Experienced Cyber Professional and Military Veteran with 24 years of military service and 6+ years in cyber. Led various challenging roles, providing valuable security insight into IT trends. Extensive expertise in cyber security, network administration, and IoT. Dedicated to collaborating with a team of experts to achieve excellence in the future of cyber and drive success for the company.
-Developed and implemented security protocols to safeguard sensitive data and systems.
- Conducted vulnerability assessments to identify and mitigate potential risks across enterprise networks. -Collaborated with cross-functional teams to enhance incident response strategies and improve threat detection capabilities.
-Led cybersecurity training sessions for staff, fostering a culture of security awareness throughout the organization. -Developed and implemented security protocols to protect sensitive data from breaches.
-Conducted vulnerability assessments to identify and mitigate potential threats in network infrastructure.
-Collaborated with cross-functional teams to enhance cybersecurity awareness and training programs.
-Oversaw incident response procedures, ensuring timely resolution of security incidents and breaches. Refined
- Documented NIST 800‑53 security policies during early application development phases; authored six policies and procedures supporting compliance readiness.
- Developed five additional policies and procedures aligned with NIST 800‑171 and CMMC requirements, strengthening organizational audit preparedness.
- Managed the creation and maintenance of POA&Ms, tracking critical, moderate, and low‑severity CVEs and aligning remediation timelines with engineering teams.
- Coordinated cross‑functionally with cybersecurity, engineering, and corporate stakeholders to produce and maintain the Body of Evidence (BoE) for multiple products.
- Conducted DADMS research for upcoming products and documented required entries to ensure accurate lifecycle tracking. Application Security / DevSecOps
- Performed SAST and DAST tool research and evaluation, collaborating closely with engineering teams to support secure application development and tool integration.
- Defined OWASP Top 10 vulnerabilities relevant to active projects and partnered with leadership to implement defense‑in‑depth remediation strategies.
- Supported secure baseline development by working directly with engineering teams during patch testing, validation, and deployment into new product baselines.
- Researched applicable STIGs/SRGs and documented compliance findings using STIG Viewer to support secure configuration and accreditation efforts. Vendor & Stakeholder Engagement
- Maintained open communication with vendors to ensure product issues were accurately reported, tracked, and resolved in alignment with cybersecurity requirements.
- Collaborated with internal and external partners to ensure products met cyber‑safety standards throughout development and deployment. Cybersecurity Program Support
- Developed POA&M structures and remediation timelines guiding products through cybersecurity lifecycle stages, including risk management, coding standards, testing, scanning, deployment, and maintenance.
- Assisted CMMC teams with documentation, evidence collection, and policy development to support certification readines