PROFILE
Highly accomplished cybersecurity leader with over 20 years of experience driving strategic initiatives and enhancing cybersecurity resilience in complex global organizations. Proven ability to align cybersecurity programs with business objectives, mitigate risks, and lead high-performing teams. Expertise in developing and implementing comprehensive security strategies, managing incident response, and ensuring compliance. Seeking a senior leadership position to leverage expertise and contribute to organizational success.
I am seeking a senior cybersecurity or IT leadership position where I can leverage my strategic vision and operational acumen to drive organizational success and enhance cybersecurity resilience.
Experience
DAI Global
Director, cybersecurity (MAR 2024 – present)
- Spearheaded a cybersecurity awareness program, achieving a surge in user participation from 20% to 100% and increasing the completion rate from 50% to 95%.
- Strengthened RDP security by implementing jump points and MFA at Windows login.
- Led the planning and company-wide rollout of Windows 11.
- Enhanced secure access to corporate systems through the rollout of Intune and device compliance policies for Android and iOS devices.
- Oversaw the implementation of SCIM for automated account provisioning in supported apps.
- Secured Cyber Essentials Plus (CE+) certification for the UK branch.
- Directed external security posture review and developed strategies to elevate overall cybersecurity posture.
- Designed and directed a tabletop exercise simulating a full network and system outage.
- Contributed to cybersecurity budget planning, ensuring alignment with organizational priorities and maximizing resource allocation.
- Led incident response efforts, establishing clear communication channels with senior leadership, incident response team, and third party vendors to rapidly established the scope of an incident and affected accounts within 2 weeks.
- Following a security breach, oversaw the development and implementation of compensating controls to mitigate the risk of recurrence.
- Collaborated with Senior IT leadership to develop and implement a comprehensive cybersecurity strategy, aligning security initiatives with business objectives.
- Improved the organization's security posture by working with Senior IT leadership to update IT Security Policies, ensuring they reflect current best practices and address emerging threats.
- Led cybersecurity-related compliance efforts, ensuring adherence to relevant regulations and standards.
principal manager, cybersecurity (AUG 2022 – MAR 2024)
- Reduced vulnerabilities by upgrading or removing obsolete Windows systems.
- Developed and executed a roadmap to strengthen Identity and Access Management security.
- Established a comprehensive patch management program.
- Proactively collaborated with other managers in the IT Operations team to identify and remediate risks, strengthening the overall security posture.
- Developed project plans for system and security improvements, ensuring timely and effective implementation of critical security enhancements.
sr. manager, cybersecurity (SEPT 2021 – AUG 2022)
- Implemented a client computer encryption policy, encrypting 95% of client computers.
- Reduced phishing and malicious URL usage with advanced DNS-based security tools.
- Conducted security evaluations of new software and tools, ensuring that technology acquisitions met stringent security requirements.
- Performed security evaluations of acquisition and merger targets, identifying potential risks and ensuring smooth integration of acquired entities.
- Addressed cybersecurity staffing and tool needs, ensuring the team was equipped to effectively address security challenges.
- Strengthened the cybersecurity team by recruiting and training new members, fostering a high-performing and skilled security workforce.
- Enhanced security operations by documenting cybersecurity policies and procedures, providing clear guidance for security practices.
- Improved incident response preparedness by developing and implementing incident response plans, enabling swift and effective response to security incidents.
- Successfully managed cybersecurity-related projects, ensuring on-time and within-budget delivery of critical security initiatives.
- Managed cybersecurity certification efforts, demonstrating a commitment to maintaining high security standards and achieving industry recognition.
manager, cybersecurity (JAN 2021 - SEPT 2021)
- Applied multiple controls via group policy and scripts to strengthen Active Directory.
- Streamlined IT and cybersecurity operations by effectively managing IT and cybersecurity tools.
- Collaborated with security consultants to identify, investigate, and remediate IT security breaches, minimizing the impact of security incidents.
- Reduced the organization's vulnerability exposure by effectively managing system vulnerability remediation and patching efforts.
- Enhanced access security and efficiency by managing the identity and access management (IAM) platform.
- Fostered a high-performing team by managing cybersecurity team members, including conducting performance evaluations and providing ongoing feedback.
