Influential leader with the vision and talent for developing and executing security strategies as well as inspiring teams to embrace change and achieve a mission. Adept at building security programs from the ground up. Skilled in providing adaptive and flexible modern security solutions to all elements of the business world both corporate and government. A trusted advisor able to build collaborative relationships and influence a diverse set of stakeholders in order to achieve business goals. Dynamic leader who consistently achieved outstanding results in challenging environments, while building and fostering strategic business relationships within security teams, the c-suite, and government.
Highlights of Expertise
|· Advanced Security Management
· Strategic Planning & Analysis
· Program & Project Management
· Disaster Recovery Plans
· System Architecture Design
· Transformational Initiatives
· Stakeholder engagement
|· Cyber Security Service
· Software as a Service (Security)
· Vulnerability Assessment
· Team Building & Leadership
· Risk Assessment & Mitigation
· Various cloud variants (GCP/AWS/Azure)
· Technical Issues Resolution
Ultimate Software DBA UKG, Weston, Florida
SENIOR DIRECTOR SECURITY OPERATIONS (Feb 2018 to Present)
Structure and coordinate global security operations capability, comprising introducing concepts of application rationalization in the cloud security stack, streamlining security and business such as initiating GCP/AWS/Azure cloud enabled security tools and strengthening SIEM and log collection activities across the enterprise. Supervise, motivate, and empower highly skilled staff of over 65 FTE security composed of teams in infrastructure and engineering support, global security operations center (SOC), (cyber) threat intelligence (TI), identity and access management (IAM), and physical security. Lead and manage operations team transition from publicly traded company to private equity and then through the largest tech merger in recent history ($22 billion valuation).
- Drove improvement in security operations processes by building data centric decision processes aligned with ISO, and the NIST Cyber Risk Management Framework.
- Developed, used, and applied the MITRE ATT&CK framework, government, and industry strategies to align security operations processes across business units.
- Enhanced security by identifying and aligning operational security requirements across the enterprise as per business needs, while containing costs and maintaining PCI, SOC, FISMA, FedRAMP, HIPAA, GDPR and various other compliance frameworks.
Department of Homeland Security, Intelligence & Analysis, Washington, DC
SPECIAL ADVISOR CYBER DIVISION & ACTING DIRECTOR (Nov 2015 to Feb 2018)
Mentored and led over 2 dozen full time all source cyber analysts to ensure the seamless success of activities.
Consistently delivered production above goals, with award winning quality, and supported implementation of innovative analytical tools within I&A Cyber Division. Acted as preeminent professional to proactively engage with highest level of American government. Piloted the successful integration of the intelligence lifecycle into the cyber security operations lifecycle across government and security operations users. Pioneer in designing cyber threats and vulnerability management services to mitigate vulnerabilities across the DHS portfolio. Cultivated and sustained strong relations and partnership with FS-ISAC, FS-ARC, and ES-ISAC.
Collaborated as SME for CIFIUS activities, information technology acquisition, Team Telecom, National Security Council, and various acquisition programs.
- Recognized as a vital senior intelligence leader representing DHS and the US Intelligence Community during televised (as well as classified) US Congressional hearings/briefings on the topics of critical infrastructure threats and alleged compromises of information networks supporting the 2016 presidential elections.
- Kept abreast, conferred, and briefed the President, cabinet-level leaders, National Security Council staff, and industry leaders regarding cyber threats on highly contentious issues.
- Created, strengthened, and adapted the complete intelligence lifecycle, resulting in securing and closing an 18% production gap in FY16 and FY17 between Q2 and Q4.
- Played an integral role in increasing IIR reporting evaluations by 70 percent.
- Spearheaded the development of recognition of the Secretary of DHS and ODNI, resulting in recognition of best analytical production within the US Intelligence Community.
United States Army Corps of Engineers, Washington, DC
CYBER ADVISOR & CISO (Jan 2015 to Oct 2015)
Established and led strategic operations of a matrixed worldwide enterprise cybersecurity solution. Administered a wide range of defensive cyber operations and certified the adequate coordination of cybersecurity program of record at USACE (DACAP, RMF). Led activities with USCC, ARCYBER, and other military, intelligence, and inter-agency partners regarding ICS/IOT defensive cyber operations. Built collaborative rapport and professional communication with senior USACE and Department of Army leader’s in the implementation of FISMA, DoD versions of FedRamp, NIST RMF, MITRE ATT&CK, Clinger-Cohen and FITARA via whitepapers, briefings and decision documents. Directed strategic policy development of security activities, incident response, and integrated intelligence practices across the enterprise.
- Oversaw and controlled all the aspects of cybersecurity operations practice within the OCIO at USACE, a DoD entity, serving 33K users, with worldwide operations leveraging over $20B in operations.
- Delivered active functional support and assistance in the effective management of over $700M information enterprise investment, supporting critical infrastructure, financial, and engineering business lines.
Associate Professor ? Purdue University, West Lafayette, Indiana (Digital Forensics, Cyber Threat Intelligence)
Associate Professor ? National Defense University, Washington, DC (Cyber Operations, cyber warfare)
Associate Professor ? Purdue University Calumet, West Lafayette, Indiana (Cyber Security, Information Technology)
Senior Consultant 1 ? NCR Corporation, Denver, Colorado (Global network and application security)
Senior Member Technical Staff ? Litton/TASC (Now just TASC), Colorado Springs, CO (Application security)
Senior Program Manager ? MCIWorldcom, Colorado Springs, CO (Network security and remediation)
Education & Credentials
Purdue University, West Lafayette, Indiana
PhD College of Technology (Information Security/Digital Forensics)
Colorado Technical University, Colorado Springs, Colorado
MS Computer Science Software Systems Engineering
Huron University, Huron, South Dakota
Bachelors of Science, Computer Science
Certifications: Certified Information Systems Security Professional (CISSP #367558), Present | US Intelligence Community Top Secret/SCI Clearance (2016), DHS Suitability, CI Polygraph (2016)