Notable Projects & Achievements

Led the deployment and operationalization of Wiz CPSM, CDR, and DSPM to enhance cloud security across a multi-cloud environment. By implementing CPSM, I established continuous monitoring and remediation of misconfigurations and compliance risks. I integrated CDR to enable real-time threat detection, automated response, and improved incident visibility. Deployed DSPM to gain control over sensitive data, enforcing encryption and monitoring data access. This project streamlined security operations, automated policy enforcement, and strengthened our overall cloud security posture.

As Manager of Cloud Operations, security was a primary focus. While security is everyones job, it was my passion to ensure that our cloud platform was well architected for security, appropriate security tooling was in place, and our SOC had visibility into our workloads. I could talk all day about CloudSec, but here is a short list of initiatives that I led: automated security tooling to new account builds (think GuardDuty), initial and continuous CIS benchmarking, log aggregation into Splunk and deployment of Cloud Security Posture Management tooling. With the perfect mixture of people, process and tech, it's possible to sleep at night.

Led and obtained the AWS MSSP L1 Competency certification on the inauguration for Deepwatch. This program allows AWS customers to easily identify AWS Partners with deep expertise and experience delivering Level 1 Managed Security Services. Project included an extensive technical audit of cloud infrastructure from a security, availability and overall cloud best practices perspective.

Running with a model of cloud first, nerds need a place to play. Well on the way with a multi-account architecture, I led an initiative to deploy various teams around the company with their own AWS lab environments. After meeting to understand each team requirements, we were able to provide each team with their own AWS lab account. These accounts were configured with guardrails, security tooling for SOC compliance, and budget restrictions. The final result: allow teams to experiment with cool shit within the constraints of security and business requirements.

Completed a large-scale migration of AWS accounts from a tradition architecture into AWS Control Tower. Project allowed the CloudOps team to federate identities with AWS Identity Center reducing legacy auth models, apply both detective and preventive guardrails to OUs/accounts, and set the baseline to start down the path of the multi-account journey. Landing zones were established and baselined with required tooling.