Senior SecOps Engineer

• Apr 2022 - Present

Implement native AWS Security controls to the Procurify environments. ● Implement AWS Client VPN via Terraform ● Deploy AWS Lambda to exerntal platforms for alerting via CDK ● Develop scripts to automate/scrape dependabot alerts across Github repositories ● Assist with ongoing development of security program via standard Cybersecurity frameworks (NIST/OWASP), best security practices and compliance standards (SOC2) Implement native AWS Security controls to the Procurify environments. ● Implement AWS Client VPN via Terraform ● Deploy AWS Lambda to exerntal platforms for alerting via CDK ● Develop scripts to automate/scrape dependabot alerts across Github repositories ● Assist with ongoing development of security program via standard Cybersecurity frameworks (NIST/OWASP), best security practices and compliance standards (SOC2)

Information Security Administrator

• Oct 2021 - Apr 2022

● Implented test environment in AWS via Terraform. ● Built basic CLI interface to Pagerduty API. ● Maintained Linux Servers via Ansible. - Performed misc Security administration tasks as needed. ● Implented test environment in AWS via Terraform. ● Built basic CLI interface to Pagerduty API. ● Maintained Linux Servers via Ansible. - Performed misc Security administration tasks as needed.

Cyber Threat Analyst

• Aug 2020 - Sep 2021

This section intentionally vague for security purposes. Secure all the things via: ● advise stakeholders of confirmed or potential vulnerabilities and provide remediation action(s) ● maintain observability for some security metrics using Python with Pandas/Plotly modules. Jointly maintain security and administration of deployment server for metrics dashboard ● champion security via process This section intentionally vague for security purposes. Secure all the things via: ● advise stakeholders of confirmed or potential vulnerabilities and provide remediation action(s) ● maintain observability for some security metrics using Python with Pandas/Plotly modules. Jointly maintain security and administration of deployment server for metrics dashboard ● champion security via process

Information Security Developer

• Jan 2020 - Aug 2020

Acting Team Lead, Cybersecurity

• 2019 - 2020

-Prioritize and coordinate tasks for the Cybersecurity Team.-Champion cybersecurity as a culture for the organization.-Collaborate with teams to identify and remediate vulnerabilities within infrastructure.-Plan, budget, and propose new cybersecurity initiatives and training.-Improve overall organizational Cybersecurity score based on NIST CSF.-Assist in deploying a new SIEM platform.-Ensure PCI-DSS compliance is maintained, and security is applied to non-PCI infrastructure-Prepare cloud deployment framework and strategy. Show less

Cyber Security Analyst

• 2018 - 2019

-Identify critical risk to IT systems and infrastructure; develop and implement remediation action to reduce risk to an acceptable level.-Perform scheduled and ad-hoc vulnerability scanning.-Perform penetration testing and reporting.-Maintain awareness of zero-day vulnerabilities/exploits. Ensure out-of-band patching or alternative mitigation are actioned in a timely manner.-Participate in Incident Response as needed.-Collaborate with Enterprise Architects and PMO for security requirements on new initiatives.-Implement building blocks for an effective and resilient SIEM solution. -Advise on PCI related infrastructure and implementation. Show less

IT Advisor, Cybersecurity

• 2018 - 2018

-Provide risk assessments for internal IT projects, applying thread models to identify potential gaps in security controls and recommending remedial actions or mitigations as necessary -Support NERC CIP compliance duties -Streamline workflows of various tasks through scripting solutions (perl/python/powershell) or third party software -Identify and implement corrective actions for current IT vulnerabilities across all business units as discovered -Identify critical risk IT systems and infrastructure to develop, implement, and maintain an on-going security test plan -Plan and coordinate on-going Security Testing program, which includes vulnerability management, vulnerability assessments and penetration testing Show less

Security Engineer

• 2017 - 2018

-Perform internal network penetration and web application penetration testing -Maintain existing security infrastructure, as well as research & recommend new security initiatives including anti-virus, file integrity monitoring, SIEM, firewalls, IDS/IPS, email protection, and security awareness training -Maintain PCI-DSS compliance and identify steps to streamline the process -Actively maintain awareness of bleeding edge cyber attacks/vulnerabilities that may impact PayByPhone -Participate in security incidents as necessary -Write Perl and/or BASH scripts to perform daily security related tasks -Maintain internal security policies and procedures -Communicate information security technologies and trends to non-technical users within the organization Show less

Consultant, Cybersecurity

• 2016 - 2017

-Internal / external network penetration testing and vulnerability assessments -Network and general IT security assessments and implementations, both physical and electronic -Provide cyber awareness training and education -PCI-DSS audit review -Forensic data analysis -Cyber Maturity Assessement -Python, BASH, Sed & Awk scripting for data analysis (regex) -Internal / external network penetration testing and vulnerability assessments -Network and general IT security assessments and implementations, both physical and electronic -Provide cyber awareness training and education -PCI-DSS audit review -Forensic data analysis -Cyber Maturity Assessement -Python, BASH, Sed & Awk scripting for data analysis (regex)

Army Communication and Information Systems Specialist (Reserve)

• 2002 - 2017

Primary Responsibilities: -Setup and maintain communications (HF/VHF/Satellite/Phone/Computer) -Maintain basic infantry battle standards, weapons handling, security protocols, chemical/biological/radiation attack prevention, and continue high level of personal physical fitness Additional Responsibilities: -Coordinate training schedule between unit training and members under my direct command -Liaise communication between the chain of command and to my subordinates -Mentor new members to the 39 Signals Regiment/Squadron as needed Show less

Engineering Technician IV

• 2003 - 2016

-Electronics design via Altium Designer (schematic entry, multi-layer PCB layout, BOM) -Coordinate project scheduling, parts ordering, and testing between faculty and electronics lab -Provide guidance to students and faculty on basic electronics design, packaging, and parts procurement -Repair lab and test equipment -Setup, install, test various linux distributions as needed in the laboratory. ( Slackware, Fedora/CentOS and Ubuntu/Debian/Kali) -Maintain samba file server and ntp server -Maintain basic network security and DHCP server with pfsense firewall distribution to administer IP sharing for a network approximately 25 ethernet capable devices. (PC's, Test Equipment, Embedded Development Boards) -Remain current with latest embedded development boards, including Raspberry Pi, Embedded Arm Boards, and assorted microcontroller development platforms Show less

Electronics Technologist

• 2002 - 2003

RF Technician

• 2001 - 2002

Electronics Design Technologist

• 2001 - 2001

ESD/EMC Technician

• 1997 - 1998