Professional Experience
Security Engineer - Threat Security Modeling
Aug 2024 - Present
Experian, New York, NY
- Project-manage the creation and ongoing development of the Experian Threat Catalog - a structured threat database that maps scenarios to preventive, detective, and mitigative controls to mitigate risks from attacker TTPs and flows, with planned integration into ticketing systems for prioritized remediation.
- Conduct comprehensive threa tmodeling of business-critical applications via enumerating threat scenarios using structured threat intelligence, industry trends, and the evolving cyber landscape.
Build and lead an enterprise threat modeling function that conducts intelligence-driven threat assessments and integrated actionable insights into detection content creation.
Senior Security Solutions Engineer
Sep 2021 - Sep 2023
Resilience Insurance, New York, NY
- Spearheaded multiple high-profile technology, architecture, and compliance initiatives for Resilience policyholders—including an IAM consolidation strategy to reduce reliance on decentralized identity stores, and developing a client’s third-party risk management program to guide secure vendor selection based on client’s own risk tolerances.
- Designed and implemented Resilience's cyber tabletop exercise program, developing diverse threat scenarios and delivering tailored engagements to client board members and leadership, establishing it as a premium offering for Resilience insureds.
Delivered expert consultative services to CISOs, CIOs, Risk Managers, and Security teams of over 30 clients to improve their cyber defense postures, from technological solutioning to security architecture and regulatory compliance.
Vice President, Cybersecurity Operations - Threat Modeling
Jul 2018 - Aug 2021
JPMorgan Chase & Co., New York, NY
- Assessed operational, strategic, and tactical threat intelligence detailing threat actor TTPs and motives to launch cyber campaigns against JPMC’s critical assets.
- Developed threat modeling processes that analyze the firm’s ability to mitigate cyber attacks across on-premise, cloud, and CI/CD environments, using curated threat intelligence reporting, previous incident response reports, ATT&CK and STRIDE frameworks, and knowledge of JPMC’s technology stack.
- Cited as an inventor of the systems and methods for the firm’s Cybersecurity Operations Threat Modeling (COTM) function. Patent Number: US-20220103581-A1
Implement an intelligence driven threat modeling methodology to assess threats against the world's leading financial institution in order to harden its cybersecurity posture.
Cybersecurity Contractor - National Geospatial-Intelligence Agency
May 2017 - Jul 2018
PLEX Solutions, LLC, Bethesda, MD
- Conducted insider threat emulation assessments, utilizing living-off-the-land techniques and ad-hoc Python scripts to achieve maximal compromise in client domain networks.
- Performed penetration and exfiltration assessments against NGA Cross-Domain infrastructure utilizing easily compromised password patterns.
- Tested for successful patch deployment against web vulnerabilities discovered from HackerOne Bug Bounty reports by attempting to re-exploit the vulnerabilities in NGA’s classified web domains.
Collaborated with government client to support adversarial simulations and stage Red Team engagements within the client perimeter.
Digital Network Exploitation Analyst
Sep 2011 - May 2017
National Security Agency, Fort Meade, MD
- Planned and guided Computer Network Exploitation (CNE) operations on foreign counterterrorism and nation-state targets of interest, focusing heavily on network scanning, enumeration, forensics, and penetration techniques against adversary digital networks.
- Produced strategic and tactical signals intelligence (SIGINT) reports and guidance containing vital communications behaviors of various counterinsurgency targets, which were often featured in larger-scope analysis summaries across the Intelligence Community and briefed to decision makers on the tactical, strategic, and presidential levels.
- Researched and identified network- and protocol-based vulnerabilities to enable SIGINT development and access enumeration into high priority networks.
Participated in a fast-paced, mission-critical environment to analyze foreign digital networks for network exploitation and signals intelligence collection.