Director of Risk-Based Vulnerability Management

• Jul 2021 - Present

Ask me about how Proficio can help you reduce your cybersecurity risks with our RBVM service.

Principal Security Consultant - Vulnerability Management

• Sep 2019 - Jul 2021

Ask me about Risk-based Vulnerability Management

Senior Security Operations Manager

• Apr 2012 - Aug 2019

Grew Sensus’ Managed Services cyber security operational functions, processes, controls and security posture improvements starting from less than 20 managed services and SaaS clients to over 975 in 7 years. Reported to the Vice President of Managed Services. Managed 4 direct report security analysts. Collaborated with Sensus Engineering, Xylem corporate security teams and various Customer Operations support teams to meet organizational security objectives. Responsible for securing Sensus’ 3 on-prem North American production data centers and numerous Xylem AWS VPC’s with the highest level of security posture consistent with critical infrastructure protection security standards and best practices. Show less

Senior Security Engineer

• Jun 2010 - Apr 2012

Delivered the Smart Grid industry’s first Achilles Communications Certification(IEC 62443-3-3) and Achilles Practices Certification (IEC 62443-2-4) for Sensus’ FlexNet AMI system. Initially a WurldTech only certification, I was a lead contributor to the IEC TC 65/WG 10 that developed the IEC 62443-2-4 standard from the WurldTech APC initial set of requirements. Participated in several Smart Grid security working groups including SGIP-CSW to develop the NISTIR 7628 Guidelines for Smart Grid Cyber Security, Rev. 1. Show less

Principal Information Security Analyst

• Sep 2009 - Jun 2010

Contracted through General Dynamics to the Dept of Homeland Security DC2 Security Operations Center and provided hands-on leadership and training to security analysts in support of DHS DC2 SOC functions. As a FISMA subject matter expert a 2nd role was also assumed shortly after joining the SOC as Information Assurance Team Lead to further DHS FISMA compliance objectives including systems security controls analysis, C&A package development and delivery. Contracted through General Dynamics to the Dept of Homeland Security DC2 Security Operations Center and provided hands-on leadership and training to security analysts in support of DHS DC2 SOC functions. As a FISMA subject matter expert a 2nd role was also assumed shortly after joining the SOC as Information Assurance Team Lead to further DHS FISMA compliance objectives including systems security controls analysis, C&A package development and delivery.

Technical Marketing Engineer

• Sep 2007 - May 2009

Primarily responsible for certification of Cisco security systems for Common Criteria security evaluations within Cisco’s Global Government Solutions Group, Government Certifications Team. Provided secondary support for FIPS 140-2 cryptographic module validations. Primarily responsible for certification of Cisco security systems for Common Criteria security evaluations within Cisco’s Global Government Solutions Group, Government Certifications Team. Provided secondary support for FIPS 140-2 cryptographic module validations.

Senior Security Engineer

• Sep 2004 - Sep 2007

As Senior Security Engineer for the EPA ITS-ESE contract I was responsible for developing solutions for system compliance to federal agency security requirements including FISMA, OMB, NIST and FIPS requirements and FISMA certification & accreditation of EPA information systems. Success in providing FISMA compliance solutions to the EPA lead to engagements for other federal agencis such as; NIEHS, NRC and eRulemaking while servicing the ITS-ESE contract. As Senior Security Engineer for the EPA ITS-ESE contract I was responsible for developing solutions for system compliance to federal agency security requirements including FISMA, OMB, NIST and FIPS requirements and FISMA certification & accreditation of EPA information systems. Success in providing FISMA compliance solutions to the EPA lead to engagements for other federal agencis such as; NIEHS, NRC and eRulemaking while servicing the ITS-ESE contract.

Security Specialist

• Jun 2004 - Sep 2004

Contracted through TES to the USPS data center for a short-term engagement to provide Tier-3 firewall, VPN and remote access troubleshooting, support and solutions. Contracted through TES to the USPS data center for a short-term engagement to provide Tier-3 firewall, VPN and remote access troubleshooting, support and solutions.

Senior Security Consultant

• Mar 2003 - Jun 2004

As Senior Security Consultant I provided security risk assessments for Innovate customers. Risk assessments performed included external perimeter PenTests, internal vulnerability, wireless and physical security assessments. Delivered on information protection goals and objectives consistent with customer security strategy and developed customer Information Security Risk Management Plans based on industry best practices and standards from ISO 17799, GAO and NIST publications. As Senior Security Consultant I provided security risk assessments for Innovate customers. Risk assessments performed included external perimeter PenTests, internal vulnerability, wireless and physical security assessments. Delivered on information protection goals and objectives consistent with customer security strategy and developed customer Information Security Risk Management Plans based on industry best practices and standards from ISO 17799, GAO and NIST publications.

Senior Security Consultant

• Jan 2002 - Mar 2003

Provided consulting and security assessment services including external pentests and internal vulnerability assessments for businesses and government agencies. Provided consulting and security assessment services including external pentests and internal vulnerability assessments for businesses and government agencies.

Information Security Consultant

• 2003 - 2003

Information Security Architect

• Apr 2001 - Dec 2001

Network Security Engineer

• Jun 1998 - Apr 2001

System Administrator

• May 1995 - Jun 1998

System Administrator

• Sep 1990 - May 1995