Who I am
Ambassador for Progress. Educated, experienced, and certified professional that assists organizations to develop and implement change, which includes solutions and processes, in order to achieve success.
Recognized leader, manager, and Subject Matter Expert (SME) - Project and program management, strategic and tactical planning, coordinating and integrating multiple large and complete projects into a comprehensive program. Focused for over 25 years in helping organizations with my expert knowledge and experience in Information Technology (IT) security programs, development, and management. Highly successful in managing remote projects with virtual teams.
Program and Project Management - Over 20 years of program and project management experience in various industries and government projects which includes Federal Government, Department of Defense (DoD), General Services Administration (GSA), Healthcare, FedRAAMP Authorized Cloud Service Provider (CSP), Educational, Managed Security Service Provider (MSSP), Consulting, and Financial.
Tactical Operations and Emergency Management - Over 20 years of tactical operations and emergency management experience with multiple public safety and service organizations. Current tole involves being an Official Emergency Station (OES) fr ARES R2D3 that facilitates emergency radio communications. Recent projects include serving as a Volunteer Firefighter and First Responder for the North Fork Fire Protection District, served as a Ranger Service Volunteer in the Colorado Mounted Rangers, serving as the HOPE, Denver Chapter, Disaster Relief Coordinator for flood recovery, volunteered at an orphanage for children with brain injuries and illness in Bangkok Thailand.
IT Security - Over 19 years of hands on IT security testing and management experience. Includes IT security SME, FedRAMP, NIST, security analyst, penetration testing, security assessments, security audits, security assessment and authorization, Federal Information System Security SME, forensics team member. Included assessment, data collection, data protection, analysis of the data, reporting of findings including recommendations, report creation and presentation, executive summaries, recommendations, and conclusions.
Infrastructure, Operations, and Virtualization - Over 16 years of infrastructure and operations management experience including deploying virtual environments.
Software Development - Over 16 years of software development with waterfall and Agile approaches.
What I do
I have strong project management skills with a strong passion for information security (beyond the realm of cyber security). Always looking for opportunities to grow and apply my skills to work and volunteer in the in the fields of Project/Program Management and Information Security.
Focused to help businesses and individuals with my over 25 years of remote and on-site work and expert knowledge in Information Technology (IT) security, development, and program/project management experience. My project management includes PMBOK, Agile, and SDLC Waterfall approaches.
For the last eight years I have worked remotely and managed multiple programs simultaneously, with up to 60 direct reporting staff. The programs and projects I managed were for private industry and the following federal government agencies: U.S. Department of Defense (DoD), U.S. Department of the Interior (DOI), U.S. Forest Service, and the U.S. General Services Administration (GSA).
Experienced with W2, 1099, and Corp-to-Corp arrangements.
My mission is to align business objectives with security initiatives, ensuring that information assets and technologies are adequately protected. I manage all of the aspects of the CISO role while using various information security frameworks and the globally accepted project management framework of PMI and security frameworks of FedRAMP and HIPAA compliance.
My last mission was to merge the globally accepted project management framework of PMI with the information security framework of the the Risk Management Framework (RMF) of the National Institute of Technology and Standards (NIST). I have been successful in merging the two and implemented proof of concept with my projects with the Department of the Interior's (DOI) Office of the Chief Information Office (OCIO) as their Information Systems Security Line of Business (ISSLoB) Operations Manager.
Volunteer and Community Service. I am also very involved with local and global community service. Currently I am a volunteer for The Amateur Radio Emergency Service (ARES) which consists of licensed amateurs who have voluntarily registered their qualifications and equipment for communications duty in public service when disaster strikes. I serve as an Official Emergency Station for ARES R2D3.
Private Cloud Service Provider and Management. I have resources to provide private cloud services, web hosting and design, email and account management, offsite storage, and security using my hardware that is located in a HIPAA, SSAE16, and PCI compliant data center. These services are offered at a rate that are lower cost than you would invest on having a computer operator on staff. This is also a great tool for an organization or individual while building brand identity.
Project Portfolio Management (PPM) and Tactical Operations
Over 20 years of managing programs, projects and tactical operations in a wide variety of industries and environments. Expertise in with various project management approaches which include the guides and standards of Project Management Body of Knowledge (PMBOK), Software Development Life Cycle (SDLC) Waterfall, and Agile.
