Education

---

Professional Experience

Responsibilities

• Led Security Monitoring & Operations: Engineered and optimized advanced Splunk solutions for enterprise cloud logs, significantly improving data ingestion, real-time monitoring, and correlation. Improved incident detection and enhanced daily log processing, directly contributing to continuous security monitoring and workflow automation
• Pioneered Secure Cloud Architecture & Operations: Engineered and secured robust AWS cloud architectures from design to deployment for high-impact government programs (e.g., Georgia Medicaid), integrating native and third-party security tools to ensure data integrity, secure operations, and compliance.
• Managed and secured cloud infrastructure components like EC2, S3, and RDS
• Vulnerability Management & Risk Mitigation: Drove comprehensive threat modeling, risk assessments, and vulnerability management processes, ensuring stringent adherence to NIST 800-53 Rev 5 and HIPAA. Contributed a risk-based approach that reduced audit findings and resolved enterprise security design weaknesses.
• Enhanced Incident Response Capabilities: Fortified enterprise cloud logs and improved incident detection, laying foundational support for rapid response to security threats.
• Oversaw Security Tooling & Implementation: Integrated native and third-party security tools (e.g., GuardDuty, Config, Security Hub) into secure AWS cloud architectures for data integrity and compliance.
• Automated Security Controls & DevSecOps: Embedded security controls (SonarQube, Terraform) into CI/CD pipelines, automating vulnerability detection and enforcing secure coding standards, contributing to improved security defenses.
• Managed Access Control & IAM: Enhanced ICAM frameworks by designing and enforcing secure access protocols (SAML, OAuth, OpenID Connect) and automating processes with Keycloak, RedHat SSO, and Okta APIs via custom scripting, improving access efficiency and security for hundreds of users.
• Collaborated on Security Strategy: Provided expert input on secure architecture proposals for U.S. Department of Defense (DoD) projects, specializing in cross-domain data protection and securing data transfer for 5 high-impact initiatives.

Responsibilities

• Taught 6th grade mathematics
• Taught 6th – 8th grade Business & Computer Science
  

---

Skills

“I don’t even have any good skills. You know, like nun-chuck skills, bow hunting skills, computer hacking skills.”
– Napoleon Dynamite

Security Operations & Monitoring

• Security Information & Event Management (SIEM): Splunk, ElasticSearch, OpenSearch
• Security Orchestration, Automation, and Response
• Real-time Monitoring
• Alerting Systems
• Incident Detection
• Vulnerability Management
• Threat Detection & Prevention
• Security Metrics & Reporting

Cloud Environments & Security

• Amazon Web Services (AWS)
  • AWS Security Hub
  • CloudFormation
  • Config
  • CloudTrail
  • CloudWatch
  • Detective
  • EC2
  • GuardDuty
  • Inspector
  • Lambda
  • OpenSearch
  • RDS
  • Security Data Lake
  • Systems Manager
  • S3

Compliance & Frameworks

• NIST 800-53 Rev 5
• HIPAA
• ISO 27001
• CIS Controls
• SOC 2
• PCI DSS
• FedRAMP

Application Security & DevSecOps

• Secure Software Development Life Cycle (SSDLC)
• Threat Modeling
• Secure Coding Practices
• Security Testing
• Security Automation
• CI/CD Security
  • Git
  • Terraform
  • Jenkins
  • SonarQube

Identity & Access Management (IAM)

• Okta
• RedHat SSO
• Keycloack
• SAML
• OAuth
• OpenID Connect

Programming Languages

• Python
• Java
• Go (Terraform)
• C
• C++
• C#
• Assembly x86

Soft Skills

• Adaptability
• Analytical Thinking
• Collaboration
• Communication (Verbal & Written)
• Documentation
• Mentorship
• Problem-Solving
• Project Coordination
• Resource Allocation
• Team Leadership
• Technical Writing
• Training & Development

---

Because I Can Laugh at Myself

• Driving Reviews