Resume
Certifications / Accolades
- GIAC GSEC
- GIAC GPEN
- GIAC GWAPT
- GIAC GDAT
- GIAC GCDA
- GIAC Advisory Board Member
- 2x SANS Netwars Tournament of Champions participant
- SANS Blue Team Summit Panel Speaker (2021/2022)
Projects
ReflexSOAR
https://www.reflexsoar.com
Security Orchestration, Automation, Response & Incident Mangement platform
Work Experience
Holman Enterprises
Manager, Information Security Operations
Dec 2020 – Present
Mt. Laurel, New Jersey, United States
- Manages a team of offensive and defensive security professionals.
- Coordinates with internal business and IT partners to ensure the Security Operations team is meeting internal and external customer demand.
- Reports on Information Security risk to IT Leadership and Executive management.
- Responsible for providing key performance metrics on the Security Operations program on a monthly and quarterly basis.
- Participates in security vendor relationship management and budgeting activity.
- Subject matter expert for network, operating system, and application-based security architecture as well as defensive and offensive security operations.
- Responsible for the evaluation and selection of software-based network segmentation tooling to lower the overall attack surface and minimize lateral movement across the environment.
- Responsible for improving network level visibility through integrations with Application/Network load balancers, Network Firewalls, and Intrusion Detection/Prevention systems.
- Responsible for the technical and professional growth of Information Security staff.
- All activities from previous Project Leader role persist as a technical hands-on manager.
Project Lead III - Information Security Analyst
Jun 2015 – Dec 2020
5 yrs 7 months
Mt. Laurel
- Responsible for the design, implementation and tuning of Enterprise Logging and Detection technologies utilizing commercial off the shelf SIEM applications and/or custom-built solutions, Sigma, Microsoft Sysmon, osquery, yara and other defensive tools.
- Responsible for the design, implementation, and maintenance of vulnerability management tooling, including but not limited to vulnerability scanner placement, console management, and overall vulnerability management program guidance and execution.
- Serves as the subject matter expert during all security incidents, following the standard incident response lifecycle through all its phases and providing executive level summaries for consumption by IT leadership, executive leadership, and board level audiences.
- Responsible for evaluating, selecting, implementing, and maintaining enterprise endpoint protection platforms (EPP) and endpoint detection and response (EDR) tools; collapsing multiple disparate solutions into one enterprise ready stack.
- Responsible for the scoping of application security evaluations using external vendors and relaying of guidance for remediation to development leadership; responsible for validating application security remediation initiatives through offensive security techniques.
- Responsible for the evaluation, architectural design and implementation of application security architecture and tools including but not limited to static, dynamic, and run-time-based application security scanning suites.
Serves as the primary resource for internal application and network security testing, evaluating security implementations and providing detection logic to defensive teams for detection and response. - Responsible for implementing and maintaining Active Directory and Operating System hardening recommendations to reduce attack surface.
Responsible for creating custom tooling to tie security implementations together.
Responsible for the creation of security operations and incident response playbooks.
GrayHair Software, Inc.
Sr. Security Engineer
Feb 2011 – Jun 2015
4 yrs 5 months
Mt. Laurel NJ
- Infrastructure design and implementation
- Manage and maintain network consisting of cluster aware SQL databases, VMWare infrastructure containing Windows and *nix servers.
- Maintain Cisco security devices and firewall access lists and policies.
- Network architecture design and management (Switches, Routers, Firewalls)
- Manage Network Intrusion Prevention & Detection Systems
- Web Application Security testing via manual and automated testing
Penetration testing via manual and automated testing methods - Take part in Information Security procedures including Internal/External Security, Intrusion Detection, 3rd Party Security audits.
- Process automation and simplification using C#, Python, PHP, VBScript
- Exchange Management and Configuration
- Microsoft Lync Server Management and Configuration
- Configure and maintain organization Active Directory Services
- Load balancer configuration and management
- Web server cluster configuration and management (Resin, Apache, IIS)
- Managed secure file transfer solutions and developed tools to easier support said solutions