Education
B.S. Managment Information Systems
Experience
Google Cloud - Cloud Security Architect
November 2021 - PRESENT
- Design solutions to secure customers and their workloads
- Publish innovative ideas and open sources tools to improve security
- Invent new methods to secure LLMs and Gen AI by obtaining patents.
- Build and train cyber security teams internally and externally at Google
- Optimize cost of security architectures to make them economically viable
Amazon Web Services - Solutions Architect
January 2020 - November 2021
- Design cloud application architectures
- Educate organizations on cloud services and how to optimize them
- Publish technical content through AWS’s blog site to empower self-service customers
- Collaborate with service teams to prioritize product feature requests
- Dive deep with customer across the world on cloud security controls
- Mentor and develop technical individual contributors throughout AWS
- Reduce cost for customers by service and architectural optimization
Webster Bank - Vice President, Information Security Architecture.
December 2017 - January 2020
- Frame Information Security functions and capabilities in accordance to NIST
- Driving to constantly mature against the FFIEC CAT model
- Automate security controls and compliance within CI/CD pipelines
- Enable cloud transformation through developing security controls
- Harden custom application through static code analysis and application security practices
- Govern technology innovation and planning through serving on the Architecture Review Board
- Design and implement network security solutions that operate at layer 7
- Lead agile development programs to achieve complex security goals
- Scaling the business with automated security controls and practices
- Promote cyber security competency and skills development
- Raise awareness of cyber risk to bank employees and customers
- Develop and maintain policies and standards to govern that IT functions
- Build meaningful relationship and collaboration throughout the organization
ConnectiCare - Enterprise Security Architect
July 2016 - December 2017
- Implement secure development best practices
- Responsible for application security through the enterprise’s custom developed assets.
- Build security strategy for ConnectiCare’s technical direction including moving key applications to Amazon Web Services
- Conduct proof of concept activities with key business users in support of advanced use cases.
- Analyze security weaknesses in complex technology deployments.
- Plan, research and design robust security architectures that leverage cloud services (IaaS, PaaS,SaaS).
- Perform vulnerability scanning, risk analyses and security assessment.
- Define, implement and maintain corporate security policies and procedures.
TicketNetwork - Information Security & Compliance Lead
October 2015 - July 2016
- Conduct software security reviews with HP Fortify for static code analysis.
- Integrate secure best practices into the SDLC.
- Assess web application for vulnerabilities using Burp and other penetration testing tools.
- Partner with Product Development teams to design security solutions for TicketNetwork products and applications.
- Build Amazon Web Services environment for Big Data analytics.
- Deploy and manage solutions to comply with PCI-DSS 3.1, PA-DSS 3.1 and drive towards PCI-DSS 3.2 compliance.
- Manage and configure the web application firewall (WAF), and Next-Gen Palo Alto Firewalls.
- Run vulnerability and patch management of servers and applications.
- Develop TicketNetwork security strategy and policy.
Protiviti - Senior Consultant – Information Security & Digital Forensics
October 2014 - October 2015
- Assessed over 50 customer facing websites by performing code reviews and penetration testing for Sony Music Entertainment.
- Integrated security best practices into Sony Music’s DevOps for artist websites.
- Developed Security Architecture Review Board for Deutsche Bank.
- Implemented Websense Data Security DLP Solution for The Clearing House.
- Administered and upgraded Websense Web Security web filtering proxy for The Clearing House.
- Implemented hardening standards for critical systems throughout the enterprise for The Clearing House.
- Performed vulnerability assessments with Nessus and other vulnerability scanners for a hospitality company.
United Technologies Corporation (Now Raytheon Technologies) - Information Technology Senior Analyst
June 2011 - October 2014
- Analyzed malware with Cuckoo Sandbox, IDA pro, and other methods.
- Investigated security incidents with both hard disk (EnCase) and memory (Volatility) forensic tools.
- Coordinated with corporate security to leverage shared resources to protect against APT activity.
- Architected the data warehouse infrastructure to support rapid data growth.
- Lead the SAP HANA implementation, enabling real-time analytics from SAP.
- United Technologies Corporate Headquarters.
- Implemented a SQL Server business intelligence solution for UTC contracts and supplier spend data.
Skills
Note: I think these sections are silly, but everyone seems to have one. Here is a *mostly* honest overview of my skills.