Advisor

• Sep 2016 - Jan 2018

Co-Owner & CTO

• Mar 2016 - Jan 2018

E.P.I.C. – Technical Advisor Metro Data Center – Pre-Sales Engineer E.P.I.C. – Technical Advisor Metro Data Center – Pre-Sales Engineer

I.T. Engineer

• Sep 2015 - Mar 2016

Documentation Management & Best Practice Administration I.T. Support Dell Partner / Managed Services Partner Active Directory, Office 365, Exchange Management Documentation Management & Best Practice Administration I.T. Support Dell Partner / Managed Services Partner Active Directory, Office 365, Exchange Management

Director of I.T.

• Dec 2013 - Aug 2015

Management of IT Department and Operations, Budgeting & Cost Control, Vendor Relations, Systems Integration, Infrastructure Deployment, Strategic IT Planning, Site Deployment over various locations throughout Ohio Management of IT Department and Operations, Budgeting & Cost Control, Vendor Relations, Systems Integration, Infrastructure Deployment, Strategic IT Planning, Site Deployment over various locations throughout Ohio

I.T. Consultant

• Feb 2012 - Aug 2015

consulting staff defining objectives determining information system requirements making recommendations compiling and presenting information writing reports and documentation installing IT systems and software repairing computer problems and removing viruses training users answering feedback consulting staff defining objectives determining information system requirements making recommendations compiling and presenting information writing reports and documentation installing IT systems and software repairing computer problems and removing viruses training users answering feedback

Customer Technology Support

• Sep 2014 - Dec 2014

[CSOS] - Controlled Substance Ordering System, Rx, Medical Supply, Specialty Supply support Mobile Support WebEx, Phone and Email Support [CSOS] - Controlled Substance Ordering System, Rx, Medical Supply, Specialty Supply support Mobile Support WebEx, Phone and Email Support

Digital Technical Support

• Jul 2014 - Sep 2014

Short Term Contract Technical Support for K - 12 Students/Teachers/Administrators Utilizing SalesForce in Combination with Avaya products to manage and create cases for emails and phone calls Working with a multitude of Mcgraw-Hill Education products such as ConnectED and Connect+ and Thousands of Software CD's Respond to Customer inquiries by applying call to resolution techniques Supporting other DTS Agents via Chatter and Pidgin with technical Knowledge Product Research Account Management Licensing Management District Management Show less

Technical Support Representative

• Mar 2012 - Feb 2013

Report creation and layout modification using Dev Express Report tool Creation of documentation regarding Client details, internal Procedures to resolve issues Billing and Support Ticket Statistics utilizing ZenDesk Help Desk system Rail/Freight Yard Topography Historical Data Management and Retrieval Custom Rail Tracking Software Management & Support Training Clients to use our Advanced Rail Tracking Software Customer Support over the Phone, Email and Remote Control Heavy Data Management and Set-Up for new Clients as we train them to use the Rail Tracking Software Properly Directly work with Class-1 Railroads (UP, Railinc, BNSF, CN, CPRS, CSXT, KCS, NS and Kleinschmidt) Creation and Modification of Microsoft SQL queries to Modify, Research, Manage and Create Data Show less