AVAILABLE

// RESUME · v.2026.05

RESUME.

Seven years at one company, building the security program from IT to AppSec. Below: where, when, and what I broke.

Download .pdf ↓

// EXPERIENCE

05 entries
2025 — nowSan Diego, CA

Sr. Security Engineer I

@ Aya Healthcare
  • Managed penetration testing engagements end-to-end, from scoping through remediation tracking.
  • Stood up web application scanning via Burp Suite, integrating findings into vulnerability workflows.
  • Defined and implemented WordPress VIP security baselines for production web properties.
  • Drove CIS benchmark compliance across Azure, AWS, and GCP environments, reaching 90%+ coverage.
2023 — 2025San Diego, CA

Security Engineer II

@ Aya Healthcare
  • First dedicated security engineer at Aya, standing up the security function from scratch.
  • Implemented Wiz across the Azure environment for cloud security posture and misconfiguration management.
  • Managed Auth0 tenant configuration and identity workflows across internal and customer-facing applications.
  • Created and operationalized a security exception management process for risk-accepted findings.
  • Set up web application scanning via Acunetix, integrating findings into the vulnerability management workflow.
Jul 2022 — Aug 2023San Diego, CA

IT DART Lead

@ Aya Healthcare
  • Led the IT DART team, coordinating cross-functional incident response across systems and security.
  • Monitored application health and security events, triaging issues across production environments.
  • Used KQL in Azure Sentinel for real-time investigation and ongoing monitoring during incidents.
  • Participated in HOT releases, coordinating IT readiness and rollback support during high-urgency production deployments.
  • Managed vulnerability reporting and scanning via Rapid7 InsightAppSec and InsightVM.
  • Wrote custom KQL queries in Azure Sentinel to create detection alerts and monitoring dashboards.
2020 — 2023San Diego, CA

Systems Engineer I → II

@ Aya Healthcare
  • Monitored and remediated web app vulnerabilities with Rapid7 and Qualys; authored weekly TPS reports for management.
  • Managed IAM lifecycle — new hires, terminations, and access audits across Microsoft 365, Azure, and third-party SaaS.
  • Owned enterprise SSO integrations into Azure/Office 365 including Outlook add-ins, Teams integrations, and access reviews.
2017 — 2019Moorestown, NJ

Information Security Analyst

@ Freedom Mortgage
  • Managed IAM policies in AWS, endpoint protection in Symantec SEPM, and network controls in Palo Alto.
  • Encrypted 28 production file servers with BitLocker for state compliance; upgraded SEP agents across 600+ Windows servers.
  • Wrote PowerShell scripts to audit user access to shared drives and local admin rights on servers.

// CAPABILITIES

Application securityWeb application securityVulnerability managementPenetration testingIdentity & accessRisk managementCloud security (Azure/AWS/GCP)Compliance & benchmarkingSecurity program developmentIncident responsePurple teaming

// TOOLS

Burp Suite Pro · Nessus Pro · Wiz
Rapid7 InsightVM · Rapid7 InsightAppSec · Qualys
Azure Sentinel · Datadog · New Relic · QRadar
Cloudflare · Auth0 · Palo Alto · Symantec SEPM · Meraki
PowerShell · KQL · Microsoft 365 / Azure AD

// EDUCATION

B.A. Computer Science

Rutgers University · 2016

// CERTIFICATIONS

SEC+CompTIA Security+active · 2027
6σ-YSix Sigma Yellow Belt2025
6σ-WSix Sigma White Belt2025
ATT&CKMITRE ATT&CK: Azure Stack Mappings2022
DatadogDatadog Fundamentals I2022
PurpleFoundations of Purple Teaming2021
ATT&CKFoundations of Operationalizing MITRE ATT&CK2021
R7Rapid7 InsightAppSec Certified Specialist2021