SUMMARY

• Information security professional with expertise in leading teams to achieve security goals and objectives.
• Over 12 years of information security experience performing Red Team penetration tests, Incident Response, Security Operations, Security Engineering and Architecture, Cloud Security, and Threat Hunting.
• This experience gives me a unique, wide - ranging knowledge base in many areas of information technology security.

• Security Operations Center Management
• Incident Response
• Security Orchestration and Automation
• SIEM Technologies (IBM Qradar and Splunk)
• Security Metrics Development and Reporting
• Security Architecture Design
• Security Event Investigation
• Threat Intelligence Creation and Integration
• Compliance and Auditing
• Red Team Assessments
• Cloud Security
• Network and Host Forensics

PROFESSIONAL EXPERIENCE

Confidential, Columbus, GA

Information Security Architect

Responsibilities:

• Represented security department as advisor to I.T. to securely migrate on-premises infrastructure to the cloud.
• Created and presented to C-level the strategy and roadmap for various CFC programs (Security Operations, Threat Hunting, Threat Modeling, Active Defense, & Purple Teaming).
• Developed metrics and reports to track and measure KPI and KRI of Cyber Fusion Center activities.
• Used frameworks such as Mitre Att&ck and Cyber Kill Chain framework to classify incidents, identify gaps, and prioritize efforts.
• Developed incident scenarios and participated in tabletop exercises to increase security awareness and ensure effective response.
• Managed all Synovus SOC and Cyber Incident Response related activities within the Cyber Threat Management division.
• Responsible for all activities, resources, and personnel in Security Operations Center.
• Lead team of 4 FTEs and 8 MSSP Analysts in defending and responding to security events.
• Mentored and trained junior analysts in security operations and incident response.
• Managed vendor relationships of current and future security tools used in our environment, along with coordinating with the Managed Security Service Provider (MSSP) on incidents and ensuring SLAs are being met.
• Successfully implemented Security Automation and Orchestration Response (SOAR) platform in Security Operations that reduced Mean Time to Respond (MTTR) from hours to minutes. Efforts allowed SOC to automate manual tasks and scale into other more advanced IR activities to include Threat Hunting, Cyber Threat Intelligence, and assisting with fraud investigations.

Confidential, Columbia Falls, MT

Senior Network Security Engineer

Responsibilities:

• While at Plum Creek, I was the sole dedicated Network Security Engineer responsible for evaluating network security posture, monitoring and responding to IDS alerts, finding and assessing vulnerabilities and their impact, and making recommendations to management on ways to improve company security posture and mitigate risk.
• After the merger, joined Confidential IT security team performing similar duties.
• Assessed company security posture and delivered prioritized recommendations to management on ways to immediately strengthen security posture.
• Developed network design documentation and security architecture documentation to assist in the integration of Plum Creek IT services with Confidential IT services.
• Reviewed and made recommendations for improving Information Security Policies and Procedures.
• Performed Nessus vulnerability scans, prioritized remediation of findings, and tracked results.
• Developed security metrics for tracking and continuous improvement of company information security.
• Researched and analyzed threat intelligence in effort to improve information security.

Confidential

Senior Cyber Engineer

Responsibilities:

• Member of team that built, integrated, tested, and delivered large, turnkey Security Operations Center for international client that allowed them to analyze, detect, and respond to network threats and intrusions.
• Trained employees on technology, processes, and procedures to effectively run SOC.
• Delivered presentations across all levels of the organization.
• Wrote documentation such as Standard Operating Procedures, Runbooks, and Playbooks to help increase the maturity and ensure consistent response to security events for clients.
• Performed various tasks related to Incident Response, Penetration Testing/Vulnerability Assessments, Malware Analysis, Network/Host Forensics, Detection Engineering, Alert Tuning, Threat Hunting, and Threat Intelligence during client engagements.

Confidential

Network Security Analyst

Responsibilities:

• Conducted Red Team penetration tests against DoD networks where I was the lead operator on many missions.
• Performed, trained, and lead group of military and civilian operators in Red Team exercises and assessments of customer networks.
• Performed Open Source research on target organizations, vulnerabilities, and common tactics used by Advanced Persistent Threat actors.
• Developed reports for and briefed high-ranking members of military and government organizations on vulnerabilities in their information systems and ways to mitigate those threats.
• Supported other departments in identifying, locating, and removing malicious software within DoD information systems.
• Delivered training briefs to other operators in an effort to expand knowledge base and increase capabilities.