Apr 2021 – Jul 2024 · 3 yrs 3 mos

• Responsible for the inception, vision, application, leadership, and strategy of the Security Engineering department.
• Drove inception and kick-off of Security Champions program, providing transparency and communication of security initiatives, as well as clear points of contact for the SIRT team
• Core participant in Generative AI working group, responsible for general guidance on AI security and participated in the creation of generative AI policies, standards, and training
• Drives charter and execution of Application Security and Adversarial teams
• Dramatically expanded the Security Engineering team to meet industry standards for the number of applications and developers we were servicing.
• Accountable for external security auditing, security testing, application security, responsible disclosures, CI/CD, internal security assessments, customer security consults, and red teaming
• Aligns strategic security initiatives with business objectives and ensures adoption throughout engineering
• Owns security training initiatives for Engineering
• Organized gamified security exercises throughout Engineering
• Drove comprehensive automated SDLC validations, including threat modeling, DAST, SAST, SCA with vulnerability aggregation and automated ticketing
• Delivered holistic security dashboard and standardized security issue reporting

Jul 2019 – Apr 2021 · 1 yr 9 mos

• Responsible for the inception, vision, application, leadership, and strategy of the Security Engineering department.
• Drove inception and kick-off of Security Champions program, providing transparency and communication of security initiatives, as well as clear points of contact for the SIRT team
• Drives charter and execution of Application Security and Adversarial teams
• Dramatically expanded the Security Engineering team to meet industry standards for the number of applications and developers we were servicing.
• Accountable for external security auditing, security testing, application security, responsible disclosures, CI/CD, internal security assessments, customer security consults, and red teaming
• Aligns strategic security initiatives throughout engineering
• Owns security training initiatives for Engineering
• Drives gamified security exercises throughout Engineering
• Drove comprehensive automated SDLC validations, including threat modeling, DAST, SAST, SCA with vulnerability aggregation and automated ticketing
• Drove initiative for holistic security dashboard and standardized security issue reporting

Mar 2019 – Jul 2019 · 4 mos

• Managing the DevSecOps team at MobileIron

Jun 2017 – Mar 2019 · 1 yr 9 mos

• Cloud Security Team Lead
• Leads team of security engineers in efforts to provide security engineering guidance, incident response, and security design review across the MobileIron Cloud products
• Review all customer facing product engineering services, perform threat modeling, and provide general recommendations to product development team.
• Coordinates internal AWS account and application audits, ensuring a least permissive model across our network and access controls and assisting in moving to a modern deployment strategy.
• Responsible for the initial development and implementation of a DevSecOps strategy to keep pace with Agile Development within mobile iron.
• Drove and coordinated automation strategy across entire Product Security team
• Lead technical response to FedRAMP auditors for Cloud and Application level controls tracking to NIST 800-53 standards
• Finetuned and automated vulnerability scanning strategy, to allow for automated ticket creation and closure of production vulnerabilities utilizing Rapid7 Nexpose
• Utilized business intelligence analytics tools and disparate datasets to create a unified Executive-consumable dashboard for Product Security
• Responsible for configuration and troubleshooting of product development deployed Palo Alto IDS

Mar 2016 – Jun 2017 · 1 yr 3 mos · Fort Lauderdale, FL

• Release lead for WorxHome and MDX components of the XenMobile software suite.
• Responsible for the creation, training, and planning of the Security Validation Team within XenMobile Engineering, responsible for ensuring a high security bar in every release.
• Operated as interim Android dev manager, handling all operational decisions
• Lead a team of 20+ engineers owning two products.
• Coordinated with external pen-test groups to provide infrastructure and guidance
• Played critical role in the organizations transition to an agile model.
• Architected the QCKR system, an internal private cloud service to automate deployment of our product during development.

Jan 2014 – Mar 2016 · 2 yrs 2 mos · Fort Lauderdale, FL

• Test Design Lead for the WorxHome client in the XenMobile product group.

