Apr 2025 – Oct 2025 · 6 mos · Washington DC-Baltimore Area · Remote

• Security engineer embedded within the DevOps team that supports CSBS-SES, a platform that enables state agencies to streamline examinations of financial products from mortgages to cryptocurrencies. Managed cloud NGFW, OS/container vulnerability scanning, design/implement DevSecOps tooling, automate tasks in Python, Terraform, and Ansible. Perform investigations in CNAPP, CSPM, and XDR.

Apr 2024 – Apr 2025 · 1 yr · Washington DC-Baltimore Area · Remote

• Founding platform and security engineer who built and ran multiple data services on EKS used by Deep Cove MDR analysts and IR consultants. Managed Elasticsearch, ClickHouse and vector store clusters and developed Python tools for security automation, data engineering, and infrastructure management, with and without LLMs and agent frameworks.

May 2022 – Feb 2024 · 1 yr 9 mos · Baltimore County, Maryland, United States · Remote

• Led global security operations and engineering team with responsibility for CorpSec and CloudSec, reporting to multiple CISOs before and after acquisition by Thoma Bravo and merger with ForgeRock. Led IR for multiple internal and customer facing security events. Modernized vulnerability management tools and processes in AWS commercial and GovCloud environments. Managed SIEM costs and led tool modernization including adoption of IAC, GitOps, and migration from EC2 to Fargate and Lambda of security automation tasks. Led endpoint security simplification and rationalization, partnering with Corporate IT. Rebuilt InfraSec in 2022 following a period of high attrition during the Great Resignation and security lead for Project Helix (merger of ForgeRock and Ping back office in Q4 2023)

Dec 2021 – May 2022 · 5 mos · Baltimore County, Maryland, United States · Remote

• Led multiple engineering teams within professional services with responsibility for forensic tools and backend infrastructure for Falcon Forensics and Global IR/CA service offerings.

Feb 2021 – Present · 5 yrs 3 mos

Sep 2019 – Dec 2021 · 2 yrs 3 mos · Baltimore County, Maryland, United States · Remote

• Led CIAM engineering team within Enterprise Security that built and ran MFA/SSO for 401K login services and anti-fraud tooling in AWS. Wrote Terraform for IAM stack and Python LDAP data migration scripts. Led platform modernization and refactoring of SAML service from Websphere to ECS Fargate. Led Enterprise-wide fraud detection and response process and tooling improvements.

Sep 2017 – Sep 2019 · 2 yrs · Baltimore County, MD · Remote

• Led SaaS, Appliance, and Cloud Security teams for PhishMe, Triage, and Vision email security products and services within product development and engineering. Led security process and tool improvements during SOC2 Type 1 and Type 2 certification. Bootstrapped FedRAMP Moderate for PhishMe. Rebuilt team, hiring or replacing first-level managers in 2018 leading to improved alignment within engineering and a resilient culture that fortified my department through multiple rounds of cost reduction following the PE acquisition of PhishMe.

Jan 2016 – Sep 2017 · 1 yr 8 mos · Baltimore County, Maryland, United States · Remote

• Led global DevOps (cloud operations and build) team supporting Sentinel Software Monetization products services. Led data migrations and solution onboarding for large US/EMEA customers. Partnered with Legal to review and approve SAAS T&C's. Contributed to pre-sales efforts leading to significant SaaS wins in US/EMEA. Introduced AWS Serverless components for multiple production and support tooling use cases.

Oct 2014 – Jan 2016 · 1 yr 3 mos · Baltimore County, Maryland, United States · Remote

• Managed cloud operations team across North America and India for Sentinel Cloud/EMS across AWS and physical data centers in Canada and Israel. Led migration of single-tenant applications from physical center to AWS. Developed and led migration from legacy automation to Ansible for Sentinel Cloud stack. Implemented and improved Open Source monitoring tools resulted less alert fatigue and higher uptime.

May 2013 – Oct 2014 · 1 yr 5 mos · Baltimore County, Maryland, United States · Remote

• Founded the Cloud Operations team that launched TAP/Helix before and during the FireEye acquisition, tripling the size of the team in 18 months. Led vulnerability response and remediation in AWS during Heartbleed and Bashbleed. Introduced Open Source infrastructure and observability tools for monitoring thousands of EC2 instances. Introduced Ansible and CI/CD tooling for application deployment using Debian packages.

May 2011 – May 2013 · 2 yrs · Hunt Valley, Maryland · On-site

• Led DevOps team that launched Elder Scrolls Online before game announcement and during private Beta. Managed infrastructure, CI/CD tool, and game publishing in AWS and private data center. Managed multiple 3rd party penetration tests of applications and infrastructure.

Sep 2009 – May 2011 · 1 yr 8 mos · Columbia, Maryland · On-site

• Led security integration and architecture projects and conducted vulnerability assessments and pentesting for SAIC commercial and government customers, focusing on the Energy sector and Smart Grid.

Mar 2008 – Aug 2009 · 1 yr 5 mos · Columbia, Maryland · On-site

• Developed and taught face to face and online courseware on Nessus and Tenable Security Center. Developed initial Enterprise Certification exams and professionalized the training program.

Nov 2006 – Mar 2008 · 1 yr 4 mos · Lincolnshire, Illinois · On-site

• Built and ran Open Source security appliances on HP hardware across multiple datacenters.

Sep 2005 – Nov 2006 · 1 yr 2 mos · Austin, Texas, United States · Remote

• Performed security assessments and conducted vulnerability research in SCADA/ICS. Coordinated vulnerability disclosure on ICCP zero-days I discovered and contributed scenario elements in the first DHS CyberStorm Exercise. Led the development of the original set of SCADA plugins for Nessus Pro.

May 2000 – Sep 2005 · 5 yrs 4 mos · Austin, Texas · On-site

• Performed security testing and developed network security tools to identify and remediate security vulnerabilities across multiple Cisco business units. Conducted research and spoke at conferences on a range of topics from fuzzing to SCADA security to BGP Security.

Jul 1990 – Jan 2002 · 11 yrs 6 mos · Texas, United States · On-site

• Served as 98C and 96B in multiple USAR units (tactical, strategic, and training) in Austin and San Antonio while in college and when I was secondary educator. Honorably discharged months before the GWOT stop loss.