Current Resume

Dynamic Cybersecurity and Communications professional seeking an opportunity to expand current skill set while educating peers and business partners on Defense-in-Depth and fostering a Security-first culture.

Relevant Experience

Manager - Security Solutions, Cradlepoint Inc

(September 2022 – Current)

  • Led a team of cybersecurity engineers in designing, implementing, and maintaining security solutions in accordance with best practices and regulatory requirements
  • Developed and executed strategic initiatives to enhance the organization’s cybersecurity posture, including risk assessments, threat modeling, and vulnerability management.
  • Fostered a culture of continuous learning and professional development within the team, hosting forensics courses, Comptia Security+, and group training sessions and conference attendance.
  • Established key performance indicators (KPIs) and metrics to measure the effectiveness of cybersecurity initiatives, providing regular reports and presentations to executive leadership.
  • Cultivated relationships with external stakeholders via weekly intelligence briefings to stay abreast of emerging threats and solutions, and to advocate for cybersecurity best practices.

Senior Security Engineer, Cradlepoint Inc

  • Assessed current environment to identify and implement new security controls using best practices and industry frameworks.
  • Collaborated with cross-functional teams to integrate security controls into the cloud and on-premise environments, ensuring security by design.
  • Deployed security controls for on-premises and cloud environments, leveraging tools such as firewalls, IDS/IPS, SIEM, and endpoint detection and protection platforms.
  • Cross-trained junior team members and SOC personnel to conduct forensic investigations of live and dead systems using memory, disk, and endpoint logging artifacts.

Senior Incident Response Analyst, Reyes Holdings LLC

(November 2021 – September 2022)

  • Supporting global operations, triaging alerts from multiple systems and performing incident response and containment actions as required
  • Perform on-site forensic evidence collection and initial assessment while maintaining chain-of-custody - Continuously review incidents, alerts, and root cause analysis to drive changes in current defense-in-depth models
  • Coordinate with Security Engineering teams to create secure configurations while enabling business demands
  • Routinely create reports for a non-technical Executive Audience on cybersecurity and geopolitical issues that presented operational and strategic risks
  • Direct global field IT team members in the collection and preservation of forensic evidence, containment of breached systems, and initial remediations
  • Serve as incident commander to scope, contain, and remediate incidents in a fast paced and globally distributed network

Principal Consulting Security Engineer, Blue Cross Blue Shield of Tennessee

(November 2019 – November 2021)

  • Design, Test, and Implement security components and Technical Security Baselines across all endpoints.
  • Perform in-depth security evaluations and analysis of Commercial Off-the-Shelf (COTS) products and internally developed systems.
  • Produce technical drawings, documentation, standards, and procedures.
  • Produce and conduct unit tests to validate security control strengths. Design and implement remediations.
  • Serve as Executive Liaison on Cyber Security to communicate risks to non-technical executive audiences.
  • Ensure standards and process adherence, create unit tests for adherence reporting.
  • Conduct Threat Feed analysis. Provide continuous knowledge of threat landscape and review of current tooling and gap identification.

Operations Center Analyst – IT Operations Center (ITOC), Blue Cross Blue Shield of Tennessee

(September 2016 – November 2019)

  • Analyze, Document, and Create processes and process documentation to streamline employee performance and reduce average incident handle time.
  • Serve as Incident Manager to coordinate incident resolution across multiple first and third-party teams.
  • Triage and analyze software, hardware, and environmental events; generate priority incidents, perform root cause analysis.
  • Perform System analysis and log analysis across multiple systems to correlate events and user actions.

Psychological Operations Specialist, U.S. Army Reserve

(November 2012 – November 2020)

  • Manage U.S. regional interests in a defined geographic area.
  • Perform psychological operations to encourage compliance with U.S. interests in host nations.
  • Conduct face-to-face and key-leader engagements to represent U.S. policy and interests.
  • Serve as regional subject matter expert on geography, culture and economics.
  • Assessed international events, terrorist and religious extremist activity, adversary information operations, and host-nation response for impact to or from Information Operations.

Owner, McAfee Media Solutions

(January 2009 – November 2022)

  • Perform security assessments on existing SO/HO networks to identify and remediate security vulnerabilities.
  • Perform post-incident review and malware analysis of personal devices for high-profile individuals and provide remediations.
  • Design, Implement, and Administer SO/HO Networks, including smart home automation, IP cameras, WLAN, and DHCP/DNS servers.
  • Conduct entry-level courses on technical subject matter, covering areas of instruction in Security+, Network+, Global Certified Intrusion Analyst, and Adversary Emulation.
  • Conduct adversary emulation including physical penetration testing, network reconnaissance, and phishing campaign design.

