Jul 2023 – Present · 2 yrs 10 mos · Raleigh, North Carolina, United States

• A trusted resource for security product comparisons - links below:
• https://latio.com
• In depth product analysis newsletter - https://pulse.latio.tech
• YouTube Channel - https://youtube.com/@latiotech
• GitHub Testing Repo - https://github.com/latiotech/insecure-kubernetes-deployments
• LinkedIn Learning - https://www.linkedin.com/learning/application-security-posture-management-security-from-the-supply-chain-to-cloud-runtime/
• We do not hold equity in any cybersecurity companies

Mar 2023 – Jun 2024 · 1 yr 3 mos · San Francisco, California, United States · Remote

• Securing the world's operations tools - the right information at the right time can change the world!
• FEDRAMP, FEDRAMP, FEDRAMP!
• AWS, Containers, K8s, SDLC pipelines, and a bunch of other cloud native stuff

Sep 2021 – Mar 2023 · 1 yr 6 mos · Tampa, Florida, United States

• Lead all aspects of product security for GreyMatter, a SaaS security operations platform.
• Manage a team of Product Security Engineers to deliver meaningful product improvements such as CSP, RBAC, CSRF protections, and custom scanning logic.
• Subject Matter Expert for AWS, Kubernetes, Container, CI/CD, and Code Security.
• Lead Threat Modeling Exercises, Developer Training, DevOps Training, and Compliance Attestation requirements (ISO 27001, SOC 2, FEDRAMP, and PCI).
• Manage a team of Product Security Engineers to deliver meaningful product improvements such as CSP, RBAC, CSRF protections, and custom scanning logic.
• Deploy, develop, and maintain a suite of security tools that enable DevSecOps such as Snyk (SCA, SBOMM, SAST, Container, Cloud, IAC), StackHawk (DAST and GraphQL), GitLab tooling, Sysdig, Prisma Cloud, and many others.
• Develop internal cloud security tooling and training using Spotbugs, Cloudquery, OWASP standards and numerous open source projects.
• Responsible for the cloud security architecture of over 300 Java SpringBoot MicroServices, running across multiple clouds and clusters. Daily usage of modern DevOps tooling such as Kong, Argo, DataDog, Grafana, and Prometheus.
• Responsible for the remediation of hundreds of vulnerabilities, the implementation of modern web security standards, passing SOC 2, PCI, and ISO audits, and successful pentests.
• Regular participant in industry thought leadership, sales calls, and customer success initiatives.

Dec 2019 – Aug 2020 · 8 mos · Tampa, Florida, United States

• Responsible for the security of GreyMatter, the world's first open XDR that empowers the full security incident response workflow.
• Security implementation and management of IAM, EKS, CI/CD, SAST, DAST, GraphQL API Scanning, SSH, ELK, APM tools, DataDog, Splunk, QRadar, WAF, Palo Alto, Prisma Cloud and everything that goes into securing a modern multi-cloud web platform.
• Implemented proper controls at all phases of the development process: IAM, Kubernetes infrastructure, Gitlab deployment, firewalling and application layer.
• Coordination across Dev, DevOps, DevSecOps, Infrastructure, and Security.

Aug 2020 – Sep 2021 · 1 yr 1 mo · San Francisco Bay Area

• Security architect of Very Good Security Products - compliance automation, data aliasing, secure data processing, and payment multiplexing solutions
• Directly managed and collaborated with a team of SME’s across engineering and compliance to maximize the product impact of integrations and framework support
• Directly contribute to documentation, technical videos, sales engagements, and feature deployments - both in terms of product guidance and direct development using Ruby, JavaScript, Markdown, Docker, Python, Bash and other technologies.
• Develop, maintain, and implement over 200 security automations and monitors across 13 compliance frameworks such as SOC 2, ISO 27001, PCI, HIPAA, NIST and GDPR.
• Provide security engineering and architecture guidance for over 100 clients, across most modern clouds, source code control, vulnerability, device management, containerized Kubernetes and security platforms.
• Develop 300+ tasks for helping both business and engineering teams achieve compliance and security standards, cross mapping tasks across 13 compliance frameworks and creating monitors for all tasks.
• Create and lead combined initiatives across marketing, sales, product, and development teams, bringing major features to market such as quantitative risk management, cloud monitoring, employee onboarding, and new integrations.
• Contributor to numerous open source cloud security projects
• Directly maintain and develop implementation guidelines for AWS, GCP, Azure, GSuite, Github, Gitlab, Bitbucket, KnowBe4, BambooHR, Rippling, Gusto, Slack, Jamf, Okta, Jira, Office 365, Azure AD, JumpCloud, Citrix, Snyk, SonarQube, WhiteSource, Kiuwan, Prisma (Twistlock), Splunk, DataDog, Ansible, and more.
• DevOps experience contributing to Docker projects and Kubernetes security best practices - from vulnerability scanning with Aquasec to networking with Calico and AWS CNI’s. Contribute to internal security CI/CD security, AppSec and AWS architecture security.

Feb 2018 – Dec 2019 · 1 yr 10 mos · Tampa, Florida, United States

• Led all IT management and support across 42 countries, 250+ annual events, and 400 employees for a company with $100M+ revenue.
• Directly managed a team of three systems engineers responsible for maintaining the health of cloud and on premise environments
• Generated $1M+ of annual savings in first year of employment.
• Architect of Microsoft stack running in a hybrid cloud - VMWare, AWS, and GCP.
• Managed vendor deployments with Apple, CDW, Autodesk, Adobe, Microsoft, VMWare and Google to conduct $2M+ dollars of purchasing a year.
• Led successful cyber-security audit and security implementations for financial and healthcare sponsorship deals using NIST and ISO 27001; PCI and HIPAA experience.
• GSuite subject matter expert - alpha programs and implementation.
• Secured diverse environment of Mac and Windows desktops, laptops, Androids, iPhones, iPads, Kindle Fires, Chromebooks, and Linux machines.

Jul 2016 – Feb 2018 · 1 yr 7 mos · Tampa, Florida, United States

• IT project design and support for over 300 national companies across all sectors
• Consultations on hybrid-cloud, colocation, network, security, backup, and data.
• Consulted small to medium size businesses on achieving NIST compliance with AWS and on premise data stores.
• Demonstrated technical proficiency with the following: Windows Server 2008-2016, Datto, Veeam, Acronis, ESXi 5-6.7, Dell and HP Servers and SANs, various firewalls, switches, and routers, S3, EC2, Citrix, Active Directory, Office 365, GSuite, SQL, Powershell and Connectwise Suite RMM.

May 2016 – May 2020 · 4 yrs · Tampa, Florida

• Assist Dr. Ted Cabal in creating coursework and grading for Philosophy courses.
• Assist Dr. Douglas Blount in grading for Philosophy courses.
• Independently teach and manage online courses.