Jay Schnell

Principal Cyber Security Analyst at Seminole Electric Cooperative

Tampa, Florida, United States

About

Former GS-14 Government Civilian (IT Specialist) in the Marine Corps with over 20 years of IT experience with 15 years in security related positions. One year in Afghanistan (ITT Systems working for 2-27 Wolfhounds under 25ID), Three years in Iraq (Raytheon working for 25th Signal), One year at Central Command (TNC-CENT, DISA-CENT), Two Years at Pentagon for HQMC, and one year at Gunter Air Force Station (26 NOS). I spent almost 2 years at Visa in Network Security Assurance, and then shifted to Home Depot for five years to help them build a new Cybersecurity program, after their incident. I most recently spent another 5 years at Lowe's as an Enterprise Security Architect where I helped them securely integrate with Enterprise OpenAI (ChatGPT) as well as the creation of reusable security architecture patterns. I currently support an Electric Utility in their Cybersecurity program. Specialties: Endpoint, Network, and Perimeter Security Architect, IT Security Program Builder with a focus on Compliance. I can switch between individual contributor, player/coach, and leader as needed. Certifications - CISSP, SANS/GIAC GSEC & GCIH, MCSE, MCITP, CCNP Security, and several Azure related. Standards: I've performed GRC duties related to NIST 800-53, CSF 2.0, 800-171, CIS Controls and Benchmarks, NERC-CIP, and PCI-DSS.

Experience

  • Principal Cyber Security Analyst at Seminole Electric Cooperative, Inc.
    Apr 2025 - Present · 1 yr 4 mos

    I am responsible for enhancing the organization’s security posture and providing expert guidance on complex cyber threats and vulnerabilities. I assist with Incident Response Tabletop exercises which include Disaster Recovery Plan testing and evaluation. During these exercises we identify gaps during the lessons learned phase, and then update the Disaster Recovery Plan along with associated procedures and guidelines to ensure recovery readiness. I help to spearhead initiatives that proactively identify risks, develop mitigation strategies, and ensure compliance with North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) standards as well as adherence to National Institute of Standards and Technology Cybersecurity Framework (NIST CSF 2.0). I am leading the project to implement NERC CIP 15-1 for Internal Network Security Monitoring (INSM), and preparing for CIP 15-2. I support the day to day operations of SIEM, firewall, and endpoint security products. I managed the Physical Access Control System (PACS) environment, including software and security of network firewalls and switches, workstations, databases, servers, virtual server and storage infrastructure, camera systems, card reader, and badge access systems. I had to adjust recovery time objectives and recovery point objectives after analyzing the business impact following disaster recovery activities. I help ensure our technology asset management is maintained and that assets are properly tracked, compliant, and aligned with lifecycle and vulnerability management processes in conformance with NERC CIP requirements.

  • Enterprise Security Architect at Lowe's Companies, Inc.
    Jul 2020 - Apr 2025 · 4 yrs 10 mos

    As an Enterprise Security Architect at Lowe's, I was part of a team of cross-domain experts who helped Lowe's ensure that new and existing security architectures met or exceeded compliance and security requirements. I was a key contributor or leader on the following initiatives: -Secure Enterprise Integration with OpenAI (ChatGPT) at the Platform and Agentic Levels -Identity Governance Security Architecture Assessor (Sailpoint). -Development of the Security Architecture Assessment (SAA) Process for new IT and Application security reviews, with a standardized questionnaire. Enterprise IT infrastructure teams funneled application teams towards approved solutions, expediting the Cybersecurity Review process. -Creation of Security Reference Architectures that guided IT teams in their design and planning phases as a self-service model. Our security technical patterns followed TOGAF and SABSA principles. -Working closely with the PCI team at Lowe's, I built a security architecture pattern for payment applications including use cases for payment gateways, 3rd parties, and banks. We were able to get new applications approved in weeks instead of months. -Supported the creation of Infrastructure-as-a-Service, which was another Enterprise IT Solution that decreased the time to onboard new applications. -Built the Minimum Security Baseline Adjustment and Remediation Processes for endpoint security, bringing together Application and System Owners, Security Architecture, GRC, and Vulnerability Management. -Led evaluation and business case analysis of Distributed Deception, IoT Security, Key Management, Zero Trust and Remote Access, Insider Threat Detection, and Attack Surface Management solutions, with some of these leading to POC and procurement phases. -Led the design of network security segmentation for on-premise and cloud environments. -Reviewed and approved the immutable backup solution.

  • The Home Depot (4 yrs 11 mos)
    • IT Security Architect
      Aug 2016 - Jun 2020 · 3 yrs 11 mos

      As an IT Security Architect (later re-titled to Principal Security Engineer) I led Firewall Assurance and Network Security Compliance for The Home Depot. I created the processes and led security assessments of firewalls and firewall technology. I participated in project planning, architecture reviews, and future planning to develop processes and technologies to combat new and emerging threats to the network and data security of the organization. I was a key contributor or leader on the Following Initiatives: -I helped lead the development of the Architecture Security Assessment (ASA) Process, including the capability for automated self-serve architecture assessments. We not only built a standardized questionnaire, but made it interactive, which greatly streamlined the Security Architecture Review process. -As a cross-domain security architecture review member, I conducted assessments of new applications or infrastructures both for on-premise and cloud environments (GCP/Azure). -I hired and grew a new Network Security Architecture and Engineering workforce post-breach, which developed into a self-sustaining team that continues to this day. -I created many new processes within Network Security Architecture and Engineering teams, including the firewall compliance review process to meet PCI requirements. -Through the implementation of automation, I was able to greatly improve the first-time success rate of firewall changes.

    • Senior Manager / Senior IT Architect
      Aug 2015 - Aug 2016 · 1 yr 1 mo

      Firewall Assurance and Network Security Compliance for the Home Depot Corporation. Hiring, training, and development of a new network security team. Development of new processes and assistance in design and implementation of new security technologies. I oversaw the operation and security compliance of over 2300 firewalls across the organization and helped with operations until a new team took operations over. I then focused on building a compliance organization from the ground up. In this position I managed over 10 million dollars in budget in FY2016 and had approved projects totalling 24 million for FY2017, had 8 full-time personnel under, 4 contractors, and interfaced with multiple teams across THD. There were approximately 90 contractors who indirectly reported to me on various contracts under projects under my control. Projects I led or contributed to included a technology upgrade of Juniper firewalls, implementation of new PaloAlto firewalls, 802.1x upgrades, web proxy upgrades, datacenter segmentation, and implementation of firewall assurance and orchestration software (Tufin).

  • Network Security Assurance Engineer at Visa
    Dec 2013 - Aug 2015 · 1 yr 9 mos

    I reviewed IT security and design specifications and made recommendations to management pertaining to established security requirements. I also reviewed requests for changes to firewalls and other security devices and makes recommendations to management for approval or disapproval.

  • Senior Perimeter Security Analyst at Kinetic Concepts
    Dec 2012 - Dec 2013 · 1 yr 1 mo

    Maintained Cisco Adaptive Security Appliances (ASA) at five datacenters for a network supporting thousands of employees and over 100 web sites. Operated and maintained F5 Local Directors and DNS infrastructure for external and internal uses, and maintained SSL certificates on F5s to support multiple member servers. Operated and maintained a VPN infrastructure servicing over 200 remote offices and over 1000 remote VPN users. Developed and Implemented Cisco Wide Area Application Services (WAAS) between five datacenters and 30 remote offices over MPLS. Successfully increased performance and user experience over the WAN. Worked with other personnel to implement Websense Triton using WCCP for main corporate offices. I evaluated FireEye and helped to eventually implement this technology. Served as KCI's key liason with Sirius Computer Solutions to perform a general network and security assessment on KCI's network. Over 800 end systems were analyzed. Created a comment matrix and coordinated with all IT departments to help Sirius created a 250 page report for the CIO on the availability, redundancy, efficiency, and security of the network. Before leaving KCI, I wrote the Vice President of IT a 12-page letter outlining my recommendations for improvements to the network, changes in staffing, and procedural improvements.