Proven leader with a passion for building high performing teams and developing world class talent. Adept at managing highly technical teams and driving results to accomplish challenging objectives protecting the business from cyber threats.
Interested in obtaining a position where I am empowered to take innovative approaches with an elite team and challenge myself to learn, grow, and continue to improve.
Work History
Senior Manager, Global Cyber Threat Management, 01/2021 to Current Bluecross Blueshield Of Tennessee, Inc. – Two Rivers, WI,
Built a best of breed Global Cyber Threat and Vulnerability Management organization from the ground up consisting of five functional teams including threat intelligence, threat hunting, red team, incident response, and vulnerability management.
Utilized a purple team approach to facilitate highly collaborative, cross-team workflows providing validation of implemented detections and controls, identification of vulnerabilities, and configuration recommendations.
Develop strategy, roadmap, and budget for all teams to align with technology, product, and overall business strategy in excess of 10 million dollars.
Interface with globally dispersed business units, management, and executive leadership during incident investigations.
Provide after action reports to both technical and non-technical stakeholders.
Collaborated with globally dispersed IT and business stakeholders to provide requirements and make security recommendations for projects and initiatives.
Performed gap analysis and provided recommendations for tooling improvements to facilitate increased visibility for response and hunt teams.
Lead a team of three highly technical managers and ten individual contributors.
Lead and manage MSSP relationships and personnel driving successful delivery of security services.
Performed goal setting, development and succession planning, and performance management for 3 managers and 2 individual contributors.
Developed and delivered actionable metrics that matter to executive leadership.
I/S Team Lead, 05/2019 to 01/2021 Cambia Health – Medford, OR,
Developed an enterprise digital forensics, incident response, and threat hunting program from the ground up.
Lead a team of 7 senior cyber threat hunters in hunt operations and incident response.
Lead vulnerability management program responsible for identification, escalation and reporting to remediation teams.
Mentor and train junior team members in both professional and technical disciplines.
Conduct host, network, and memory forensics, log analysis, malware triage, and malware reverse engineering in support of hunt operations and incident response.
Lead the team in creation of automation and alerts for malicious traffic.
Interface with business units, management, and/or executive leadership during incident response investigations.
Provide after action reports to both technical and non-technical stakeholders.
Recommend remediation actions based on incident response investigation findings.
Provide consulting, requirements, and use-cases for enterprise security RFPs and/or POCs.
Develop strategy, roadmap, and requirements for enterprise detection and response to align with technology, product, and overall business strategy.
Security Engineer III, 03/2017 to 05/2019 City Of Springfield, Il – Springfield, IL,
Performed threat hunting using threat intelligence, log analysis, and enterprise security tools.
Automated processes and tuned configurations to alert on malicious traffic patterns.
Red Team Operations - Network Penetration Testing, Web Application Penetration Testing, Endpoint Penetration Testing, and risk remediation validation.
Configured and maintained Web Application Firewall.
Reviewed and approved all enterprise firewall change requests.
Audited firewall rule implementations for process and technical accuracy.
Provided requirements and participated in technical review and POCs for new enterprise security tools.
Provided technical analysis and recommendations for suspected phishing emails.
Provided behavioral analysis/reverse engineering of suspected malware samples or suspect sites/links.
Network Security Administrator, 12/2014 to 03/2017 Rodney Susong MD – City, STATE,
Configured and maintained DMVPN network made up of primarily Cisco devices with 150 remote offices, 1500+ users, multiple data centers, and multiple sites with 200+ users.
Configured and managed Cisco ASA Firewalls with remote access VPN.
Configured and managed access control system for multiple large office sites.
Configured and managed KEMP Loadmaster load balancers for internal web application.
Managed and maintained 100+ enterprise servers. (CentOS, Ubuntu, and Windows)
Provided configuration and networking for open source Asterisk phone system.
Worked with Kaspersky and Malwarebytes Anti-Virus/Anti-Malware.
Managed projects for all new locations and acquisitions. (e.g., contract acquisition, telecom support, low voltage cabling, voice/data setup).
I/T Security Consultant, 01/2012 to 12/2014 Company Name – City, State,
Network administration
Cloud based web application support and troubleshooting
Email server/client configuration and management
Open source phone system configuration and management
Resumes, and other information uploaded or provided by the user, are considered User Content governed by our Terms & Conditions. As such, it is not owned by us, and it is the user who retains ownership over such content.
How this resume score could be improved?
Many factors go into creating a strong resume. Here are a few tweaks that could improve the score of this resume:
