20+ years of cyber/cybersecurity experience. 10+ years of government Test & Evalution (T&E) experience.

Incident Response Analyst, Information System Security Officer (ISSO), Security Engineer (ISSE), Security Control Assessor (SCA), and Information System Security Manager (ISSM).

Experienced with Risk Management Framework (RMF), Cyber Security Framework (CSF), NIST 800-171/DFARS.

Experienced with eMASS, Xacta, and CSAM.

Experienced in all aspects of security accreditation package documentation (policy, plans, procedures, inventory, diagrams, etc) using Microsoft Office products, Visio, and a wide variety of applications and tools to collect artifacts.

Experienced with Windows and Linux system hardening and vulnerability scanning: DISA STIG Viewer, SCAP Compliance Checker (SCC), CIS-CAT, Nessus, Security Center, ACAS, Tenable.io.

Experienced software vulnerability tester: manual testing and using Fortify. DISA Application and Development STIG.

Previous to cybersecurity worked as a system administrator (Windows, Linux, UNIX), database administrator (Oracle, MySQL), and software developer (web-based applications, multi-level security applications).

Certified Information Systems Security Professional (CISSP) since 2012.

Experienced trainer, presenter, writer, team lead/project management.