Oct 2017 – Jun 2025 · 7 yrs 8 mos

• Leadership & Team Transformation:
• Built and unified global cybersecurity teams across IR automation, endpoint, and data protection—scaling operations through a 24×7 follow-the-sun model.
• Merged siloed Ops, Tuning, and Engineering units into one endpoint service team, improving agility and control health.
• Coached five rising leaders, with three promoted from IC to global management roles; fostered a culture of innovation, transparency, and outcome-driven delivery.
• Security Programs & Delivery:
• Led open-source transformation by replacing proprietary tools with Moloch (DPI), Suricata (NDLP), and Wazuh (FIM)—reducing licensing costs and increasing transparency.
• Automated 220+ IR actions and various engineering processes, saving ~1,100 hours/week across security operations.
• Operationalized data protection programs across network, email, cloud, endpoint, and removable media—including AIP deployment and continuous audit automation.
• Strategic Leadership
• Defined Visa’s Cyber Engineering roadmap and represented the function in the company’s Tech Steering Committee and Zero Trust working groups.
• Instituted metrics-driven intake and resource allocation across all service lanes, improving throughput and delivery forecasting.

Jun 2016 – Sep 2017 · 1 yr 3 mos

• Laid the groundwork for Visa’s internal open-source capability, introducing Python and open tools into the cybersecurity organization and building JIRA-integrated frameworks for code delivery and collaboration
• Established dashboards and processes to improve visibility and scalability of SIEM solutions (Splunk, Sumologic, QRadar)
• Mentored interns and junior engineers, many of whom transitioned into full-time contributors and future leaders
• Established a foundation for global service delivery and agile development that later scaled into a formal automation practice

Feb 2015 – Jun 2016 · 1 yr 4 mos

Aug 2014 – Jan 2015 · 5 mos · Denver Metropolitan Area

• Responsible for operational excellence of the managed services assuring a reliable and responsive operations.
• Management and mentoring of line managers.

Mar 2013 – Aug 2014 · 1 yr 5 mos · Denver Metropolitan Area

• Building and Maturing a 24x7 Security Operations Center

Jun 2011 – Mar 2013 · 1 yr 9 mos · Denver Metropolitan Area

• As part of Infrastructure and Threat protection (ITP) team, I worked on implementing global centralized SIEM solution and also developing new content, processes for threat management, security operations, and regulatory compliance requirements using SDLC methodology.

Sep 2008 – Jun 2011 · 2 yrs 9 mos · Baton Rouge Metropolitan Area

• As part of Information security program team, I lead and participated in multiple security projects like design and implementing endpoint security suite solution across the enterprise, performing Security assessments, researching and evaluating security products in application security and data loss prevention, SIEM implementation, developing enterprise wide vulnerability management program, creating audit logging baselines, and in developing information security policy and procedures.

May 2007 – Aug 2008 · 1 yr 3 mos · Greater Seattle Area

• Worked for 24/7 Intrusion Detection & Incident Response Team handling Security events like malware outbreaks, hacks, 0-day exploits and policy violations. Participated in various malware outbreak mitigations using corporate Incident Response procedures (e.g. Debrom, Blackmal, MSN messenger worms, IRC bot/Pushbots, Strom/kraken worm, 0-day exploits, keyloggers and password stealers). Performed static and dynamic malware analysis of IRC botnets and other malware.

Jan 2003 – Jan 2007 · 4 yrs · Greater Milwaukee

• Worked as a consultant at ERS, administrating large web based n-tier pension system based on J2EE / EJB architecture, IBM technologies (WASD, WAS), Java, JSP, MS-SQL Server, FileNet P8, Imaging/workflow, and several Opensource tools (CVS, Ant, Struts) in Windows environment on Dell hardware, starting from requirements gathering phase of SDLC to post production support/warranty phase.

Aug 2000 – Mar 2002 · 1 yr 7 mos

• Create and maintain equipment checkout system, handle OS, hardware issues in lab