Senior Cyber Security Engineer

Rate, USD
Not specified
Work schedule
Contract, Full Time,
Language skills
English
Hire me

Hire me

Jobicy Account
You need an employer account to access the resume database.

About me

Results-driven Application Security Engineer with 23 years of extensive experience in the military, specializing in Military Intelligence and Electronic Warfare/Cyber Corps. Proven track record in creating, leading, and developing effective teams. Strong analytical, diagnostic, and troubleshooting skills with the ability to solve complex problems at scale. Committed to protecting and securing digital assets, with expertise in designing, implementing, and maintaining robust security solutions. Proficient in conducting comprehensive security assessments, identifying vulnerabilities, and implementing effective countermeasures. Knowledgeable in industry-standard security frameworks and best practices, including ISO 27001, NIST 800-53, MITRE ATT&CK framework, and OWASP. Experienced in network security, application security, cloud security, and incident response.


Professional area



Education

2018-2020 BS @ Saint Martin’s University

Computer Science – 52 Credit Hours
Electrical Engineering – 48 Credit Hours

2014-2016 Cybersecurity Management BS @ University of Maryland

Cybersecurity Management and Policy – 50 Credit Hours


Experience

Feb 2021 to June 2023 Senior Group Manager, Cyber Security @ Avanade (Accenture)

Responsible for management and oversight of large-scale technology implementations and transformations for clients in North America, India and the European Union. I served as the Senior Security and Technical IT advisor to large clients navigating complex technical issues: i.e., Cloud Migration, Data Breaches < $7,000,000, and mergers/acquisitions.

Expertise in delivering and leading Information Security programs including IT Security Strategy, Security Orchestration, Automation, and Response – SOAR, API Security, Security Training and Awareness, NIST Controls Compliance & Audit Management, IT Forensics, Identity and Access Management, GDPR, CI/CD Pipeline, and Data Privacy & IT Risk analysis.

• Cloud Migration Team Lead – Project Value $5,210,000.
o Supervised Cloud Architect Team for large international client.
o Successfully provided migration strategy from on-premises/hybrid to full Azure Cloud environment.
o Maintained security integration and full project delivery within budget and on-time.

• Senior Discovery Team Lead – Project Value $70,000,000.
o Supervised Cloud Architect Team, Security Team, and for large US based client undergoing separation from parent company.
o Responsible for maintaining a proactive, reactive, and situation-based “Threat Hunting,” posture.

Feb 2021 to Feb 2022 Senior Security Engineer @ iSpot TV, Bellevue, WA

Responsible for maintaining a high-level enterprise cybersecurity posture across a multi-state, hybrid architecture. Work directly subordinate the CISO, and adjacent to engineering team leads to establish, monitor, access and improve the security posture of the organization.

• SOC2 Compliance
o Managed corporate SOC2 compliance program. Developed 10 risk control programs for re-cent company acquisition.
o Maintained accountability for artifacts and delivery to external auditing agency.
o Helped design, develop and deliver security and compliance objectives and have the ability to help drive product security phase of the CI/CD pipeline.

• Vulnerability Management
o Responsible for managing the Rapid7 InsightVM and Carbon Black AV vulnerability man-agement systems. Reduced active vulnerability count by 60% by 2nd quarter 2021. Stream-lined threat mitigation process.
o Coordinates with engineering, DEVOPS and TECHOPS teams to proactively assess risk, fix security issues and provide policy guidance.
o Ensured SAST and DAST availability to ensure the CI/CD pipeline was not interrupted by la-tent malware threats.

• SIEM Management
o Implemented and managed InsightIDR SIEM
o Managed and deployed 25 event sources throughout the AWS and on premises stack.

• CCPA and GDPR
o Manage CCPA and GDPR compliance programs. Successfully created companywide system for tracking and ensuring compliance with all state and federal regulations.

Feb 2020 to Feb 2021 Senior Security Engineer @ Ziply Fiber

Responsible for developing, implementing and maintaining the enterprise-wide cybersecurity, physical security and work-from-home information security framework. Worked directly with the Security Director, CTO, and senior technical team leads to establish and maintain the security posture of the organization.

• Conduct network/host penetration tests and web application penetration tests.
• Maintain and performed assessments of security awareness training using social engineering and in-ternal phishing attack campaigns.
• Maintained KnowBe4 security awareness program.
• Conducted datacenter, web applications and network security audits for security vulnerabilities.
• Maintained Carbon Black endpoint security and threat intelligence platform and Exabeam SIEM.

2018 to 2020 Senior Security Engineer @ CED Systems, LLC

Directed the design, integration and implementation of information security systems, maintenance plans, and best practices for securing client’s systems, networks and enterprise architecture. Led the Information Vulnerability Management (IVM) process at CED Systems, LLC to ensure compliance and increase our network’s security posture. Responsibilities included: Network Scanning and threat identification and clas-sification.

• Supervised a SecOps team composed of 6 level II Security Engineers, 4 security analysts, 3 software engineers, 2 electrical engineers, 10 computer science interns, and 8 interdisciplinary professionals.
• Performed application penetration tests and security scans against client networks.
• Guided clients and engineering team in understanding and navigating information security threat landscape (attack vectors and tools, best practices for securing systems and networks, etc.
• Reported to and communicated directly with senior level managers, technical and engineering offic-ers, and corporate officials regarding controversial and/or sensitive issues such as the scope and im-pact of a data breach, mitigation and remediation procedures and root cause analysis to identify the source(s) of the attack.
• Assisted clients in implementing and maintaining NIST 800-53 compliance.

Oct, 1993 to May, 2018 Senior Security Engineer (Offensive) United States Army @ United States Army (Honorably Retired)

Supervised 50 to 60 highly talented military professionals in skillsets ranging from cyber security analysts to level II cyber security engineers, to white hat penetration testers. Responsible for overseeing and conducting vulnerability scanning, malware analysis, threat modeling, and accurate identification of system and network vulnerabilities. Vulnerability assessment tools included Nessus and Metasploit.

• Maintained an operating budget of $350,000 and $3,500,000 in hardware and software.
• Managed team functions and missions in accordance with higher command directives while operating within stick national intelligence parameters.
• Developed first cyber security curriculum and operating policy for the JBLM, WA cyber team, managed team resources while operating within stick national intelligence scope and parameters, mitigated “budget creep”, communicated project – mission status to higher command element, successfully completed three real-world and 1 simulated cyber mission.
• Trained over 200 staff officers, senior enlisted advisors, and Department of Defense professionals in the appropriate prevention, detection, mitigation and remediation of Department-of-Defense-Information-Network (DoDIN) data breaches and information security vulnerabilities.
• Performed forensic analysis of malware infected devices to identify threat origin, scope and level of hardening required to mitigate future breaches.


Recommend this talent

Related resumes

Similar Talent in Developer & Engineer

Recommend this specialist