Expert Details
Cybersecurity, Information Security, IT Security, and Information Technology
ID: 734129
North Carolina, USA
Expert has 16 years of experience in the information security field, eight of which are within the financial services industry. Prior to his current role, Expert has held roles within the Information Security field at Ernst & Young consulting within the financial services industry exclusively, Hewlett Packard supporting the Department of Homeland Security as their Lead Security Architect, and Lowe’s Companies in a senior security engineering capacity, with his career starting in the United States Air Force. Expert is currently a member of the Executive Advisory Board for Symantec, as well as a member of the Advisory Board for Observe IT, and previously was a member of the Advisory Board for Skyhigh Networks and FireEye.
Expert also develops information security content and courses for Pluralsight (most of which is their Certified Information Systems Security Professional (CISSP) content) and was previously an Adjunct Professor within the School of Technology at Westwood College.
Expert was an honors graduate for his Masters of Business Administration degree with a concentration in Information Systems Management, an honors graduate for his Masters of Information Systems degree with a concentration in Computer Security Management, and a Summa Cum Laude graduate for his Bachelors of Information Technology degree with a concentration in Network Administration. Expert possesses 31 information security and information technology certifications, with the most noteworthy being the Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Cisco Certified Network Professional Security (CCNP Security), and Microsoft Certified Systems Engineer: Security (MCSE: Security) certifications, with the remaining being from Cisco, Microsoft, the National Security Agency (NSA), RSA, and a few other organizations. Expert has a patent pending for the method and apparatus for identifying and deceiving non-proxy aware malware destined for a black hole network.
Prior consulting engagements:
- Developed the data sharing strategy for one of the world's largest automotive financial services firms to meet international privacy requirements for their operations in North America, South America, Europe, and Asia.
- Overhauled the strategy for production logging and monitoring one of the world's largest banking and financial services companies.
- Designed the enterprise-wide customer data safeguards for a leading global financial services firm.
- Defined the requirements for segregation of duties at one of the world's largest banking and financial services companies.
- Built the enterprise-wide privacy program for one of the world's largest financial services firms.
- Designed and engineered a fault-tolerant Network Intrusion Detection / Prevention System (IDS/IPS), which successfully captured all relevant network traffic, even with bandwidths exceeding 20 gigabits per second (Gbps).
- Designed and engineered the fully virtualized, multi-tier demilitarized zone (DMZ), consisting of Web, App, Database, and Management tiers, ensuring protection of sensitive assets and data.
- Led the data center consolidation effort, from the security perspective, of 250+ data centers into two data centers, which enabled fully redundant and consistent operations.
- Designed an overarching, enterprise-wide Security Information and Event Management (SIEM) system, incorporating data flows, events, and logs from the enterprise's hundreds of geographically disperse sites and Security Operations Centers (SOCs).
- Engineered a custom, innovative antivirus solution for the AIX and Solaris platforms, enabling these system types' ability to meet regulatory requirements on antivirus management and automation.
