Summary

Information Security Professional with 10+ years of experience in information security engineering and Linux system administration across various industries and environments. Skilled in vulnerability management, risk management, network security, system administration, penetration testing, and regulatory compliance.

Skills

• Certifications: Network+, Security+, CCNA, CISSP, CISA, RHCSA, RHCE
• Systems: Linux (Debian, RHEL, CentOS, SUSE), Windows, AWS, Azure, GCP
• Languages: Python, Ruby, Bash, Powershell, PHP, CSS, HTML
• Cloud/Web: Terraform, Ansible, CloudFormation, Docker, Django, React
• Frameworks: HIPAA/HITRUST, PCI-DSS, Fedramp

Work Experience

2023-Present: Human Health, Information Security Officer

• Spearheaded and executed HIPAA Type 2 assessment, ensuring compliance with healthcare data protection.
• Pioneered the organization's first external penetration test to enhance cyber defenses.
• Developed a comprehensive security and compliance framework from inception.
• Streamlined operations through automation of device deployment processes.
• Oversaw internal IT operations and proactive threat detection.

2022-2023: Lateral Security, Principal Information Security Consultant

• Conducted security evaluations for New Zealand government agencies, identifying vulnerabilities and recommending solutions.
• Developed and implemented security policies to ensure compliance with industry standards.
• Advised clients on information security best practices, data protection, and access controls.

2019-2022: Jvion, Information Security Director

• Built and managed an information security program protecting over 30MM+ health records.
• Configured Rapid7 InsightIDR SIEM across AWS and Azure environments.
• Deployed Microsoft Sentinel and Cloud App Security in Azure.
• Led a team through HITRUST certification for 4 years.
• Managed vulnerability and patch management programs.

2016-2019: Actiance Inc., Security Operations Director

• Developed compliant security programs in line with FFEIC and the Patriot Act.
• Maintained 99.99% uptime of the DR/BCP facility, managing a team of 15 members.

2015-2016: McGladrey LLP/RSM International, Information Security Consultant Senior Associate

• Led risk advisory engagements for compliance frameworks such as PCI-DSS, ISO 27001/2, and NIST 800-53.
• Managed large technical security audits of virtual and physical infrastructures.

Education

Harper College - LPN (2011)

U.S. Marines Intelligence School - Intelligence Analyst and Interrogation Specialist (2003)

Contributions/Philanthropy

• Speaker at BSides Chicago (2014) and Defcon (2018) on Hacking Diversity in the tech community.
• Mentor for YearUp, a program teaching IT skills to underserved communities.