Wichita, Kansas, United States
As a CISSP-certified Cyber Security Engineer with over two decades of experience, I am passionate about safeguarding critical infrastructure and driving robust compliance within complex, highly regulated environments. My expertise lies in delivering impactful vulnerability remediation and ensuring system integrity, consistently achieving measurable results—such as a 94% enhancement in software compliance in federal sectors like the VA. I leverage a comprehensive skill set in advanced scripting (PowerShell, SQL), SCCM, and GPOs to expertly manage enterprise systems and champion proactive security initiatives. My career is defined by a commitment to mitigating cyber threats, optimizing security postures, and ensuring operational resilience for large-scale organizations.
• Directly transitioned from ASM Research role at end of contract due to client request, continuing to enhance the cybersecurity posture of the Department of Veterans Affairs (VA) through system remediation, risk management, and compliance initiatives. • Led critical software remediation efforts, successfully removing 259,920 unapproved or prohibited software installations over five years, contributing to a 94% enhancement in enterprise-wide software compliance. • Ensured strict adherence to the VA Technical Reference Manual, mitigating significant security vulnerabilities and bolstering overall system integrity and security posture. • Engineered and deployed targeted, silent uninstallers leveraging PowerShell, VBScript, and BAT to remediate complex software installations (including stubborn manual installs) within user profiles that defied standard administrative removal methods, significantly enhancing system hygiene and compliance. • Conducted comprehensive risk analyses for web, standalone, and API applications, integrating CVE research (leveraging NIST, CISA, and other cybersecurity intelligence sources) and risk rating to inform Plan of Action and Milestones (POAM) submissions by VA system owners, thereby supporting proactive risk mitigation strategies across the organization. • Managed and scheduled enterprise-wide software deployments, patches, and updates leveraging SCCM (System Center Configuration Manager) to ensure system security, operational efficiency, and adherence to organizational policies. • Diagnosed and resolved complex patch and update failures, directly addressing ATO audit issues, ensuring continuous system compliance and minimizing security vulnerabilities across the managed environment. • Collaborated on critical documentation updates, enhancing the clarity and conciseness of risk analysis reports to eliminate ambiguities and ensure strict adherence to Plan of Action and Milestones (POAM) requirements.
• Key contract position dedicated to strengthening the cybersecurity defenses of the Department of Veterans Affairs (VA) through comprehensive system remediation and effective risk management, ensuring regulatory compliance. • Managed the comprehensive lifecycle of Windows computer systems, ensuring operational integrity, adherence to security best practices, and coordinating the certified destruction of drives to maintain data privacy and compliance. • Directed primary efforts toward the proactive remediation of vulnerabilities, encompassing the consistent patching, securing, and updating of all managed computers. • Optimized deployment strategies and vigilant remediation efforts, resulting in a 66% reduction in critical security patch installation time, a 73% decrease in unapproved software installations, and a 98% decrease in prohibited software. • Implemented and maintained robust security configurations to protect endpoints from evolving threats and thereby ensure continuous compliance with organizational and regulatory standards. • Executed the comprehensive reconfiguration of network printers across multiple VA sites within prescribed timelines, implementing robust security settings, disabling unsecure features and protocols to enhance overall network device security. • Awarded the "Achieving Eagle" distinction twice for demonstrating outstanding customer service and commitment to user satisfaction.
Led teams in managing information security and access control for Bombardier Aerospace Learjet. Expertise includes developing automation tools, ensuring regulatory compliance, and overseeing system upgrades and migrations. • Led IT team of 6 in account management access control for 14,000 onsite and remote users for Bombardier Aerospace locations throughout the U.S., Canada, and Mexico. • Managed identity and access for Active Directory, Novell eDirectory, MS Exchange, Lotus Notes, NAS, Internet, RSA Remote Access, MobilePass, PeopleSoft, Docuware, SQL, Unix, MS Access, Oracle, Citrix and IBM Mainframe systems. • Developed VBScript, HTML, and ASP applications to efficiently automate and streamline account creation and file access processes while also improving accuracy. • ITSM Architecture team member representing the US sites, transitioning from CA Service Desk to BMC Remedy Service Desk. • I developed and implemented a VBScript and HTML dashboard application that ensured the complete and accurate capture of all accounts requiring termination across every system, achieving a 100% success rate.