Scott Turner

• Mentored Junior and Senior Security Engineering Staff to build them to achieve their next career goal.
• Optimized internal workflows and mechanism to achieve a 30% reduction in Dev time to complete a Amazon Security Review
• Developed Security forward tooling leveraging GenAI tech to learn, map, and identify infrastructure security gaps and map potential adversarial attack paths to ensure system resilience.
• Created opportunities for engineers to learn and be curious. Coaching them on exploratory efforts (side quests) to build security solutions to better enable our Builders.
• Delivered on large security efforts requiring cross team collaboration and integration of large Business acquisitions ($4.23 Billion) to better serve Healthcare customers while maintaining the Amazon Security bar.
• Reduced on-boarding new hire timelines from a P50 of 90 days to 45 days by developing Healthcare specifics Security Engineer training and iterating on user feedback.
• Maintained team harmony and production during critical times of Organization and company change.
• Implemented Pro-active Security practices leveraging OSINT and Threat Intel reporting to guide Principal Business and Security leadership on protection strategies and program direction.

• Managed Cybersecurity tool sets that report on the Compliance, Security, and Operational Status of Marine Corps Intelligence Systems.
• Lead a Team of Eight Contract Support Personnel, Two Government Civilians, and Two Marines.
• Reported to Senior Leadership all findings discovered inside of the Marine Corps Intelligence enclave and provide proposed mitigation strategies for Senior Leadership Approval
• Compiled Intelligence reports as they pertain to the security of Marine Corps systems as a way to better defend our operational systems deployed.
• Maintained Marine Corps system accreditation packages and ensure Body of Evidence (BoE) documentation is current and to USMC standard for intelligence systems.

• Established an operational Insider Threat Hub for the Marine Corps Intelligence Community responsible for roughly 25,000 users.
• Implemented security and program requirements as outlined in higher-level policy such as Federal Law, Regulations, Executive Orders, and Presidential directives.
• Review and evaluated system and network audit data to include User Activity Monitoring (UAM) data of over 25,000 systems across the Marine Corps Intelligence, Surveillance, and Reconnaissance Enterprise (MCISR-E).
• Monitored all program Information Technology equipment to ensure optimal performance and security compliance on multiple technology areas to include Redhat Enterprise Linux (RHEL) servers, Oracle Databases, and Cross Domain Solutions (CDS) employed on multiple enclaves.
• Assessed new system design methodologies to ensure security is the building block of the overall system.
• Drafted and publish documentation, to include Standard Operating Procedures (SOP), Configuration Management Plan, Continuous Monitoring Plan, System Security Plan (SSP), and system Plan of Action and Milestone (POA&M) in accordance with DODI, ICD, CNSSI and NIST policies.

• Conducted Cybersecurity (White Team) assessments to maintain a positive security posture on United States Marine Corps (USMC) networks both CONUS and OCONUS.
• Determined the current vulnerabilities on USMC Marine Corps Enterprise Network (MCEN) to include testing emergency response plans, ensuring their adherence to policy, STIG compliance, and their general Cybersecurity awareness.
• Analyzed all findings and communicated remediation strategies to senior team leadership.
• Coordinated with outside vendors and organizations to meet client and organizational needs.

• Managed a team of four contractors in the Special Security Office and the Marine Corps Intelligence Activity (MCIA) Computer Network Defense office to ensure customer satisfaction and requirements are met to the organizational standards.

• Provided Information Assurance and Technical System assistance to meet client expectations and achieve system Authority to Operate for new systems the client was bringing online.

• Conducted Information Assurance (IA) security scans and ensured system compliance on all of our technical assets, to include RHEL version 5 & 6 servers, Oracle Databases, and Cisco network equipment.

• Analyzed system security findings to provide mitigations or remediation's to obtain system security compliance.

• Managed the current system accreditation packages to ensure client networks are operating in compliance with USMC, DODI, CNSSI, NIST and DISA requirements.

• Operated the system architecture integration expansion and software design to product recommendations.

• Conducted IA system security assessment, to include the identification and mitigation of system security risks and threats.

• Managed and directed the department STIG tech team responsible for achieving and maintaining STIG compliance on all department asset.

• Managed the Information Assurance tech team responsible for managing and maintaining system security posture on Information Assurance Vulnerabilities (IAV) per United States Cyber Command mandate.

• Designated by upper management to perform Media Transfer Agent (MTA) duties in compliance with Command Technical Order 1025.

• Implemented a network storage solution using Microsoft Storage Server 2008.

• Created and deployed a STIG compliant Windows 7 image per DISA guidelines for PL-1/ 2 systems.