- Experienced security professional with expertise in threat and Confidential, incident response. Results - driven strategic thinker and decisive leader with over sixteen years of progressive success establishing teams, implementing policies, spearheading complex investigations, and evolving organization’s capabilities to proactively prevent and respond to IT security incidents and cyber threats within Confidential companies.
- Identifying and analyzing risks, while working collaboratively with key stakeholders to provide training and translate ambiguous security protocols and standards into comprehensive, well-defined and approved practices. Familiar with many regulatory compliance requirements .
- Superior communication, valued as a liaison between business and technical stakeholders, and for translating granular data into meaningful, actionable intelligence and implementing thoughtful, long-term roadmaps to address both current and emerging issues and threats.
- Deep technical knowledge including a high-level understanding of industry-wide issues and best practices along with tactical IT infrastructure experience and hands-on use of EnCase, FTK, SIFT, AXIOM, Autopsy/TSK, QualysGuard, WhiteHat Security Sentinel, OpenVAS, nmap, and several other related tools.
Confidential, Centennial, CO
- Selected to pioneer and define a new role and function within the organization, and lead the Security Operations Center in Confidential activities.
- Evaluated and selected all tools to be utilized and implement policies and procedures while independently serving as the primary Confidential analyst covering all service delivery network and systems (up to approximately five hundred thousand endpoints).
- Perform gap analyses, search and seizure, collection, acquisition and analysis utilizing standards and best practices to forensically preserve evidence.
- Conduct extensive research and investigations utilizing a wide array of technologies and tools. Serve as a lead incident handler and escalation point during incident response activities for Confidential and related investigations.
- Successfully established and currently oversee the organization’s first internal forensic lab including all tools, processes, procedures, reports and associated templates, thereby providing the groundwork for new capabilities
- Serve as lead regarding every major incident impacting the service delivery networks, which involved quickly understanding and prioritizing issues, communicating internally and coordination with various federal and regulatory entities (PCI, FCC, HIPAA, FTC, and FBI).
- Oversaw the full Confidential lifecycle for all of service delivery networks, including cloud, web applications, and server environments.
- Provided system hardening, network architecture, and source code review for over 250 scans per month across three legacy enterprise ecosystems.
- Delivered practical guidance and remediation methodologies to senior leadership, system engineers, and key stakeholders for system security.
- Performed incident response activities as a lead incident handler during incident response activities for the Security Operations Center.
- Regularly engaged with both internal and external auditors to ensure compliance with regulatory requirements.
- Successfully implemented a rigorous assessment and remediation schedule; increasing frequency and thus visibility of vulnerabilities in all systems.
- Regularly interfaced with Risk Management team to identify new and aging vulnerabilities that could pose a significant risk to the company.
Confidential, Centennial, CO
- Spearheaded all aspects of the global Confidential service for a Confidential and its clients.
- Coordinated across departments with oversight of sales, scoping, assessment, gap and risk analysis, and regulatory compliance.
- Ensured that the organizations stayed current with security updates and patches while keeping an eye on emerging exploitable threats and vulnerabilities.
- Performed in-depth OSINT reconnaissance, developed and disseminated notifications of emerging threats and reviewed several hundred newly released vulnerabilities each day.
- Established, tracked, and analyzed metrics and KPIs as part of quarterly and annual presentation of client successes.
- Ensured compliance with HIPAA, PCI, NCUA, SOX, and related regulations while collaborating closely with penetration testers to address more stringent (FISMA/FedRAMP) regulatory requirements.
- Appointed to serve on the Senior Technical Council with a focus on guiding the overall technology direction of the business while also proactively identifying and resolving various risks, pain points, and security-related challenges
Confidential, Centennial, CO
- Promoted to oversee Confidential and IT security over other highly qualified candidates to support the global enterprise and all subsidiaries performing network-based and in-person seizure of both volatile and non-volatile data. Delivered security awareness training and guidance to employees at all levels of the organization, from senior executives to customer service representatives. Served as a key member of the “breach team” investigating malware infections and other lapses in security controls. Performed employee investigations, created and presented department-wide metrics, measurements, and KPIs to executive leadership on a monthly basis.
- Performed on-site, remote, and covert acquisitions for human resources, legal, and IT security investigations for the enterprise
- Responsible for analysis of mobile devices (including smartphones and tablets), windows and linux servers, virtual machines, and workstations
- Based on consistently superior performance, quickly transitioned from a contract to a full-time position triaging a high volume of host and network events to identify potential incidents. Created and executed multiple scenario-based security drills to identify and address gaps in key skills. Collaborated with engineering and networking teams to remediate security issues and to improve overall security ecosystem at the enterprise.
- Developed automated scripts which significantly improved speed and accuracy in identifying security issues and threats
- Created, disseminated, and presented on-boarding, training, and development for the department’s new hires