Senior Security Architect

• Oct 2023 - Present

Founder | Principal Consultant

• Jul 2009 - Oct 2023

Grew start-up to a robust and competitive information technology & cyber security consulting firm. Led team of engineers and support staff with a portfolio of clients in various industries including accounting, fintech, law, retail, construction, energy, healthcare, education, engineering, public advocacy, pharmaceutical, food, beverage & hospitality, environmental, etc . • Served as chief designer and architect on proprietary cybersecurity fraud AI/ML tool adopted by Fortune 200 client… Show more Grew start-up to a robust and competitive information technology & cyber security consulting firm. Led team of engineers and support staff with a portfolio of clients in various industries including accounting, fintech, law, retail, construction, energy, healthcare, education, engineering, public advocacy, pharmaceutical, food, beverage & hospitality, environmental, etc . • Served as chief designer and architect on proprietary cybersecurity fraud AI/ML tool adopted by Fortune 200 client and utilized for analysis of abnormalities in cyber insurance claims. Tool successfully detected and prevented 2,388 of fraudulent insurance claims. • Served as lead information security & information technology consultant for primary clients and ensured confidentiality, integrity and high availability. • Worked closely with client organization’s leadership team to identify future business requirements and strategic road mapping for ensuring success across multi-departmental arms of business. Continuous improvement strategies developed. • Ensured technical implementations and project alignment with business for both business and technical operations. • Provided lead role on information security projects including security reviews, cybersecurity operations development, security auditing, and incident response. • Provided technical expertise to Fortune 500 organization regarding Incident Response for insured claimants. • Provided subject matter expertise to client organizations regarding security architecture to ensure security was part of design and (re)development of processes and policies. • Served as expert to large-sized organizations on proactive identification of risks such that business units may properly prepare and execute on solutions for managing and reducing risks. Resulted in ability to identify tooling requirements in advance. Show less Grew start-up to a robust and competitive information technology & cyber security consulting firm. Led team of engineers and support staff with a portfolio of clients in various industries including accounting, fintech, law, retail, construction, energy, healthcare, education, engineering, public advocacy, pharmaceutical, food, beverage & hospitality, environmental, etc . • Served as chief designer and architect on proprietary cybersecurity fraud AI/ML tool adopted by Fortune 200 client… Show more Grew start-up to a robust and competitive information technology & cyber security consulting firm. Led team of engineers and support staff with a portfolio of clients in various industries including accounting, fintech, law, retail, construction, energy, healthcare, education, engineering, public advocacy, pharmaceutical, food, beverage & hospitality, environmental, etc . • Served as chief designer and architect on proprietary cybersecurity fraud AI/ML tool adopted by Fortune 200 client and utilized for analysis of abnormalities in cyber insurance claims. Tool successfully detected and prevented 2,388 of fraudulent insurance claims. • Served as lead information security & information technology consultant for primary clients and ensured confidentiality, integrity and high availability. • Worked closely with client organization’s leadership team to identify future business requirements and strategic road mapping for ensuring success across multi-departmental arms of business. Continuous improvement strategies developed. • Ensured technical implementations and project alignment with business for both business and technical operations. • Provided lead role on information security projects including security reviews, cybersecurity operations development, security auditing, and incident response. • Provided technical expertise to Fortune 500 organization regarding Incident Response for insured claimants. • Provided subject matter expertise to client organizations regarding security architecture to ensure security was part of design and (re)development of processes and policies. • Served as expert to large-sized organizations on proactive identification of risks such that business units may properly prepare and execute on solutions for managing and reducing risks. Resulted in ability to identify tooling requirements in advance. Show less

