Virginia Beach, Virginia, United States
I am an Information Security Officer and security leader with nearly thirty years of experience in information technology, specializing in building, engineering, and governing enterprise security programs that protect organizational systems, data, and cloud infrastructure. My work focuses on aligning security architecture, operational controls, and governance with business objectives while ensuring resilience against modern threat actors. At Hampton Roads Community Foundation, I lead enterprise security operations, security engineering, and cloud security strategy. I design and implement security controls aligned with NIST and CIS frameworks, ensuring systems are hardened, continuously monitored, and capable of effective threat detection and response. My responsibilities include developing and enforcing security policy, strengthening infrastructure security, advancing cloud security posture, and integrating security into core organizational processes. I operate from a zero trust architecture model, emphasizing continuous verification, least privilege access, and the removal of implicit trust across identities, devices, networks, and applications. I focus on building defensible, scalable architectures that reduce attack surface, improve visibility, and enable rapid containment and recovery. My approach integrates security engineering, threat management, and governance into a cohesive security program that supports long-term organizational resilience. Core competencies include: • Zero Trust Architecture strategy and implementation • Enterprise Security Architecture and Security Engineering • NIST and CIS framework alignment, control design, and program maturity • Cloud Security architecture and infrastructure protection • Incident Response, Threat Detection, and Threat Management • Security Operations leadership and infrastructure defense • Security governance, policy development, and risk reduction strategy I also prioritize developing security-aware organizations by delivering training, establishing enforceable policy, and implementing technologies that enable measurable risk reduction. I approach security as both an engineering discipline and a business function—ensuring that security controls support operational continuity, organizational trust, and mission success. I hold Security+, CloudNetX, Cloud+, and Network+ certifications. I remain focused on advancing enterprise security maturity, strengthening governance, and leading security programs that align technical controls with executive risk management objectives.
Responsible for all aspects of Information Technology and Systems for VEC.
Developed Data business strategy and established vendor relationships for the IT business unit. Oversaw employee acquisitions and training and worked closely with customers to provide a tailored IT solution that drives bottom-line profits.