Education

Western Governors University

Bachelors of Science, Cybersecurity and Information Assurance (Expected Fall 2025) Completed courses covering a multitude of cybersecurity domains, including Secure Systems Analysis and Design, Data Management, Web and Cloud Security, Hacking Countermeasures and Digital Forensics and Incident Response.

SANS

GIAC Certified Forensic Analyst (GCFA) No. 20325 Certified: September 2022 – September 2026 Certified in Log Analysis and Packet Analysis. Detection Engineering utilizing Intrusion Detection (IDS) and Intrusion Protection Systems (IPS), and raw packet analysis and review, and assessment of TCP/IP networks and related 802.x protocols.

GIAC Certified Intrusion Analyst (GCIA) No. 14948 Certified: January 2021 – January 2025 Certified in Log Analysis and Packet Analysis. Detection Engineering utilizing Intrusion Detection (IDS) and Intrusion Protection Systems (IPS), and raw packet analysis and review, and assessment of TCP/IP networks and related 802.x protocols.

Chattanooga State Technical Community College Chattanooga, TN

Associates of Arts (May 2009) Pursued to transfer credits to UT’s Mass Communications program. Elected multiple information technology courses in addition to program requirements; including Linux, Java, VisualBasic, and System Analysis and Design.

Black Hills Information Security

Certifications Cyber Threat Hunting - Adversary TTP Endpoint Detection No Span, No Tap, No Problem - Arp Cache Poisoning in limited access and denied environments Active Defense and Cyber Deception - HoneyPot, Canary Documents, and other legal and practical adversary entrapment technologies

Awards and Professional Associations

SANS Advisory Board Membership - exemplary scores in the Certified Intrusion Analyst (GCIA) exams.

JFK Special Warfare Center, Unit Exemplary Leadership Award - awarded to soldiers who mentor and train peers while in a non-managerial role.

SANS Challenge Coin SEC503 - awarded to students who win the SEC503 End of Course CTF

DEFCON OpenSOC ‘21 Top30 - completed the 2021 DEFCON OpenSOC as a member of a Top30 team

15th Psychological Operations Battalion Challenge Coin - awarded for excellence in Information Operations and training of NATO Allied Personnel during Sabre Junction ‘14

Co-Founder – Crows Nest Information Security Discord, dedicated to the growth and mentorship of individuals new-to or pursuing information security careers

Member – SANS Advisory Board, work to develop the next generation of SANS courseware and testing to provide the highest caliber of cybersecurity certification

Treasurer Elect – Information Systems Security Association; East TN Chapter, maintain correct records and legal filings for all chapter financials

Skills

  • Incident Response and Remediation
  • Risk Assessment and Treatment
  • Full Stack Troubleshooting, Log Analysis and Problem Resolution
  • Capture The Flags (CTF)
    • Splunk BotS ‘21
    • OpenSOC ‘21
    • SANS SEC503 20Q3
    • SANS SEC508 22Q1
    • Various others
  • Purple Team Exercise Design
  • Adversary Emulation Techniques
  • Phishing
  • Physical Penetration Testing
  • Network Penetration Testing and Assessment
  • Password Cracking
  • Privilege Escalation and Cached Credential Theft
  • Social Engineering
  • Vishing
  • OpenSource Intelligence Gathering
  • System Analysis and Auditing
  • Secure Systems Architecture and Threat Modeling
  • Digital and Classroom Instruction of Technical Subjects
  • Complex Project Management
  • Linux and Windows System Hardening
  • Process Analysis, Process Improvement, and Process Automation
  • OpenSource Tooling

Languages

Proficient in Bash, PowerShell, HTML, CSS Competent in Python, Ducky

Technologies

  • Intrusion Prevention (IPS) and Intrusion Detection Systems (IDS)
  • Endpoint Detection and Response (EDR)
  • Public Key Infrastructure (PKI) and Asymmetric Encryption Standards
  • Log Analysis and Event Correlation
  • Packet Analysis and Full Packet Capture
  • Memory Analysis
  • Security Information and Event Management (SIEM)
  • Adversary Emulation Framework
  • Disk Analysis

Tools

  • ArcSight
  • Autopsy
  • Darktrace IDS
  • Crowdstrike Falcon with Identity Protection
  • Microsoft Defender Suites
    • Cloud
    • Cloud Apps
    • Endpoint
    • Identity
    • Server
  • Microsoft Sentinel
  • SumoLogic Cloud SIEM
  • TCPDump
  • Velociraptor
  • Volatility
  • Wireshark
  • Zimmerman Tools

Frameworks

  • MITRE ATT&CK
  • MITRE D3FEND
  • Center for Internet Security (CIS) Assessment
  • NIST CSF/800-53
  • NIST 800-30
  • ISO27001
  • SOX
  • HIPAA