RSA Security Scholar

• Nov 2021 - Jun 2022

As an RSAC Security Scholar, I was provided an opportunity for autonomous research. My research topic of interest covered risk management frameworks for managing and defending against AI-powered adversarial exploration, poisoning, and reconnaissance. Background: Artificial Intelligence is rapidly growing in areas of military technology, health, law enforcement, transportation, etc. AI highly promotes offensive tactics of malicious actors. There has been magnified proliferation of cyber… Show more As an RSAC Security Scholar, I was provided an opportunity for autonomous research. My research topic of interest covered risk management frameworks for managing and defending against AI-powered adversarial exploration, poisoning, and reconnaissance. Background: Artificial Intelligence is rapidly growing in areas of military technology, health, law enforcement, transportation, etc. AI highly promotes offensive tactics of malicious actors. There has been magnified proliferation of cyber breaches and mass disruption in the past 5 years. AI has translated into increased difficulty in defending against cyberattacks as malware is becoming adaptive in its nature. Problem: New AI offensive capabilities may be able to identify vulnerabilities in systems, sooner than humans. Thus, can defensive AI be deployed to overcome threats with adaptive countermeasures and security controls? There are great efforts to implement defensive AI systems in response to ever-changing threats. But AI will heavily rely on machine learning intelligence and algorithms for response. Will defensive AI systems be able to detect, adapt and respond to cyberattacks, all while protecting itself against tampering and misuse? There is an underlying problem of deception to beat AI algorithms, so how might this be overcome? Theoretical solutions: Foreseeable and forecastable defensive AI tactics and strategy to prevent exploitation. Current solutions that have been implemented are automated vulnerability discovery tools such as reverse engineering deceptions, artificial intelligence mitigations of emergent execution, offensive-scaling and deep reinforcement fuzzing. New AI tools must be developed to close the gap between automated vulnerability discovery and forecast vectors. Show less As an RSAC Security Scholar, I was provided an opportunity for autonomous research. My research topic of interest covered risk management frameworks for managing and defending against AI-powered adversarial exploration, poisoning, and reconnaissance. Background: Artificial Intelligence is rapidly growing in areas of military technology, health, law enforcement, transportation, etc. AI highly promotes offensive tactics of malicious actors. There has been magnified proliferation of cyber… Show more As an RSAC Security Scholar, I was provided an opportunity for autonomous research. My research topic of interest covered risk management frameworks for managing and defending against AI-powered adversarial exploration, poisoning, and reconnaissance. Background: Artificial Intelligence is rapidly growing in areas of military technology, health, law enforcement, transportation, etc. AI highly promotes offensive tactics of malicious actors. There has been magnified proliferation of cyber breaches and mass disruption in the past 5 years. AI has translated into increased difficulty in defending against cyberattacks as malware is becoming adaptive in its nature. Problem: New AI offensive capabilities may be able to identify vulnerabilities in systems, sooner than humans. Thus, can defensive AI be deployed to overcome threats with adaptive countermeasures and security controls? There are great efforts to implement defensive AI systems in response to ever-changing threats. But AI will heavily rely on machine learning intelligence and algorithms for response. Will defensive AI systems be able to detect, adapt and respond to cyberattacks, all while protecting itself against tampering and misuse? There is an underlying problem of deception to beat AI algorithms, so how might this be overcome? Theoretical solutions: Foreseeable and forecastable defensive AI tactics and strategy to prevent exploitation. Current solutions that have been implemented are automated vulnerability discovery tools such as reverse engineering deceptions, artificial intelligence mitigations of emergent execution, offensive-scaling and deep reinforcement fuzzing. New AI tools must be developed to close the gap between automated vulnerability discovery and forecast vectors. Show less

Information Technology Consultant

• Jan 2008 - May 2009

• Developed new system modules for task automation. • Stabilized, expanded and protected organization’s network thru asset management, automation of event management, vulnerability management, and continuous monitoring. • Revamped backup procedures and policies. Introduced Incident Response and Disaster Recovery Playbook. Designed strategy and rolled out successful cybersecurity culture program. • Researched, recommended and implemented network enhancements that improved system… Show more • Developed new system modules for task automation. • Stabilized, expanded and protected organization’s network thru asset management, automation of event management, vulnerability management, and continuous monitoring. • Revamped backup procedures and policies. Introduced Incident Response and Disaster Recovery Playbook. Designed strategy and rolled out successful cybersecurity culture program. • Researched, recommended and implemented network enhancements that improved system reliability and performance. Show less • Developed new system modules for task automation. • Stabilized, expanded and protected organization’s network thru asset management, automation of event management, vulnerability management, and continuous monitoring. • Revamped backup procedures and policies. Introduced Incident Response and Disaster Recovery Playbook. Designed strategy and rolled out successful cybersecurity culture program. • Researched, recommended and implemented network enhancements that improved system… Show more • Developed new system modules for task automation. • Stabilized, expanded and protected organization’s network thru asset management, automation of event management, vulnerability management, and continuous monitoring. • Revamped backup procedures and policies. Introduced Incident Response and Disaster Recovery Playbook. Designed strategy and rolled out successful cybersecurity culture program. • Researched, recommended and implemented network enhancements that improved system reliability and performance. Show less

System Development Consultant

• Feb 2006 - Jan 2009

Key Achievements: • Developed and maintained student program databases. • Designed web-based program for online teaching modules. • Created web-based program for online testing modules. Key Achievements: • Developed and maintained student program databases. • Designed web-based program for online teaching modules. • Created web-based program for online testing modules.