An accomplished, dynamic, and purposeful technology professional with a history of safeguarding data and information assets by monitoring, controlling, and mitigating risks utilizing best practice access control methodologies, security processes, and policies. Extensive expertise and leadership in cyber security systems AND tools with over ten years in the healthcare industry delivering security solutions. A demonstrated ability to analyze and develop effective solutions to increase the safety, security, and accessibility of data and applications.
Operationalizes security programs, including the vulnerability management program and end-point security, to protect company facilities, property, and employees. Delivers security risk assessments to clients using various frameworks mitigating existing and future security risks based on industry standards (HIPAA, NIST, ISO, SANS, Critical Security Controls). Performs vulnerability management, analyzes and supports Enterprise SIEM and related infrastructure, and develops and administers security policies, procedures, and standards. Ensures compliance with security requirements (HIPAA, HITRUST, SOC2, PCI) and facilitates company certifications and audits (HITRUST, SOC2).
• Created a vulnerability program from the ground up and instituted industry-leading SIEM tools (ACAS, McAfee, Rapid7, SentinelOne, CrowdStrike, Imperva, Microsoft Sentinel, Microsoft 365 Defender, Snyk, Automox)
• Improved efficiency by automating the vulnerability scanning tools and reporting in the various SIEM tools
• Improved effectiveness of remediation teams by training them on how to use SIEM tools
• Facilitates large-scale deployments for multiple clients, products, and data centers
PROFILE An accomplished, dynamic, and purposeful technology professional with a history of safeguarding data and information assets by monitoring, controlling, and mitigating risks utilizing best practice access control methodologies, security processes, and policies. Extensive expertise and leadership in cyber security systems AND tools with over ten years in the healthcare industry delivering security solutions. A demonstrated ability to analyze and develop effective solutions to increase the safety, security, and accessibility of data and applications. skills • Achievement-oriented • Can-do attitude • Consensus building • Creative • Decision-making • Disciplined • Inspiration and motivation • Integrity • Relationship management • Team development EDUCATION Bachelor of Science, Information System Security (valedictorian) ITT Technical Institute, Jacksonville, FL Bachelor of Science, Marketing (high honors) Franciscan University Steubenville, OH |
|
|
PROFESSIONAL EXPERIENCE Vulnerability Program Manager / Info. Sec. Eng., Feb 2021 to Dec 2023 Clearsense, Jacksonville, FL Operationalizes security programs, including the vulnerability management program and end-point security, to protect company facilities, property, and employees. Delivers security risk assessments to clients using various frameworks mitigating existing and future security risks based on industry standards (HIPAA, NIST, ISO, SANS, Critical Security Controls). Performs vulnerability management, analyzes and supports Enterprise SIEM and related infrastructure, and develops and administers security policies, procedures, and standards. Ensures compliance with security requirements (HIPAA, HITRUST, SOC2, PCI) and facilitates company certifications and audits (HITRUST, SOC2). • Created a vulnerability program from the ground up and instituted industry-leading SIEM tools (ACAS, McAfee, Rapid7, SentinelOne, CrowdStrike, Imperva, Microsoft Sentinel, Microsoft 365 Defender, Snyk, Automox) • Improved efficiency by automating the vulnerability scanning tools and reporting in the various SIEM tools • Improved effectiveness of remediation teams by training them on how to use SIEM tools • Facilitates large-scale deployments for multiple clients, products, and data centers Naval Hospital - Information Assurance Officer/ Lead Vulnerability Analyst, Dec 2011 to Feb 2021 Five Stones Research Corp., Jacksonville, FL Provided technical expertise and leadership as an Information Systems Security Officer (ISSO) and lead Vulnerability Analyst. Conducted Advisory, Conciliation, and Arbitration Service (ACAS) scans of all computing assets (over three thousand network nodes), tracked vulnerability compliance in Vulnerability Remediation Asset Manager (VRAM), and provided reports and analyses for system certification and accreditation. Oversaw alternate and role-based tokens as the Trusted Authority (TA) for the Defense Health Agency (DHA) and performed IA software Risk Assessments including the development of mitigation requirements and creating Plan of Action Milestones (POAM). Directed compliance for Workforce, Service Account Passwords, and Computer/Communication Rooms access lists.
|
• Created a vulnerability program from the ground up and instituted industry-leading SIEM tools (ACAS, McAfee, Rapid7, SentinelOne, CrowdStrike, Imperva, Microsoft Sentinel, Microsoft 365 Defender, Snyk, Automox)
• Improved efficiency by automating the vulnerability scanning tools and reporting in the various SIEM tools
• Improved effectiveness of remediation teams by training them on how to use SIEM tools
• Facilitates large-scale deployments for multiple clients, products, and data centers