Professional Background

$ whoami

Professional Experience

$ history | grep work

• APRIL 2022 - PRESENT
  

  Gemini Trust Company

  Principal Security Technical Program Manager

  • Responsible for the design and successful implementation of a comprehensive Data Governance Program, overseeing data integrity, security, and compliance across the organization.

  Associate Director of Governance Risk and Compliance

  • Manages a team of GRC employees responsible for security standards, training and awareness, third party risk, vendor risk, contract reviews, entitlement reviews, control frameworks, internal and external audit, regulatory compliance, and ISO PCI and NYDFS certifications.
  • Oversee the implementation of comprehensive security policies, procedures, and guidelines, incorporating NIST SP 800-53 controls and CIS Critical Security Controls. Oversee the management of Security Risk Assessment, Control Library, and associated work products.

  Associate Director of Application Security

  • Established a client security advisory practice enabling our customers to better understand and protect software interfacing with the exchange.
  • Designed, implemented, and evolved a risk framework for clients to ensure the security of third parties interacting with the Gemini trading platform and APIs.
• JULY 2019 - APRIL 2022
  

  Synopsys Inc.

  Associate Principal Consultant

  • Responsible for Open Source consulting offerings including: Open Source Maturity Planning, Securing Open Source instructor led training, and ISO5230 compliance certification.

  Senior Consultant

  • Responsible for client management of the North American Automotive vertical: job profitability analysis, work breakdown structures, resource forecasting, RFP responses, and client delivery.
  • Technical embedded expertise: IoT Penetration Testing, Architectural Risk Assessments, Threat Modeling, Vulnerability Assessments, Web Application and Network Penetration Tests.
• SEPTEMBER 2018 - JULY 2019
  

  Fiat Chrysler Automobiles

  Cyber Security - Design Responsible for UConnect Systems

  • Design Responsible for leading the Cyber Security work streams on UConnect infotainment products.
  • Responsible for establishing security roll out plans, validation of security requirements, penetration testing, and delivery of security KPIs.
  • Managed multiple radio suppliers, third-party security testing vendors, and program managers to ensure work is accomplished on time, to a high quality.
• AUGUST 2011 - SEPTEMBER 2018
  

  Ford Motor Company

  Connected Vehicle Security - Red Team Lead

  • Managed scoping, proposal selection, and delivery of global security penetration testing in 2018.
  • Extensive experience with vendor relationship management, RFQs and SOWs including negotiation.
  • Responsible for Red Team competency development framework and training plan.
  • Specialization in building product security teams focused on Embedded Systems and Bluetooth Low Energy BLE.
  • SANS SEC564 Red Team Ops, Metasploit Certified Specialist, Nexpose Certified Administrator.

  Cyber Security - Threat Intelligence Lead

  • Led the global implementation of our corporate Threat Intelligence Platform (TIP) and integrations with corporate Governance Risk and Compliance Platform (GRC).
  • Led a global team of analysts, establishing procedures and metrics to gather, maintain, and correlate strategic and tactical threat intelligence.
  • Developed annual threat report, quarterly executive intelligence briefings, tactical briefings, and internal training material.
  • Multiple external presentations as threat intelligence SME.

  Security & Controls Analyst - Manufacturing SystemsSecurity & Controls Analyst - Manufacturing Systems

  • Maintain customer relationship with Internal/External Auditors, Application Development, Application Management, and Remote Site teams.
  • Identify control gaps, assess risk, championing security awareness and policy compliance..

  Network Engineer

  • Firewall, Load Balancer, Content Filtering, Intrusion Prevention/Detection Systems

  Remote IT Site Analyst

  • Maintenance and troubleshooting all of Ford's multi-site video conferences on an international scale.
• MAY 2011 - AUGUST 2011
  

  Los Alamos National Laboratory

  Application Developer

  • Developed the Module Display web interface utilizing BASH, TCSH, PHP, MySQL, built on the CAKE PHP framework. The interface identifies inconsistencies across clusters within classified and unclassified networks, and incorporates multi-factor authentication.
• SEPTEMBER 2009 - MAY 2011
  

  REMC1

  IT Site Management

  • Duties of the REMC1 SupportNet team include providing IT and technical support to local school districts, managing internet access, maintaining technology infrastructure, troubleshooting technical issues, and integration of technology.
• JUNE 2007 - MAY 2011
  

  Pathfinder Networks

  Network Technician

  • Provided comprehensive network management services, including Windows server/workstation configuration, router/firewall administration, data backup, and disaster recovery, virus/malware prevention, laptop repairs, and hardware sales.

Achievements and Awards

$ openssl x509 -in certfile.pem

Below are a list of honors and awards both given and received from professional societies and associations, including formal publication of papers and patents.