A well-rounded Information Security leader with hands on experience in a wide range of technologies from firewalls to DLP. I work well in cross-functional teams and have an excellent understanding of the balance between business, legal, and technological priorities.
January 2017 - February 2018
Head of Security Policy, Audit & Compliance
- Working across Information Security, Legal, and Business teams to develop Flatiron’s security policy in accordance with regulatory and contractual requirements. (HITRUST, HIPAA)
- Building processes to audit compliance to security policy.
- Conducting security onboarding training for all new employees.
- Performed PoC and selected a GRC tool to consolidate related information to a single system of record.
January 2016 - Present
Workshops Review Board and Goon (Volunteer Position)
- Reviewed workshop proposals submitted to DEF CON and provided input for acceptance or rejection.
- Staffed registration and check in of students for DEF CON Workshops.
June 2014 - January 2017
Director of Compliance
- Guided the software development team to improve security posture and compliance with industry standards and regulatory requirements, including PCI and SOX.
- Instituted change control process for new software deployment, ensuring proper notification to stakeholders, and reducing outages due to miscommunication.
- Evaluated EMV payment terminal options and worked with Legal and Business Operations to map out and execute migration strategy.
Crypto & Privacy Village
January 2015 - January 2017
Co-Organizer (Volunteer Position)
- Led the recruitment and scheduling of volunteers to staff village during DEF CON.
- Worked with organizing team to plan and execute talks, workshops, and activities for the village.
June 2012 - June 2014
Technical Lead, Data Protection
- Managed a team of Information Security Analysts in day-to-day operations of the enterprise Data Loss Prevention (DLP) program.
- Led the technical direction and architecture for the data protection program to increase the scope of coverage from personally identifiable information (PII) to unstructured material nonpublic information.
- Established configuration baselines with oversight for web proxy, and email security platforms.
- Collaborated with Compliance and Internal Audit teams to ensure security controls match company policy and regulatory requirements.
- Led TIAA's LGBT Employee Resource Group for the Charlotte office.
July 2009 - June 2012
Senior Information Security Engineer
- Successfully led a multi-year, multi-million dollar project to fully deploy Symantec Data Loss Prevention (Vontu) including Data at Rest, Data in Motion and Data in Use aspects.
- Deployed and managed Ironkey devices for secure encrypted storage of corporate data.
- Performed firewall change request reviews and approvals.
- Performed server vulnerability testing with nCircle appliances.
June 2004 - July 2009
Senior Network Engineer
- Managed NetScreen firewall configurations at multiple locations with NetScreen Security Manager.
- Led a team to complete the migration of business partner connections to the new Broomfield Data Center.
- Consolidated multiple disparate DNS and DHCP services into a single platform using Lucent VitalQIP with network access control capabilities using Lucent Registration Manager.
- Designed and implemented IronPort email security appliances for malware and spam filtering.
- Managed global server load balancing function using F5’s 3DNS and Big-IP platforms.
- Designed and implemented DMZ and remote access services for Charlotte office.
- Managed multiple Proxy Server environments including Blue Coat HTTP and Permeo SOCKS proxies.
January 2001 - June 2004
- Performed vulnerability assessments and monitoring on DMZ hosts utilizing Nessus and nmap.
- Managed Check Point firewalls on Nokia hardware platform and Cisco PIX firewalls.
- Designed and deployed DMZ with full redundancy to dual ISPs using BGP4 for near 100% uptime.
- Managed Cisco VPN appliances, routers, switches, and CSS load balancers in DMZ environment.
- Designed and managed enterprise DNS/DHCP platform with Lucent QIP.
May 1998 - December 2000
Computer Systems Engineer
- Implemented cost-efficient VPNs for connectivity to the company's European locations.
- Redesigned and installed frame relay WANs for international locations.
- Managed Check Point Firewall-1 and Cisco PIX firewalls with full failover capability.
- Responsible for GroupWise server infrastructure.
- Designed and implemented standard web server architecture for B2B and B2C web applications
April 1995 - May 1998
- Implemented Positive Pay system with electronic imaging to eliminate check fraud.
- Managed short-term investment portfolio, and short-term loans for optimal cash balances.
- Developed financial plan and analysis for manufacturing startup in Malaysia and China.
Achievements & Training
- Presented talk on “Data Protection 101” at DEF CON 22 (2014)
- HP Arcsight ESM Security Analyst training
- GIAC Security Essentials Certification (GSEC) (expired), published in SANS Reading Room
- Cisco Certified Network Associate (CCNA) (expired)
- Check Point Certified Security Administrator (CCSA), Check Point Certified Security Expert (CCSE)
Western Michigan University
Master of Business Administration (1998)
- Concentration in Information Systems.
Bachelor of Business Administration (1994)
- Graduated cum laude. Major: Finance, Minors: Accounting and General Business