With over 18 years of experience as an Advanced Information Systems and Cybersecurity Professional, I am a seasoned expert in designing, implementing, and troubleshooting complex systems, network infrastructure, security, and compliance. My expertise in auditing and assessing third-party cyber and information security risks has helped organizations minimize their vulnerabilities and maintain high standards of protection.
As a retired Chief Warrant Officer 3 in the Marine Corps, I have honed my skills as a dedicated problem-solver and subject matter expert, and I am passionate about developing top talent and fostering leadership. I am dedicated to staying at the forefront of the latest industry developments and best practices, and I bring a wealth of knowledge and experience to every project I work on.
As a recipient of the National Engaged Leadership Award from the National Society of Leadership and Success, I am dedicated to driving positive change and making a lasting impact in the field of information systems and cybersecurity. Whether working with military or private sector platforms, I am committed to delivering results that meet the highest standards of excellence.
Aug 2022 - Present
Quality Assurance Team Lead | Third-Party Cyber Risk Assessments
• Conduct Quality Assurance (QA) of Third-Party Cyber Risk Assessments.
Nov 2019 - Present
Lead Information Security Advisor | Third-Party Cyber Risk Assessments
• Performed over 200 information security risk assessments of varying complexity for dynamic projects, technologies, environments, business partners and third parties throughout the financial and tech industries.
• Drafted enterprise-level requirements for the on-boarding and integration of a new Governance, Risk, and Compliance (GRC) tool, enhancing system security configurations and risk mitigation effectiveness while increasing operational efficiency by 35%.
• Developed 29 Quick Reference Guides (QRG) and recorded 27 hours of instructional videos, increasing the efficiency of on-boarding, training, and standardized operating procedures throughout the enterprise.
• Formed partnerships with internal and external Cyber Threat Intelligence (CTI) teams, producing over 75 Intelligence Reports that directly contributed to the reduction of enterprise cyber risk by 27%.
• Developed, published, and maintained complex Information Security governance (e.g., policies, principles, standards) that define Information Security requirements.
• Served on Shared Assessments Standardized Control Assessments (SCA) Committee providing guidance in the security tenets of Physical Environment, Server Security, Network Security, and Threat Management.
• Provides consulting (advice, guidance, and assistance) across the enterprise, focusing on Information Security risk, to guide the strategic security direction of USAA development projects, departmental initiatives, and other special projects.
• Responds both verbally and in writing to moderately complex inquiries and periodic exams from both internal control partners (e.g., legal, compliance, audit, risk) and external control partners (e.g., regulators, external auditors, third parties).
• Ensures process owners identify, develop and test Information Security controls for risk mitigation effectiveness.
Sep 2019 - Nov 2019
Red Team Lead
• Co-led the development and integration of a penetration testing framework and methodology derived from industry standards and best practices such as National Institute of Standards and Technology (NIST), MITRE's Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) framework, and Common Attack Pattern Enumeration and Classification (CAPEC).
Nov 2018 - Nov 2019
Principal Cybersecurity Architect
• Served as a key stakeholder in the development of the cybersecurity team’s penetration testing and vulnerability assessment roadmap and capabilities for Honeywell Aerospace's product teams, including the Connected Aircraft, with specific regards to SATCOM, GPS, and cellular communications.
• As a co-inventor, submitted three patent applications aiming to solve common complex Aerospace engineering problems with innovative solutions.
• Led and co-authored a Product Security Guidelines (PSG) handbook for engineering teams to ensure systems security is woven throughout the entire Systems Development Life Cycle (SDLC), from concept to market.
• Established a training and education program with a strategic focus in security through various industry partnerships and Massive Open Online Courses (MOOC).
• Co-led an effort to establish and standardize Cyber Threat Intelligence (CTI) for the team and organization.
• Authored and reviewed cybersecurity artifacts for Honeywell Aerospace products and systems adhering to the Radio Technical Commission for Aeronautics (RTCA) guidelines (DO-326A, DO-178C and DO-356).
U.S. Marine Corps, Tactical Training and Exercise Control Group
Twentynine Palms, CA
June 2016 - Nov 2018
Signals Intelligence, Electronic and Cyberwarfare Officer
• Managed and operated a $38 million cellular telecommunications network and virtual cyberspace training environment, comprised of over 6,000 end items, creating a multi-tiered, cross-platform-compatible, adaptable, wireless telecommunications system. This system is utilized in support of service-level training exercises, providing an Opposing Force communications environment for the tenets of Signals Intelligence, Electronic Warfare, and holistic Cyberspace Operations.
• Authored an Urgent Universal Needs Statement (UUNS) to replace the training network with a plethora of communications assets valued up to $50 million, updating the training ranges and electromagnetic signals environment to a modern electronic battlefield.
• Established a partnership with Defense Advanced Research Projects Agency (DARPA) on the development and implementation of Small Unmanned Aerial System (SUAS) swarming technologies implemented on today’s battlefield and initiated a $3.1 million grassroots project designed to develop Counter-SUAS training for the Department of Defense (DoD).
• Trained forward-deploying Marines on Counter Radio-Controlled Improvised-Explosive-Device Electronic Warfare (CREW) procedures and electronic countermeasure employment.
U.S. Marine Corps, 1st Radio Battalion
Camp Pendleton, CA
June 2013 - June 2016
• Co-Authored a comprehensive Battalion Cybersecurity Policy covering: Acceptable Use Agreements, Clean Desk Policy, Change Management, Email Policy, Ethics Policy, Password Construction and Protection Policy, Authorized Software and End User License Agreements.