Education
| Year | Degree | Subject | Institution |
|---|---|---|---|
| Year: 2013 | Degree: Master of Business Administration | Subject: Information Systems Management | Institution: Strayer University |
| Year: 2009 | Degree: Master of Science in Information Systems | Subject: Computer Security Management | Institution: Strayer University |
| Year: 2006 | Degree: Bachelor of Information Technology | Subject: Network Administration | Institution: American Intercontinental University |
Work History
| Years | Employer | Title | Department |
|---|---|---|---|
| Years: 2011 to Present | Employer: Undisclosed | Title: Senior Director, Head of of Security Technologies | Department: Cybersecurity |
Responsibilities:Expert is the Leader of the Security Technologies Tower (direct report to the Chief Security Officer (CSO)), which consists of five distinct teams and sub teams within them, including Security Architecture, Security AppDev, Security Release Management, Security Shared Services, and Threat Management Solutions teams. The tower consists of 102 personnel as Security Architects, Application Developers, Release Managers, and Security Engineers; including, five managers, as well as independent and SOW-based contractors. |
|||
| Years | Employer | Title | Department |
| Years: 2017 to Present | Employer: Undisclosed | Title: Executive Advisory Board Member | Department: Executive Advisory Board |
Responsibilities:Expert advised major security company on relevant areas of product development, providing executive level insights into security problems seen by his industry to lead to more valuable products for their customers. |
|||
| Years | Employer | Title | Department |
| Years: 2017 to Present | Employer: Undisclosed | Title: Advisory Board Member | Department: Advisory Board |
Responsibilities:Expert advised leading insider threat / user activity monitoring company on relevant areas of product development, leading to more valuable products for their customers, ultimately enabling stronger business development opportunities for Observe IT to continue to grow their market share. |
|||
| Years | Employer | Title | Department |
| Years: 2016 to 2017 | Employer: Skyhigh Networks | Title: Advisory Board Member | Department: Advisory Board |
Responsibilities:Expert advised front-running Cloud Access Security Broker (CASB) company on relevant areas of product development, ultimately enabling stronger business development opportunities for Skyhigh. |
|||
| Years | Employer | Title | Department |
| Years: 2015 to Present | Employer: Undisclosed | Title: Author | Department: Content Development |
Responsibilities:Expert developed multiple courses and examinations on security and technology domains, including:- Basic Computer Hardware - CISSP – Asset Security - CISSP – Communications and Network Security - CISSP – Security Engineering - Cyber Security for IT Professionals - Digital Forensics – Getting Started with File Systems - Managing Microsoft Networks - Windows Server Management |
|||
| Years | Employer | Title | Department |
| Years: 2011 to 2013 | Employer: Westwood College | Title: Adjunct Professor | Department: School of Technology |
Responsibilities:Expert has taught, as well as developed, courses for Westwood College.Examples his college courses are: - Computer Forensics Analysis - Database Management Systems - Technical Documentation and Project Management He has also developed college courses including: - Forensic Digital Evidence Handling and Investigation - Managing Malicious Software - Mobile Device Forensics - Operating System Forensics - Forensic Capstone Course for Bachelor's Degree |
|||
| Years | Employer | Title | Department |
| Years: 2010 to 2011 | Employer: Ernst & Young (EY) | Title: Manager, Information Security | Department: Information Security (Financial Services) |
Responsibilities:Expert managed engagement teams and advised clients within the financial services industry on information security-related topics, issues, and concerns. He served as the formal Counselor role for four Senior and Staff advisors, as well as, functioned as the Engagement Manager for the various numbers of personnel assigned to the engagements. Clients consisted of only top-tier global financial services institutions. |
|||
| Years | Employer | Title | Department |
| Years: 2009 to 2010 | Employer: Hewlett Packard (HP) / General Dynamics Information Technology (GDIT) | Title: Lead Security Architect / Senior Principal Analyst, Information Security | Department: Department of Homeland Security Account |
Responsibilities:Expert led the Security Architecture and Engineering team and provided security consulting to all IT projects within the Department of Homeland Security. He also supported HP in their efforts to provide enterprise services to the Department of Homeland Security. He managed six Information Security Architects and Engineers. |
|||
| Years | Employer | Title | Department |
| Years: 2008 to 2009 | Employer: Lowe's Companies, Inc. | Title: Information Security Analyst II | Department: IT Security |
Responsibilities:Expert provided senior-level security analysis, mentored the development of junior analysts, and provided security consultation to business units on their technology needs. |
|||
| Years | Employer | Title | Department |
| Years: 2001 to 2008 | Employer: United States Air Force | Title: Staff Sergeant | Department: Various |
Responsibilities:Expert's duties varied greatly on a daily basis throughout the performance of his various roles. He managed junior personnel. |
