Click to expand a section
Professional Roles
Cyber Incident Response and Intrusion Forensics Team Manager, Americas | Crypto.com | May 2022 – January 2023
Cyber Incident Response and Intrusion Forensics Team (CIRIFT) is responsible for Digital Forensics, Incident Response, and the Insider Threat program.
- Built internal automation for and conducted insider threat cases.
- Coordinated with Legal, PR, Compliance and Security teams during public investigations.
- Built valuable relationships with law enforcement and intelligence organizations.
- Created documentation and implemented controls in support of global compliance work including SOC2, NIST, ISO 27001, and the Monetary Authority of Singapore.
- Led incident response while mentoring and training other security professionals.
Incident Responder | Crypto.com | December 2021 – May 2022
- Responded to security incidents and manage them from scoping through to remediation.
- Reviewed control environment, plan, and implement security projects.
- Trained financial investigators on technical investigative techniques, decreasing the time needed to file Suspicious Activity Reports (SAR).
- Collaborated with our Threat Intelligence team on assessing the risk specific virtual and physical threats pose.
Adjunct Professor | University of Miami | January 2020 – Present
I am an instructor for the Cybersecurity Professional program that is delivered through a partnership between HackerU and the UM Division of Continuing and International Education. We help students build the knowledge needed to start successful careers in Cyber Security. We do this by teaching the concepts needed for them to complete realistic hands-on labs that gives them experience they would have otherwise needed from time in the field.
I am authorized to teach the following courses: Intro to Cyber Security, Microsoft Security, Networking, Linux, Network Security, Cyber Infrastructure & Technology (CIT), Ethical Hacking, and DFIR.
The DFIR course covers endpoint forensics including analyzing Prefetch, AppCompatCache, MRU, Registry, process trees and network artifacts through memory, and the contents of portable executables (EXE files)
Below are my responsibilities.
- Prepare for and present lectures on technical subjects
- Prepare for and lead in-class lab exercises
- Attend and implement teachings from pedagogical training
- Work with Student Success Manager to stay notified of and address any student challenges
- Beta test new learning platforms before they are released for student use
Security Team Lead | Vijilan Security | June 2020 – December 2021
As the Security Team Lead, I was responsible for directing our Security Operations Center and providing security leadership for our internal teams, clients, and partners. Below are some highlights of accomplishments.
- Created new service offerings, validated market fit, and brought them to market.
- Partnered with software vendors to bring new implementation service to market, allowing us to service larger organizations.
- Improved reliability of VoIP system while decreasing cost by more than 50%.
- Created yearly release event including coordination of all technology, vendors, and internal teams. Recordings are available at Vijilan.com/Release2020
- Created Applicant Tracking System (ATS) using Power Automate, SharePoint, and other Microsoft 365 products.
- Organized weekly interdepartmental meeting with a new format that introduced training time and resulted meetings ending on time or early instead of going over by 1 hour.
- Created “Fusion” schedule that resulted in a more diverse workload for operators, higher job satisfaction, flexibility to respond to scheduling changes, reduction of exposure to ticket fatigue, and introduced opportunities for professional development.
Below are the duties I was responsible for.
- Establish and maintain the information security vision and programming to include policy creation, training, risk assessments, and incident response to ensure assets are adequately protected
- Identify, architect, plan, and deploy security controls to protect our production network. This included controls to protect our cloud environment, remote access, and mobile assets.
- Lead incident response to internal and external security incidents from managing the triage process through leading postmortem reviews and presenting recommendations to relevant teams.
- Created visualization using PowerBI to prioritize what detections and client environments should be reviewed based on multiple types of frequency analysis and engagement data, resulting in a reduction of cost while increasing the value of detentions
- Meet with clients to identify how our products and services could help them accomplish business objectives, including deployment of SIEM technology
- Conduct vendor vetting and management
- Assist our internal teams as a technical resource during internal and external meetings
- Manage department hiring process from writing the job descriptions to advertising the jobs, interviewing candidates, and making job offers.
- Review and manage budget for security related capital and operational expenses, training, and staff needs
- Provide regular updates to the executive management team on status of the company’s risk posture and security program
Level 2 Analyst | Vijilan Security | April 2019 – June 2020
In this role I served as a Level 2 analyst in a Security Operations Center protecting local, regional, and international companies as well as county governments and agencies. Below are the duties I was responsible for.
- Investigate security alerts using our SIEM, ticketing system, and open source resources
- Conduct a POC for integrating SentinelOne’s API into our proprietary system and educate our internal team on the technology
- Work to understand the concerns of and provide answers for IT service providers and end clients during security incidents
- Act as a Subject Matter Expert for internal and external teams on assigned subject areas
- Author a security report with prioritized recommendations resulting from my own vulnerability assessment and manual analysis of key systems
IT Consultant | JoinTech | 2017 – 2020
I focused on joining my customers with the right technologies to help them meet their goals. I did this by working with my clients to understand their business and then kept those business goals in mind as I worked to provide technology solutions. Projects have included analyzing network infrastructure, identifying and implementing new productivity software, and website design.
Education
SANS Institute | FOR572 | November 2019
At DFIRCON 2019 I attended the FOR572: Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response class. The course was an in-depth instruction on how to conduct an investigation with network artifacts. We finished with a hands-on simulated incident where we lived through the first 24 hours of a breach investigation.
Miami Dade College | Checkpoint | August 2018 – April 2019
This was a class for the Checkpoint CCSA certification through the D.O.L. TechHire Grant at MDC’s Wolfson campus. In this program, we were both working on our own CheckPoint environments and using the CyberBit CyberRange.
Awards, Honors & Certifications
- GIAC Network Forensic Analyst (GNFA)
- AWS Certified Security – Specialty
- Eagle Scout, Scouts BSA
- Vigil Honor & Meritorious Service Award, Order of the Arrow
- Founders Award, Order of the Arrow, BSA