• Led a collaborative project with the Office of Naval Research (ONR), Massachusetts Institute of Technology Lincoln Laboratory (MIT-LL), and Johns Hopkins’ Applied Physics Laboratory (APL) on the development of a multi-million-dollar Tactical Cyber Range (TCR) to train and certify Marines on full spectrum cyberspace operations, from the national to the tactical edge.
• Developed a state of the art Joint Cyberspace Operations Lab for the employment and testing of Offensive and Defensive Cyberspace Operations (OCO/DCO) tactics, techniques, and procedures (TTPs). This lab was engineered with no cost to the command, while valued over $400,000.00.
• Designed mission critical hardware and software platforms designed to conduct Computer Network Exploitation (CNE) in a forward-deployed setting while maintaining secure software updates, policy compliance, and accountability of $1.2 million of assets.
• Designed, and configured a state of the art wireless network training lab, enabling the development of multiple training scenarios allowing for flexibility and realism utilizing a combination of virtual and physical environments comprised of over 30 cyber personas, 50 client devices, 45 mobile devices, 20 servers, and 15 Wireless Access Points (WAPs), using a wide variety of desktop and mobile operating systems, with a total system valuation over $1.8 million.
• Led 25 Wireless Network Engineers through a training and certification program of Signals Intelligence support to Cyberspace Operations and Computer Network Exploitation on behalf of the National Security Agency (NSA) and U.S. Marine Corps Forces Cyberspace Command (MARFORCYBER).
National Security Agency (NSA) / U.S. Marine Corps
Camp Pendleton, CA
June 2013 - June 2016
Cyberwarfare / Computer Network Exploitation (CNE) Officer
• Served as a Direct Liaison for National Tactical Integration (NTI) of Signals Intelligence support to Cyberspace Operations and Computer Network Exploitation on behalf of the National Security Agency / Central Security Service (NSA/CSS) and U.S. Marine Corps Forces Cyberspace Command (MARFORCYBER).
Doctor of Philosophy (Ph.D.)
Cybersecurity - Secure Cloud Computing
2022 - 2026
The Doctor of Philosophy in Cybersecurity (PhD-CY) combines four knowledge areas to complete research or synthesize cybersecurity solutions for enterprises subject to national exposures and global threats. The combined resolution of risk, compliance, audit, and privacy will enable graduates to create enhanced solutions while limiting the need for resources. The Secure Cloud Computing specialization investigates current and anticipated needs and solutions emphasizing the cloud computing. Learning and research adds practical and strategic insights to enable reduced risks for cloud computing and multi-cloud cybersecurity solutions. The degree is designed to prepare researchers, consultants, and technology strategists capable of leadership roles and executive positions in private and public sectors where advanced or complex cloud computing is important. Competencies include complex secure data communications, identity management, and access controls.
University of Phoenix
2022 - 2023
Storing data in the cloud makes it easy to access information. But businesses still depend on qualified professionals to do the hard part: setting everything up. With our Certificate in Cloud Computing, you’ll gain the foundational knowledge and skills to help organizations build and manage cloud services. Coursework in this program is aligned to industry certifications exams like those for Amazon Web Services (AWS) Cloud Practitioner, Cloud Developer and SysOps Administrator.
Master of Science (M.S.)
2019 - 2020
Throughout this Master's program, I had the opportunity to enhance my knowledge of advanced defense of computer and network security, providing me with the analytical framework necessary for the prevention, detection, countering, and recovery from security vulnerabilities and cyber incidents.
My studies included coursework in Advanced Computer Security, Digital Forensics, Ethics, Legals Issues & Policy, Applied Network Security, Applied Cryptography, Secure Software Engineering, Security Engineering, Issues in Security, Privacy, & Anonymity, Web Security, and Ethical Hacking.
Johns Hopkins University
Master of Science (M.S.)
2018 - 2019
No degree completed. Transferred to Liberty University.
Consistently rated as one of the best online master’s degrees in cybersecurity, the Johns Hopkins Engineering for Professionals cybersecurity program combines knowledge from instructors who are working to fight cybersecurity threats on the front lines with relevant courses designed to put you ahead. Deepen your ability to assess enterprise security risks, as well as gain skills in encryption, hash functions, signature schemes, authentication, and research.
Bachelor of Science (B.S.)
Information & Computer Science: Networking & Security
2009 - 2017
The Information and Computer Science (ICS) degree program prepares students to apply problem-solving and critical-thinking skills and use popular computer technologies in creating technology solutions.
Networking and Security – prepares students for a career in network infrastructure support, based on Cisco’s CCNA curriculum.
Marine Corps Leadership Expedition
You’ve dedicated your life to service. A NOLS course can honor your experience and create opportunities to take your skills to new heights.
Born in part from our founder Paul Petzoldt’s service in the 10th Mountain Division in World War II, today NOLS is a leading source of expedition-based leadership training and wilderness medicine certifications and has been serving military members for decades.
With NOLS, service members will find course options for every phase in their career, from ROTC and officer candidates to active duty members to veterans. We are committed to offering experiences that complement and enhance your training—and your life.
GOVERNANCE & RISK MANAGEMENT
COMPLIANCE & AUDIT MANAGEMENT
COMMUNICATION & NETWORK SECURITY
IDENTITY & ACCESS MANAGEMENT
THIRD PARTY RISK MANAGEMENT
CLOUD COMPUTING & ARCHITECTURE
CLOUD DESIGN REQUIREMENTS
CLOUD INFRASTRUCTURE SECURITY
CLOUD DATA SECURITY
CLOUD PLATFORM SECURITY
CLOUD LEGAL REQUIREMENTS