- Improved security monitoring and incident detection by managing centralized log collection and review processes.
sR. principal systems administrator (MAR 2020 – JAN 2021)
- Developed scripts to automate Active Directory setup and decommission for project/site startup and shutdown.
- Mitigated the risk of privilege elevation on endpoint devices by implementing local administrator password management.
- Reduced the risk of domain admin credential compromise by implementing certificate-based authentication for domain admins.
- Implemented an internal PKI environment for internal e-signatures and certificate-based device authentication for internal WiFi networks.
- Developed and deployed a web-based application to administer knowledge tests for field IT administrator applicants.
- Provided technical and project leadership for IT systems selection, testing, and implementation, ensuring successful technology deployments.
- Enhanced threat detection capabilities by monitoring consolidated system and network logs for anomalies and threats.
- Strengthened the organization's security posture by reviewing network and system configurations to identify security deficiencies and suggesting remediation or improvements.
principal systems administrator (SEPT 2013 – MAR 2020)
- Led efforts to standardize technical document templates and migrate existing documentation.
- Established a standard baseline configuration for client computers.
- Designed Active Directory delegation controls for granular control over permission granting.
- Developed a database with a web-based interface for recording IT and system configurations at project sites.
- Implemented standard and automated system deployments through Windows Deployment System.
- Created and maintained system configuration standards and documentation, ensuring consistency and clarity in IT operations.
- Provided mentorship to other members of the IT Operations team, fostering a culture of knowledge sharing and professional development.
- Oversaw IT operations in the South Africa field office, ensuring smooth and efficient IT support for international operations.
- Assisted with the integration of acquisitions and mergers into DAI IT systems, ensuring seamless technology integration and minimizing disruptions.
- Improved IT procurement processes by evaluating complex IT procurements to ensure compliance with industry standards, technical compatibility, and alignment with organizational requirements and defined needs.
- Served as technical lead on incident response efforts coordinating with the incident response team and third-party vendors to establish the scope and timeline of a breach, communicating findings to the incident commander.
- Established and implemented compensating controls based on breach data, such as restrictions on service and privileged accounts and enhanced log monitoring, reducing the risk and impact of similar breaches.
sr. systems administrator (MAY 2008 – SEPT 2013)
- Led efforts to evaluate and implement new endpoint protection software.
- Provided installation of computer and network systems for DAI implemented USAID projects along with DAI home office network.
Mantech is&T
Sr. Systems Engineer (FEB 2008 - MAY 2008)
- Troubleshooted and repaired Exchange 2000 and Distributed File System (DFS) replication.
- Assisted in updating server deployment methods and documentation.
- Enhanced security in a Windows network to meet Department of Defense (DOD) security standards.
SAIC
Systems Administrator & ENgineer (MAR 2005 – FEB 2008)
- Designed, tested, and deployed a secure VPN network for remote access to a central database.
- Provided installation and support service for Windows networks, Oracle, MS SQL, Backup Exec, and Symantec Antivirus.
- Installed and maintained Microsoft Exchange.
- Provided training for system administrators at remote sites.
- Assisted in testing and development of proprietary software.
- Designed and implemented a multi-country broad-band and satellite internet-based VPN system.
- Designed and implemented server-side and client-side security and virus protection for VPN systems.
- Researched and recommended software and hardware solutions for internet-based VPN systems.
Advanced Technical Services (ATS) - Sub to SAID
Network Engineer (JUNE 2004 – MAR 2005)
- Provided installation and support service for Windows networks, Oracle, and Symantec Antivirus.
- Provided training for system administrators at remote sites.
- Assisted in testing and development of proprietary software
General Dynamics Information Technology
Field Service Specialist (SEPT 2002 – JUNE 2004)
- Provide hardware installation, maintenance, sanitization, and disposal for the US Army.
Education
Western Governors University
Master of Science (MS), Cybersecurity and Information Assurance, 2023
ECPI University
Bachelor’s Degree, Computer Information Systems (Network Security), 2012
Associate’s Degree, Computer Network Technology, 2002
Certification
Rapid7 InsightIDR, Certified Specialist
Rapid7 InsightVM, Certified Specialist
Currently pursuing CISSP certification