I initially got involved with project management as a Tool Design Engineer in 1986 for Square D Company in Lincoln Nebraska. Since that time I have held various positions: , Chief Executive Officer (CEO), Chief Information Officer (CIO), Chief Information Security Officer (CISO), Program Manager, Project Manager, Board Member, Vice President, Security Compliance Coordinator, Audit Liaison, Task Lead, Team Lead, IT Security Subject Matter Expert (SME), Federal Information Systems (OMB, NIST, and FISMA) SME, Senior IT Security Analyst, Project Engineer, Application Engineer, and Design Engineer.
Currently I work for collab9, as the Chief Information Security Officer, that is the only FedRAMP Authorized UCaaS provider. I also currently volunteer with The Amateur Radio Emergency Service (ARES) which consists of licensed amateurs who have voluntarily registered their qualifications and equipment for communications duty in public service when disaster strikes.
Information Technology Management and Security
Over 20 years of experience working with information technology and security. This experience includes not only cyber security, which defends and protects cyberspace from cyber attacks, but encompasses the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability.
Experience as a Subject Matter Expert (SME) for federal government information system security and compliance.
IT Security Management Skills
Enterprise Security Management Practices, Enterprise-Wide Systems Development Security, Overseeing Compliance of Security Operations (FedRAMP and NIST RMF), Business Continuity Planning (BCP), Disaster Recovery Planning (DRP), Continuity of Operations Planning (COOP), Law Investigation, Forensics, POA&M Management, Vulnerability Management, and Ethics.
Ethical Hacking Skills
Threat Modeling Concepts, Vulnerability Research and Testing, Ethical Hacking and Law, Footprinting, Google Hacking, Scanning, Enumeration, System Hacking, Trojans, Backdoors, Viruses, Worms, Sniffers, Spoofing, Session Hijacking, Social Engineering, Denial of Service, Buffer Overflows, Web Servers, Web Applications, Wireless Networks, Cryptology, Hacking with Linux, IDS, Firewalls, Honeypots, and Penetration Testing.
Current Volunteer Activity
Amateur Radio Emergency Service (ARES)
The Amateur Radio Emergency Service consists of licensed amateurs who have voluntarily registered their qualifications and equipment for communications duty in public service when disaster strikes.
R2D3 ARES - 7/2018 - Present
R2D3 ARES iis organized are to provide disaster preparedness, reliable primary and secondary emergency communication links for governmental agencies and/or non-profit organizations when needed and supply mutual aid to other ARES® groups when requested; Provide training of volunteers in amateur radio emergency services using Simulated Emergency Tests (SETS) and other appropriate training, as well as instruction of the public on subjects useful to the individual and beneficial to the community; Solicit and raise funds to support and advance the programs and activities of R2D3 ARES.
SKYWARN Colorado All-Weather Spotter Team (CAST)
Spotter Number: J873
ARRL Volunteer Examiner (VE)
General Class Accredited Examiner - Expires 5/21/2028
Trained and accredited to serve as a Volunteer Examiner for Amateur Radio liense examinations.
Rocky Mountain School of Ministry and Theology
Website Hosting and Management - 2015 - Present
Webmaster and hosting provider for the Rocky Mountain School of Ministry and Theology website. RMSMT.org.
Instructor - Safe and Secure Online - 2011 - Present
(ISC)² Foundation’s Safe and Secure Online program is the first-of-its-kind, initiative that brings top cyber security professionals from business and government into classrooms and organizations for free to teach cyber safety to kids. The Safe and Secure Online program was founded in 2006, with a mission to introduce responsible computing in an early age and improve society by helping kids learn how to protect themselves online.
The Safe and Secure Online Program is a cutting edge presentation that allows children between the ages of 7-14 to interact with each other and their presenter while learning cyber security skills. To fit the needs of the different age groups the presentation has been customized with learning objectives and teaching materials appropriate for ages 7-10 and 11-14 age groups. The third presentation is aimed at educating parent and teachers about online safety. What sets the Safe and Secure Online Program apart from other online safety programs is that the presenters are trained information security professionals. Students tend to gravitate toward them as mentors and role models and want to soak up as much information as possible. Topics covered in the presentation vary from cyber bullying, online identity, online image protection, social networking, and computer safety. The Safe and Secure Online program was first introduced in the United Kingdom; we now have programs available in Canada, Hong Kong, and the United States. To date we have reached over 70,000 students worldwide.
Please report any errors discovered on this page to email@example.com.