Resume
-
Bank of Hope
VP, Senior Operations Engineer (March 2024 - Present)
iHerb, LLC
Senior Application Security Engineer (August 2023 - March 2024)
Led the application security efforts, implementing and managing security tools, conducting threat assessments, and ensuring compliance with industry standards.
Product Security Engineer (November 2021 - July 2023)
Enhanced the security posture through collaboration on multi-year projects and coordinated vulnerability mitigation with external researchers.
Mayo Clinic
IT Technical Specialist, ADC Team (June 2021 - November 2021)
Oversaw security features for critical systems, providing expert guidance on design principles, development methodologies, and WAF management.
Green Dot Corporation
Information Security Engineer (October 2019 - June 2021)
Led the design and implementation of application security controls while conducting thorough assessments and acting as the primary expert for web security technologies.
Sherwin-Williams Company
Application Security Analyst (March 2018 - October 2019)
Ensured application security through WAF policy management and integration of best practices into the Software Development Lifecycle.
IT Security Professional Apprentice (January 2017 - February 2018)
Managed various security operations, providing troubleshooting support and evaluating technologies to respond to security incidents.
CWG
Estimator, Glazier, and IT Administrator (June 2011 - December 2016)
Managed IT systems with a focus on maintaining operational efficiency and uptime while reinforcing security protocols. -
Cleveland State University - Cleveland, OH
- Master of Computer and Information Science, Information Systems, August 2016 - May 2018
- Bachelor of Science, Biology, June 2013 - December 2015
Lorain County Community College - Elyria, OH
- Associate of Science, Universal Science, May 2012 - May 2012
- Associate of Arts, Universal Arts, June 2006 - May 2010
Santa Monica College - Santa Monica, CA
- Cloud Computing, Department Certification, June 2022
- Web Developer, Certificate of Achievement, June 2022 -
Security: Application Security Engineering, Network Security Engineering, Secure SDLC, Secure Coding Practices, Cloud Security, Threat Modeling, Vulnerability Management, Threat Assessment, Penetration Testing, OWASP Best Practices, CVE Knowledge, Risk Assessment & Mitigation, Risk Management & Analysis, Incident Response, IDS & IPS, Encryption, Authentication & Authorization, Web Application Firewall Management, Bot Mitigation, Supply-Chain Attack Mitigation
Technologies and Platforms: WAF, IDS/IPS, SIEM , SAST, DAST, SCA, AWS, GCP, Cloudflare, F5, Splunk, HUMAN/PX, HackerOne, BugCrowd
Programming and Scripting: C# (reviewing/auditing), Python (intermediate), JavaScript (intermediate), Bash (intermediate)