Dedicated Cyber Security Professional
“There are no shortcuts to any place worth going.”
Skills
-
IT Audit
-
Vulnerability Management
-
Continuous Monitoring
-
Log Management
-
Risk Assessment
-
Penetration Testing
-
Vulnerability Assessments
-
SOC 1/2 Engagements
-
HITRUST
-
DFARS
-
Red Team
-
Cloud Security Management
-
Active Directory Auditing
-
Firewall Log Analysis
-
SIEM Implementation/Usage
Certifications
Information Security (22)
- Offensive Security Certified Professional (OSCP), Offensive-Security
- Certified Information Systems Security Professional (CISSP), (ISC)2
- Network Security Professional, CompTIA
- Network Vulnerability Assessment Professional, CompTIA
- Pentest+, CompTIA
- Certified Information Systems Auditor (CISA), ISACA
- Certified Risk and Informations Control (CRISC), ISACA
- Systems Security Certified Practitioner (SSCP), (ISC)2
- Security+, CompTIA
- Cybersecuirty Analyst+ (CSA+), CompTIA
- Certificate of Cloud Security Knowledge (CCSK), Cloud Security Alliance
- Cloud Essentials, CompTIA
- Security Analytics Professional, CompTIA
- Nessus Certificate of Completion, Tenable
- CSX Cybersecurity Fundamentals, ISACA
- IT Fundamentals+, CompTIA
- Certified Red Team Professional (CRTP), Pentester Academy
- eJPT - Junior Penetration Tester, e-LearnSecurity
- Certified Red Team Expert (CRTE), Pentester Academy
- WorkshopPLUS - Office 365: Security and Compliance, Microsoft
- AWS Certified Cloud Practioner, AWS
- Cybersecurity Audit Certificate, ISACA
CVE (2)
- CVE-2019-17526
- CVE-2018-11628
- CVE-2023-33524
Industries (6)
- Healthcare
- Financial
- Education
- Government
- Technology
- Consulting
Education
Master's Degree - CyberSecurity
Southern New Hampshire University (2014 - 2016)
Bachelor's Degree - Government
Suffolk University (2004 - 2008)
Work Experience
Security Consultant at GraVoc (2020 - Current)
AVP - Information Security Officer at Eastern Bank (2018 - 2020)
- Maintain Information Security policies and procedures, ensuring adherence by engaging cross-functional
organizational stakeholders in periodic policy review and changes. - Monitor external threat landscape for changes and ensure that security practices and programs adequately
address changing dynamics. - Conduct periodic user access reviews to ensure effectiveness of identity and access management program
and practices. - Assist in the delivery of a Bank wide information security education and awareness program, ensuring that
broad-based enterprise awareness objectives are met. - Responsible for interfacing on a regular basis with technology departments to provide security architecture
recommendations for improving configuration standards. - Provide information security subject matter expertise in bank technology project meetings.
- Lead security risk assessments of Bank and third-party technology platforms and document findings/risks.
Document and manage life cycle of critical cyber incidents. - Provide oversight of the Bank’s vulnerability management program.
Senior Information Security Analyst at OCD Tech (2017 - 2018)
- Provide independent and objective assurance of IT controls for a number of heavily regulated entities.
- Use industry recognized frameworks and best practices, assessing companies technology risks and
evaluating existing controls for risk mitigation. - Top Services include:
- Penetration Testing
- IT Audit
- SOC 1/2
- Vulnerability Assessments
- DFARS
- SSP Generation
- Ongoing Information
- Security Consultation
Information Security Analyst at Kronos (2016 - 2017)
- Monitored the organization’s infrastructure for analysis of key systems. .
- Prepared reports that document security incidents and the possible damage caused by the incidents.
- Helped plan, execute, and promote the organization’s way of handling security.
- Executed continuous monitoring of changes made within multiple systems and analysis of appropriate segregation of duties within those actions.
- Top Services included:
- Firewall Analysis
- Active Directory Auditing
- Employee termination review
- ServiceNow Auditing
IT Team Lead at Southern New Hampshire University (2014 - 2016)
- The SNHU Technology Help Desk Team Lead is responsible for an assigned area (Desktop Support or Help Desk Cases) meeting or exceeding all respective service level agreements.
- Was directly responsible for a team of up to 7+ employees.
- Monitored appropriate SLA performance impacts and maintains an active case load to provide a stellar example of appropriate procedures and outstanding customer service for team.
- Acted as an authoritative contact for purposes of Critical Case Resolutions, outages and impacts of more than an average difficulty.
- Met weekly one-on-one with team members to review goals and processes, outline new procedures and align individual performance to overall Team SLA.
- Worked collaboratively with the Training & Quality Assurance Manager on team development and desired training for team member.
- Worked with the Contact Center Manager in the Daily Operations of the Help Desk including assignments, escalations, and various other ad-hoc decisions.
- Conducted interviews for potential SNHU Technology Help Desk Candidates.
Systems & Telephony Administrator at Consumer United (2012 - 2014)
- Managed Predictive Dialer for 200+ Agents.
- Campaign Creation, IVR Deployment.
- Skills Based Routing, and SIP.
- Prevented loss of Business Continuity.
- Project Managed complete software transition.
- Manage Rackspace and Microsoft Exchange.
- Provided Help Desk Support.
- Manage SonicWall Firewall.
- Professional Documentation of all Reported Issues.
- Experienced in various ticketing systems including Spiceworks.
- Obtained Various Certifications for Noble Systems.
IT Help Desk at TUI Travel PLC (2011 - 2012)
- Various IT Support for internal and external clients including hardware, software, and networking solutions.
- Also worked on software deployment, Microsoft Exchange Management, and Windows Server Administration.
Fraud Examiner at Commonwealth of Massachusetts (2004 - 2011)
- Served as a Fraud Examiner, investigating both Federal and State Food Stamp and Welfare fraud in the Commonwealth of Massachusetts, working with a variety of proprietary software and web applications.