|||
Government Experience
| Years | Agency | Role | Description |
|---|---|---|---|
| Years: 2001 to 2008 | Agency: United States of America / United States Air Force | Role: Staff Sergeant | Description: Duties varied greatly on a daily basis during performance of my various roles. Managed junior personnel. |
| Years: 2009 to 2010 | Agency: United States of America / Department of Homeland Security | Role: Lead Security Architect | Description: Led the Security Architecture and Engineering team and provided security consulting to all IT projects within the Department of Homeland Security. Supported HP in their efforts to provide enterprise services to the Department of Homeland Security. Managed six Information Security Architects and Engineers. |
International Experience
| Years | Country / Region | Summary |
|---|---|---|
| Years: 2003 to 2003 | Country / Region: Canada | Summary: Military mission |
| Years: 2003 to 2003 | Country / Region: Federal Republic of Germany | Summary: Military mission |
| Years: 2003 to 2003 | Country / Region: Federal Republic of Germany | Summary: Military mission |
| Years: 2003 to 2003 | Country / Region: Hellenic Republic | Summary: Military mission |
| Years: 2003 to 2003 | Country / Region: Republic of Iceland | Summary: Military mission |
| Years: 2003 to 2003 | Country / Region: Japan | Summary: Military mission |
| Years: 2003 to 2003 | Country / Region: United Arab Emirates | Summary: Military mission |
| Years: 2003 to 2003 | Country / Region: Republic of Korea | Summary: Stationed overseas |
| Years: 2003 to 2003 | Country / Region: United Kingdom of Great Britain and Northern Ireland | Summary: Consulting engagement |
| Years: 2003 to 2003 | Country / Region: Hong Kong Special Administrative Region of the People's Republic of China | Summary: Consulting engagement |
| Years: 2003 to 2003 | Country / Region: Republic of India | Summary: Business expansion |
| Years: 2003 to 2003 | Country / Region: Republic of India | Summary: Business expansion |
Career Accomplishments
| Licenses / Certifications |
|---|
| - Certified Information Systems Security Professional (CISSP) - Certified Information Security Manager (CISM) - Cisco Certified Network Professional Security (CCNP Security) - Cisco Certified Security Professional (CCSP) - Cisco Certified Network Associate Security (CCNA Security) - Cisco Certified Network Associate (CCNA) - Cisco Adaptive Security Appliance Specialist - Cisco Firewall Security Specialist - Cisco Internetwork Operating System Security Specialist - Cisco Intrusion Prevention System Specialist - Cisco Network Admission Control Specialist - Cisco Virtual Private Network Security Specialist - Microsoft Certified Information Technology Professional (MCITP) - MCITP: Enterprise Administrator (Charter Member) - Microsoft Certified Technology Specialist (MCTS) - MCTS: Active Directory, Configuration - MCTS: Applications Infrastructure, Configuration - MCTS: Network Infrastructure, Configuration - MCTS: Windows 7, Configuration - Microsoft Certified Systems Engineer: Security (MCSE: Security) - Microsoft Certified Systems Engineer (MCSE) - Microsoft Certified Systems Administrator: Security (MCSA: Security) - Microsoft Certified Systems Administrator (MCSA) - Microsoft Certified Professional (MCP) - RSA SecurID Certified Systems Engineer - RSA SecurID Certified Administrator - CompTIA Security+ Certified - CompTIA Network+ Certified - CompTIA A+ Certified - QualysGuard Certified Specialist - Certified Virtualization Expert - National Security Agency (NSA) 4011 Recognition - National Security Agency (NSA) 4013 Recognition |
| Awards / Recognition |
|---|
| - CSO50 Award: We won a CSO 50 award for our automated, company wide certificate (asymmetric key pairs) management system to reduce the time and resources required to provision them, as well as improve the security for the firm via the strength of the certificates themselves that were deployed within the environment. - Honors graduate: Master of Business Administration (MBA), Information Systems Management - Honors graduate: Master of Science in Information Systems (MSIS), Computer Security Management - Summa Cum Laude graduate: Bachelor of Information Technology (BIT), Network Administration |
| Publications and Patents Summary |
|---|
| One patent pending. |
Language Skills
| Language | Proficiency |
|---|---|
| Spanish | Beginner |
| Italian | Beginner |
| Russian | Beginner |
Fields of Expertise
local-area network security, application security, internet security, intellectual property security, internal security (military), information technology security, industrial security, homeland security, government security, physical security, electronic security, information security management, information security, computer room security, computer security system, computer network security, communications security, bank security, cyberspace, internet crime, cyber security, information technology compliance, information technology management, information technology, information technology engineering, systems network architecture, forensic architecture, computer architecture, client/server architecture, information system high level architecture, communication network, communication system engineering, software security system, security system, security procedure, security management, security standard, security risk assessment, security electronics, security, premises security, network security system