Mar 2021 – Mar 2023 · 2 yrs · San Diego, California, United States · Remote

• As the founding leader of the Information Security Operations team, I defined the program's charter and vision, recruited a security engineering team, established cross functional partnerships, and launched our initial operating capability. Our team provided centralized security engineering support, investigated security events, and hunted for threat activity. We took an automations-first approach to security operations that enabled us to scale our ability to monitor, triage, analyze, and respond to growing threats.

Jan 2020 – Mar 2021 · 1 yr 2 mos

• As a Technical Director, I defined the vision, strategy, and roadmap for an enterprise-wide operational support system to enable integrated security, operations, and defense of Navy IT. I established and led a cross-functional team of approximately 50. Additionally, I managed the budget, schedule, risks, and contracts for the effort. I also advised senior executives and Admirals on security engineering, operations and IT service management.

Jan 2019 – Jan 2020 · 1 yr

• I established the cybersecurity program for a global organization, to include endpoint security, network security, detection & response, vulnerability management, GRC, and more. I led product and program development, including the management of schedule and budget, across seven disparate engineering teams (100+ people) to deliver integrated security capabilities. I successfully implemented NIST's Risk Management Framework (RMF) and 800-53 security controls to manage risk and meet compliance.

Aug 2016 – Jan 2019 · 2 yrs 5 mos

• I developed a multi-year strategy and roadmap for the Navy’s Distributed Security Operations Center (SOC), and led the development and deployment of security tools, detections, analytics, automations, infrastructure, and processes, enabling rapid detection and response to threats. Additionally, I hired, mentored, and led a ~50-person Agile development team.

Feb 2015 – Aug 2016 · 1 yr 6 mos · San Diego, CA

• As a Lead Cyber Security Engineer, I led an engineering effort to develop a highly scalable network sensor and big data analytic capabilities based on open-source technologies. We successfully developed a prototype and fielded it to production. Additionally, I developed a reference architecture for a globally distributed Security Operations Center (SOC). I also routinely advised senior executives within the DoD on current threats and state of information security technologies and practices.

Aug 2013 – Dec 2013 · 4 mos

• IST 451 - Network Security
• This course provided students with a comprehensive understanding of the fundamental issues and concepts of network security and cryptography, and the mainstream network security technologies and protocols that are widely used in the real world.
• Students learned how to:
• Analyze raw network traffic
• Develop network tools and custom packets
• Attack vulnerable hosts
• Defend, Detect, and Deter network attacks

Jan 2012 – Jan 2012 · 0 mo

• 14-822 - Host-based Forensics

Jan 2010 – Jan 2015 · 5 yrs · Fort George G. Meade, Maryland, United States

• As the lead Security Engineer, I led security operations efforts, to include threat analysis, vulnerability management, and incident response. Additionally, I conducted security and risk assessments, developed security policies, evaluated security products, developed and deployed security tools, and conducted research on cyber defense, offensive security, deceptive technologies, anomaly detection, and other emerging areas.

Jan 2010 – Jan 2012 · 2 yrs

• As an RA, I conducted Insider Threat research and developed a web crawler and client honeypot to discover drive-by malware.

Jun 2009 – Jun 2010 · 1 yr

• As an IT Security Specialist, I conducted risk assessments (NIST/DIACAP/RMF) of IT systems and networks and managed network and security appliances.