Logo

Professional Summary

Accomplished cybersecurity professional with over 20+ years of experience, entrusted with securing DoD and private sector networks. Senior technical leader responsible for leading and executing incident response, threat hunting, and vulnerability assessment and compliance engagements. Highly skilled DevSecOps practitioner and software developer, recognized for leading development teams and delivering offensive and defensive cybersecurity tools and Infrastructure as Code (IaC) solutions. Recognized for exceptional communication and organizational skills, and a strong focus on process improvement. Adaptable personality, professionally curious, autodidactic, dedicated to producing quality products, and possesses an exceptional work ethic.

Skills, Tools & Languages

| Skills

  • Threat Hunting / Incident Response
  • Zero Trust
  • Cloud Security / Forensics.
  • Relationship Building
  • Software Engineering
  • Penetration Testing
  • Network Security Monitoring
  • Leadership
  • Infrastructure as Code
  • Endpoint Security
  • Security Policy and Procedures
  • Training and Mentorship

| Tools

  • Microsoft Azure
  • Microsoft Defender for Cloud
  • Microsoft 365 Security
  • Cloud Custodian
  • FireEye HX
  • Splunk / SOF ELK
  • Security Onion
  • McAfee ePO
  • Nessus
  • GitLab / GitHub
  • Docker
  • Kubernetes

| Languages

  • C
  • C++
  • Python
  • Java
  • JavaScript
  • PowerShell
  • HCL
  • Bash
  • Ansible
  • Terraform
  • SQL
  • HTML, CSS

Professional Experience

2022 - Present
Director Development Operations Group,
Marine Corps Forces Cyberspace Command

  • Led a team of 30+ developers to ensure the secure development and timely delivery of multiple cybersecurity software solutions, significantly improving customer operational capabilities in both defensive (blue team) and offensive (red team) cybersecurity functions.
  • Developed multiple Infrastructure as Code (IaC) solutions, automating the deployment and secure configuration of IT infrastructure, drastically reducing time and costs associated with business operations and enhancing the overall cybersecurity posture of the organization.
  • Developed and established multiple secure development policies, processes, and design templates, significantly maturing and professionalizing the organization, reducing project delivery timelines and enhancing product security.

2019 - 2022
Senior Cybersecurity Product Manager,
Joint Force Headquarters Cyber Marines

  • Oversaw the software development lifecycle for 100+ cybersecurity products, including requirements analysis, design, development, testing, and deployment, ensuring cost and time effective delivery of high-quality software solutions, enhancing end user satisfaction and enabling customer business objectives.
  • Established and maintained strong customer relationships, ensuring software development aligned with their business objectives and envisioned software products.
  • Implemented automated workflows and promoted knowledge sharing through collaborative tools, streamlining business processes and improving delivery timelines.

2016 - 2019
Senior Cybersecurity Assessments Manager,
By Light Professional IT Services

  • Led By Light to achieve HITRUST External Assessor certification, resulting in a substantial increase in client acquisition and enhancing By Light's reputation in healthcare security compliance.
  • Led and conducted multiple HITRUST CSF assessments at By Light, coordinating cross-functional teams to ensure thorough compliance evaluations, resulting in successful client certifications and continued client re-engagements.
  • Developed methodologies and standard operating procedures for hunt, vulnerability assessment, and penetration testing at By Light, enhancing efficiency and effectiveness of security assessments.

2014 - 2019
Senior Cybersecurity Assessments Lead,
Marine Corps Forces Cyberspace Warfare Group

  • Led a team of 40 cybersecurity experts in dozens of incident response, threat hunting, vulnerability assessment, and compliance engagements, successfully securing critical DoD infrastructure against sophisticated threat actors.
  • Developed long-term proactive controls resulting in the mitigation of millions of dollars in damages and data loss from Department of Defense networks.
  • Developed cyber threat hunting, vulnerability assessment, and penetration testing training and apprenticeship programs adopted by cyber mission forces throughout the Department of Defense.

2012 - 2014
Network Security Analyst,
United States Cyber Command

  • Conducted Network Security Monitoring of over 300,000 hosts across three classification domains, identifying and mitigating threats and ensuring the security of critical DoD networks.
  • Developed and provided over 120 hours of training to more than 100 DoD personnel on network intrusion analysis and Hunt methodologies, resulting in a more proficient and prepared cybersecurity workforce.

2009 - 2012
Information Systems Security Officer,
9th Communications Battalion

  • Conducted Certification and Accreditation oversight, developed cybersecurity programs and policies, and provided technical guidance on IT decisions and network defense, ensuring organization cybersecurity posture and compliance.
  • Engineered, installed, and maintained endpoint protection systems, web proxies, enterprise firewalls, and ESX virtual data centers and conducted vulnerability assessments and patch remediation to enhance network security.

2007 - 2009
Data Systems Administrator Instructor,
Marine Corps Communications Electronics School

  • Conducted over 600 hours formal instruction on the following subjects: switching, routing, network security, UNIX / Windows server administration and security, bash scripting, Active Directory / DNS, and encryption, effectively training new Marines to perform their roles in the system administrator workforce.

2005 - 2007
Network / Systems Administrator,
Marine Tactical Air Command Squadron

  • Managed and maintained network infrastructure, including switching, routing, and server administration, while implementing security measures to protect critical data and ensure network integrity.
  • Conducted regular security assessments, patch management, and configuration of firewalls and intrusion detection systems to safeguard network operations against potential threats.