Aug 2013 – Dec 2013 · 4 mos · Fort Lauderdale, Florida

• Cloud infrastructure consulting

Sep 2009 – Aug 2013 · 3 yrs 11 mos · Dallas, TX

• Became the Subject Matter Expert in the FSE organization with regards to performance analysis, building off my strong performance testing background.
• Developed and maintained excellent relationships with customers that were fostered during extremely trying cases.
• Consulted for design advice, especially when performance was a strong consideration.
• Developed very strong inter-departmental relationships, while being engaged to fulfill Professional Services duties, both in cases where both teams had responsibilities, as well as to fill gaps in PS resourcing.
• Point of process and technical escalation for the local account teams, ensuring a high level of support for critical customers and hot cases.

Jan 2005 – Sep 2009 · 4 yrs 8 mos · Fort Lauderdale, FL

• Product Development (2007-2009)
• Team lead, responsible for ensuring the quality, performance, and scalability for XenApp and related products through feature spec design, test plan creation and execution.
• Designed and implemented core design and architecture of Project SkyNET, a project focused on utilizing cloud computing to allow dynamic provisioning of virtual machines for testers and automation. Resulted in a dramatically reduced the cost of deployment, increased server density, reduced deployment times, and increased engineer efficiency.
• Delivered complete test plan rewrite for XenApp Presentation Server 5.0, utilizing a pair-wise methodology to increase efficiency and test coverage.
• Test Release Lead on Presentation Server 4.5 HRP03. Led the test planning, feature specification review, and execution of an extensive and global cross departmental release. Published a whitepaper and webinar on the scope of changes in HRP03 with Dev Lead.
• Delivered planning and contract criteria for the Active Directory integration feature, performing analysis of potential scalability and bottleneck issues and creating must-meet criteria for the 3rd party code base.
• Life Cycle Maintenance (2005-2007)
• Team Lead, coordinating the testing and release of Hotfix Rollup Packs. Performed and managed team execution of line item testing, documentation verification, stress testing, and package validation.
• One of two core members in charge of the creation of a scalability test team for the Life Cycle Maintenance department.
• Trained individuals to understand the complexities and requirements of large scale testing.
• Core member of the Infrastructure team, delivering plans, implementing virtualization and SAN technologies that increased server density in the same space and allowed for more efficient power utilization.

Jul 2002 – Jan 2005 · 2 yrs 6 mos

• Network Operations Manager
• Responsible for architecture and implementation of a VoIP platform from the ground up. Also ensured the day to day health and stability of the platform and underlying network architecture.
• Designed and implemented wholesale VoIP network utilizing a combination of Cisco hardware, open-source Asterisk software, and third party billing software (SysMaster)
• Worked with Digium and external contractors to make significant improvements to the Asterisk H.323 stack.
• Designed and implemented a retail VoIP solution that was eventually sold to a third party.

Jan 2002 – Jul 2002 · 6 mos

• Brought in to oversee overall network redesign with redundancy and scalability in mind, implementing iBGP and OSPF in the previously static environment. This included a network wide upgrade of all core routers and switches, and utilized Riverstone hardware. Responsible for implementation and configuration of all client related services. (I.E. Qmail, Apache, client bandwidth monitoring.) Responsible for implementation and configuration of all network related services. Responsible for IP address management and overall handling of abuse complaints.

Feb 2001 – Jan 2002 · 11 mos · Miami, FL

• Network Operations Manager
• Managed the Network Operations Center and coordinated the efforts of the Field Support team.
• Designed and implemented a total network overhaul increasing the capacity, redundancy, and scalability of the entire network.

Mar 2000 – Feb 2001 · 11 mos · Boca Raton, FL

• Fuzion Wireless, Boca Raton, Fl 2000 - 2001
• Internet Service Provider
• Network Operations Manager
• Managed and coordinated staff of 12 network engineers. Responsible for overall health and maintenance of the network.
• Created a home-grown VPN that could be flexibly and dynamically scaled out using a combination of Linux, FreeS/WAN, and TCL.
• Performed a full security audit of the entire network revealing numerous penetrations. Subsequently ensured a full hardening of the entire network, with no further known security compromises.
• Designed and architected a network overhaul, implementing Cisco, BGP, and OSPF for redundancy.