Aug 2019 – Present · 6 yrs 7 mos

• Acquired an existing e-commerce business specializing in adult medical incontinence products and expanded it 25x over three years. Continued to grow the business, extending into multiple markets. This experience has developed a strong understanding of business capabilities and effective capital allocation for maximum impact. It offers a unique perspective to a cybersecurity career, allowing business acumen to be leveraged when assessing cybersecurity risks and strategic planning for capabilities.

Sep 2018 – Oct 2021 · 3 yrs 1 mo

• As an Information Security Director at USAA, led a security operations team responsible for detecting, analyzing, and responding to cybersecurity events, safeguarding over 60,000 employees and 12 million members. The team defined and implemented the security detection roadmap, integrating Identity capabilities with existing security controls. By introducing agile methodologies to prioritize and track work, significantly increased the delivery of new security capabilities.
• Ensured that Incident Response practices aligned with regulatory requirements and managed teams across infrastructure development, threat intelligence, and analytics. Engaged with key stakeholders to understand business needs and ensured that IAM solutions supported organizational goals.

Apr 2017 – Sep 2018 · 1 yr 5 mos

• Served as the Portfolio Architect for the Enterprise Security Group, overseeing over 275 applications across multiple security domains, including Information Security, Financial Crimes, Physical Security, Business Continuation, and Privacy. Set the overall portfolio technology strategy and collaborated with domain security architects to maximize value and integration points.

Feb 2015 – Apr 2017 · 2 yrs 2 mos

• Led the design and implementation of IAM technologies, including authentication, authorization, identity provisioning, role-based access controls, and governance for both on-premise and cloud infrastructures. Implemented Identity as a Service (IDaaS) and Privileged Access Management solutions, streamlining IAM processes to enhance compliance and user experience.

Oct 2013 – Feb 2015 · 1 yr 4 mos

• Served as Lead Computer Systems Engineer, leading the IT Operations Secured Processing team, overseeing the lifecycle management of SSL certificates and the administration of API web service integration gateways. Managed team workload and prioritization while spearheading efforts to improve capabilities and technologies.

May 2009 – Oct 2013 · 4 yrs 5 mos

• Managed internal and external penetration testing, designed and maintained USAA's malware analysis lab and architected packet capture capabilities. Conducted all stages of incident response and provided training for a team of 24/7 Security Operations Center (SOC) analysts.
• Collaborated with key leadership on incident response actions and delivered recurring threat intelligence reports. Presented weekly threat briefings to executive management, focusing on intelligence analysis, the impact of zero-day threats, and ongoing metrics of daily SOC operations.

Jan 2004 – Jul 2007 · 3 yrs 6 mos

• Implemented and supported technical and administrative security controls, securing large-scale Active Directory infrastructures. Managed intrusion detection systems, remote access administration, and provided technical security support. Assisted with the security vulnerability management process and anti-virus systems. Designed and implemented an enterprise public-key encryption infrastructure and reviewed, evaluated, and recommended IT-related security products.

Jul 2007 – May 2009 · 1 yr 10 mos

• Performed remote and on-site security assessments, including penetration testing of financial networks, vulnerability analysis, web application testing, wireless penetration testing, physical security assessments, and social engineering. As the team lead, responsible for reviewing reports, ensuring performance standards were met, and developing team members.