Summary
I'm a technologist who enjoys understanding every project or environment from concept through design,
integration, and deployment. I am compelled to understand how everything works, which allows me to build
creative new solutions and improvements. I've been active in the cyber security industry since dial-up
and have also deployed and managed global enterprise environments and multi-cloud solutions.
Experience
- Built the Professional Services Cloud Security Program Charter and supporting policies
- Conduct client-facing Cloud Security Assessments using Observe, Plan, Report methodology
- Built reconnaissance automation to bootstrap Cloud Assessments for AWS
- Designed Continuous Monitoring (ConMon) for AWS Environments methodology
- Authored security finding triage framework integrating Python, AWS EventBridge/Lambda/Security Hub/Chatbot, Jira, and Slack
- Developed structured DevSecOps practices including LINTing and code scans with Snyk, Veracode, Checkov, and PrismaCloud
- Primary escalation for AWS Professional Services engineers and clients
- Authored IaC framework for environment hand-off including event pipelines, alarms, and dashboards
- Supported multi-tenant SaaS environments in commercial and Highly Regulated Environments (HRE)
- Developed and maintained Terraform, Terragrunt, Python, PowerShell, and Bash scripts for secure IaC deployment
- Orchestrated CI/CD modernization, migrating Jenkins to GitHub Actions with automated security validation
- Enhanced Continuous Monitoring via custom automation leveraging Tanium for compliance enforcement
- Client-facing escalation for secure multi-cloud adoption and architecture
- Managed 650+ cloud accounts with automated provisioning, access controls, and security guardrails
- Developed reusable reference architectures for standardized, scalable security patterns
- Served on the Product Strategy Council, influencing platform security enhancements
- Automated CI/CD security integrations using Jenkins, Python, APIs, and Webhooks
- Authored IT Security Program charter and associated policies
- Led SOC 2 compliance efforts, coordinating data scoping and third-party audits
- Established Business Continuity (BCP) and Disaster Recovery (DR) plans
- Centralized IAM via Entra ID implementing RBAC, automated user provisioning, and hybrid authentication
- Deployed and operationalized Microsoft Security Center and Sentinel
- Designed and championed the Enterprise Security Assessments program
- Developed security engineering standards for Microsoft Office 365 and cloud migrations
- Designed reference architectures for AWS, Azure, and GCP adoption
- Developed AWS multi-account strategy optimizing business segmentation and reducing security blast radius
- Defined enterprise logging strategy supporting development, operations, and security teams
- Designed and deployed the first SIEM solution enabling security visibility outside classic detection models
- Implemented perimeter security technologies including firewalls, proxies, and email security gateways
- Designed and delivered PoC for Linux adoption to replace big-box Unix systems