Oct 2023 – Jun 2025 · 1 yr 8 mos

Feb 2023 – Oct 2023 · 8 mos

Sep 2022 – Feb 2023 · 5 mos

Sep 2021 – Sep 2022 · 1 yr

• ● Act as a security SME and SOC Technical Lead on a wide scope of projects to improve logging, monitoring and response efforts
• ● Build, Deploy and Maintain SOC Security Infrastructure and toolsets utilized by the 24x7x265 SOC
• ● Facilitate the evaluation, selection, and implementation of SOC systems and toolsets
• ● Manage the Splunk Enterprise Security and Splunk SOAR deployments
• ● Work with various teams and stakeholders on integrating new Merger and Acquisition companies into the myriad of Cyber Defense toolsets and process workflows
• ● Work with Cyber Defense teams to remediate audit and security findings as needed

Sep 2020 – Sep 2021 · 1 yr

• Reporting to the Sr. Manager of Cyber Defense Threat Detection, I am a hands on technical leader and IT Security Manager responsible for day to day operations within our 24x7x365 Security Operations Center. I lead a team of Cyber Defense Level 1 and Level 2 analysts that provide detection, analysis and response for all cyber related threats to Citizens.

Jun 2018 – Sep 2020 · 2 yrs 3 mos

• Act as SIEM SME (QRadar, Splunk, Splunk Cloud and Splunk Enterprise Security)
• Act as Data Loss Prevention SME; Administering and tuning DLP policy utilizing Symantec Data Loss Prevention (Email), Forcepoint Triton (Web) and SkyHigh CASB
• Serve as escalation point for SOC engineering incidents
• Identify security gaps in monitoring and recommend compensating controls to mitigate risk
• Develop and maintain security content used to detect and mitigate threats across multiple environments and attack vectors
• Develop and provide key metrics to senior leadership and business stakeholders

Oct 2016 – Jun 2018 · 1 yr 8 mos

• Act as Subject Matter Expert and Team Lead for SIEM DLP team managing Data- In- Motion utilizing Symantec Data Loss Prevention (Email), Forcepoint Triton (Web) and SkyHigh CASB.
• Act as lead specialist reviewing and maintaining over 550+ B2B Email TLS Connections and reviews.
• Identify security gaps in monitoring and recommend compensating controls to mitigate risk
• Analyze, Investigate and Respond to security events; Escalate to and collaborate with other Corporate Security teams when deemed necessary.
• Provide metrics to CD senior leadership as well as individual business lines reflecting the security posture of the organization
• Facilitate the remediation of discovered vulnerabilities and monitor the health of DLP application servers
• Collaborate with business lines on business pain points and educate users on sending customer data securely.

Oct 2015 – Dec 2015 · 2 mos · East Providence, RI

• Provisioned, Configured and Troubleshooted RSA Two Factor Authentication Tokens for internal and external customers
• Create, Modify and Delete individual user accounts, service accounts, and AD security groups utilizing Dell Active Roles
• Created, Modified and Deleted user, service and generic email accounts with Microsoft Exchange Server and Active Roles

Feb 2021 – Present · 5 yrs 1 mo · Providence, Rhode Island, United States

Dec 2015 – Oct 2016 · 10 mos · Cumberland, RI

• Act as Subject Matter Expert (SME) for the enterprise Anti Virus, Symantec Endpoint Protection installed on more than 120,000 assets
• Solely responsible for maintaining the endpoint security of devices in over 9,500 stores
• Work with vendors to update software and mitigate security risks on vendor owned technology
• Identify and remediate security risks of Store Systems, Corporate Servers and Workstations
• Monitor the day to day health and availability of the team’s Windows Servers
• Create and update process documents and instructions for contracting resources

May 2013 – May 2015 · 2 yrs · Providence, Rhode Island

• Monitoring of day to day IT Security operations Ex. Compromised Accounts, Vendor Security Reviews
• Assisting in IT Security investigations on four regional campuses
• Assisting in Server Hardening Audits
• Acted as Subject Matter Expert (SME) for Lansweeper Application
• Scan JWU Networks for vulnerabilities and network threats
• Searched the JWU Network for Rogue Devices and Malicious Activities
• Updated the IT Security Alert Twitter as needed