Cybersecurity Leader, Practitioner, Speaker, & Educator with over a decade of experience in enterprise cybersecurity, networking, server administration, and programming. Specializing in security architecture, engineering, automation, and operations, I have a proven record of improving team organization, morale, and enhancing cross functional team collaboration while continuously increasing overall company security maturity. Passionately focused on attracting, developing, and retaining talent, I advocate improving diversity, equity, and inclusion in both my teams and the cybersecurity industry. Cognizant that there is never a one size fits all approach to cybersecurity, I am experienced in constructing practical and effective security solutions for companies in all sizes from multimillion dollar businesses to large multibillion dollar enterprises.
Currently leading a cybersecurity platform engineering team for a Fortune 20 organization after leading an Incident Response team for the same company. Previously led and managed a global cybersecurity team charged with protecting systems in US, EMEA, APAC, and LATAM regions for a multi-billion dollar manufacturing company. Experienced with engineering and maintaining ISP grade network supporting thousands of customers. Significantly increased cybersecurity maturity level of a critical access hospital. Seasoned web development and programming experience for enterprise applications.
Major: Cybersecurity & Information Assurance
Activities and Societies: Cybersecurity Student Club, Excellence Awards for papers in Emerging Technologies in Cybersecurity
Major: Computer Programming & Network Administration
GPA: 3.78 (Graduated Magna Cum Laude)
Activities and Societies: Phi Theta Kappa, Dean's List 8 Semesters, Tutoring for several classes, including Composition, Business Math, Visual Basic, and Internet Scripting.
In the rapidly evolving landscape of cybersecurity, detection engineering stands as a critical pillar in defending against sophisticated threats. However, gaining practical experience in detection engineering can be challenging due to the complexity and cost associated with setting up a suitable environment. This talk aims to demystify the process by providing a comprehensive guide to creating a detection engineering home lab.
Legacy systems represent one of the greatest risks and challenges in today's cybersecurity landscape. In this talk, we will discuss the complexities of legacy systems, including their vulnerabilities, lack of support, and frequent inability to use modern security agents. We will also discuss practical security approaches to mitigating the risk caused by these systems, and how to take a holistic approach to securing these systems by implementing an array of compensating controls and adding additional layers of security.
In the rapidly evolving landscape of cybersecurity, detection engineering stands as a critical pillar in defending against sophisticated threats. However, gaining practical experience in detection engineering can be challenging due to the complexity and cost associated with setting up a suitable environment. This talk aims to demystify the process by providing a comprehensive guide to creating a detection engineering home lab.
We keep hearing about the cybersecurity talent shortage, and how there is a zero percent unemployment rate for the industry. There are nearly 800,000 cybersecurity jobs open in the US, but yet there are countless individuals who are still struggling to break into the industry despite having formalized education. It's time to take a hard look at the real issues contributing to the talent shortage in the cybersecurity industry, and what hiring managers and candidates can do to address them.
Home labs are a fun and effective way of teaching yourself new skills which can be immediately applicable to the IT and cybersecurity field. There are a variety of ways to build home labs which can range from using a single laptop and a couple virtual machines to having a server rack filled with a plethora of enterprise equipment. This presentation will focus on the different approaches, advantages and disadvantages, and finally how these can be used to teach yourself the skills that are in demand by employers of all industries and sizes.
Have you ever wondered how exposed you are on the Internet? What information is readily available to threat actors for use in targeting you for account compromise, phishing, or advanced attacks? Let's take a close look at how you can use Open Source Intelligence (OSINT) to learn more about your digital footprint, and how you can use threat modeling to limit or compartmentalize it.
Home labs are a fun and effective way of teaching yourself new skills which can be immediately applicable to the IT and cybersecurity field. There are a variety of ways to build home labs which can range from using a single laptop and a couple virtual machines to having a server rack filled with a plethora of enterprise equipment. This presentation will focus on the different approaches, advantages and disadvantages, and finally how these can be used to teach yourself the skills that are in demand by employers of all industries and sizes.
The pandemic has changed the way we work forever. The traditional environment where your entire team reports into an office and meets in conference rooms has likely become a thing of the past. In its place, we have Teams, Zoom, and other virtual meeting platforms. How can you inspire the same collaboration amongst your team and their peers in a totally virtual environment? How can you ensure your colleagues are mentored and have the opportunities to grow their careers when no one meets face to face? I have been leading remote teams since the beginning of the pandemic. I will dive into these topics and more leveraging my own personal experience managing teams for both Fortune 1000 and Fortune 20 companies.
Taught a 3 hour course on threat intelligence essentials, and building home labs.
Splunk open sourced their first three Boss of the SOC (BOTS) datasets several years ago. As time has went on, the versions of the addons have become harder to find which makes it more difficult to spin up an instance of BOTS yourself and work through in your own time. This project aims to create an easily deployable and repeatable process for building Splunk BOTS versions 1-3 in Docker containers with the necessary addons to effectively hunt through the datasets.