Jan 2021 – Oct 2024 · 3 yrs 9 mos · Egg Harbor Township, New Jersey

• The Federal Aviation Administration (FAA) is the largest transportation agency of the U.S. 🇺🇸 government 🏛️and regulates 👨‍⚖️ all aspects of civil aviation in the country as well as over surrounding international waters.
• Its powers include air traffic management, certification of personnel 👩‍✈️and aircraft ✈️, setting standards for airports 🛬, and protection of U.S. assets during the launch or re-entry of commercial space 🚀 vehicles.
• Developed the agencies first red team strategy to conduct cyber security exercises that emulate real-world threats.
• Researched GenAI 🤖 capabilities for red team operations.
• All things red team.

Dec 2019 – Jan 2021 · 1 yr 1 mo · Egg Harbor Township, New Jersey

• Led an offensive security team at the FAA to perform penetration tests on web applications, API's, networks, cloud, containers and systems to ensure that security vulnerabilities are discovered and comprehensive assessment reports are delivered for client consumption.
• Conduct advanced exploitation and post-exploitation leading to lateral movement and privilege escalation across different on-premise and cloud environments.
• Ensure smooth flow of operations through planning, identification, and communication to assign responsibility to team members.
• Assist management with the strategy and vision of the penetration testing program.
• Lead and mentor engineers and work with all applicable business units.
• Improve the overall penetration testing process to enhance the teams operations.
• Analyze information and make informed recommendations to influence decisions.
• Build strong partnerships with technical teams to promote security best practices for managing vulnerabilities.
• Maintain a positive work environment conducive to collaboration and teamwork while motivating individuals and team to deliver measurable results.
• Stay current with the latest vulnerabilities, attack techniques and offensive security tools.
• Manage and maintain a series of offensive security tools and infrastructure located on-premise and in the cloud.
• Lead the evaluation and adoption of new tools, techniques, and methodologies to enhance security.
• Continuously improve standard operating procedures, reporting, and workflow.
• Monitors and measures work tasks to ensure deliverables and goals are completed on time.
• Assist with threat and vulnerability management activities.

Apr 2019 – Oct 2022 · 3 yrs 6 mos · Miami, Florida

• Tought the Cyber Security Professional Bootcamp program powered by ThriveDX, a global cyber education startup, at the University of Miami Division of Continuing & International Education.
• Courses include: Windows, Linux, Networking, Network Security, Cyber Infrastructure & Technology, Ethical Hacking, Threat Hunting, Incident Response, Digital Forensics and Python.
• Assisted with the development and review of curriculum and interviewed over 175 instructor candidates.

Jan 2015 – Jun 2018 · 3 yrs 5 mos · Miami, Florida

• As America's largest electric utility, Florida Power & Light Company serves more customers and sells more power than any other utility, providing clean, affordable, reliable electricity to more than 5.7 million accounts, or more than 12 million people.
• Led the security architecture and implementation of a new multi-million dollar call center network that serves over 4.4 million customers.
• Hardened the corporate voice network to improve the confidentiality, integrity and availability of the organization.
• Provided senior support to the security engineering team and mentored junior engineers.

Jan 2014 – Jan 2015 · 1 yr · Miramar Florida

• Royal Caribbean International (RCI) 🛥️ is the largest cruise line by revenue.
• Successfully assisted in the planning and deployment of a Data Loss Prevention (DLP) solution across the organization and all cruise ships.
• Led the development of a DLP incident response process and trained security analysts.

Jan 2013 – Jan 2014 · 1 yr · Miami Lakes, FL

• Perform intelligence analysis, making predictions about cyber criminals and their future activities based on what is already known about them.
• Monitor intrusion detection/prevention systems, firewalls, web proxy, endpoint protection and other security event data sources for malicious activity.
• Maintain knowledge of the current security threat level by monitoring related internet postings, intelligence reports, and other related documents as necessary.
• Assist in the development of the Bank’s cyber security program and incident response team.
• Created SIEM searches that produced suspicious and malicious alerts faster than our third-party security monitoring partner.
• Assist in establishing procedures for handling each security event detected.
• Determine if security events monitored should be escalated to incidents and follow all applicable incident response, reporting processes and procedures.

Jan 2011 – Jan 2013 · 2 yrs · Doral, FL

• Act as the Bank’s Information Security Subject Matter Expert.
• Improved and maintained the Bank’s Information Security Program.
• Reduced virus infection rate to ZERO during my time at the Bank.
• Designed and implemented several industry leading cyber security solutions.
• Oversee the Bank’s incident response plan, developed an anti-DDoS playbook and improved overall security posture.
• Passed all audits with perfect scores.
• Act as point of contact for coordination of third-party vulnerability assessments and penetration tests.
• Established and conducted security awareness trainings.