Professional Career
Download PDFResume
Experience
Security Engineer
PassiveLogicFull-timeCurrent
- ›Zero-Trust Network Engineering: Architect and monitor zero-trust networks using modern SD-WAN, securing autonomous building controls and high-velocity edge computing nodes against threat vectors.
- ›GRC Audit Leadership: Coordinate and lead cross-functional compliance campaigns, successfully driving the company through SOC2 and GDPR GRC audits to verify corporate and technical trust posture.
- ›Offensive Security & Pentesting: Spearhead routine penetration testing campaigns; collaborate with external red teams to plan campaigns, analyze vectors, triage findings, and orchestrate swift hotfixes and remediation cycles.
- ›Cloud Security Posture (CNAPP): Manage and harden Google Cloud Platform (GCP) infrastructure using CNAPP, logging systems, and vulnerability triage processes to eliminate configuration drifts.
- ›Incident Response & SIEM Operations: Establish incident response protocols; leverage SIEM logs to monitor, detect, and triage anomalies, minimizing MTTR (Mean Time to Resolution).
Security Intern
PassiveLogicInternship
- ›Identity & Access Management (IAM): Hardened access controls and SSO infrastructure across Google Cloud (GCP) and Microsoft Entra ID (Azure AD), ensuring strict least-privilege principles.
- ›Vulnerability & Patch Management: Managed enterprise-wide vulnerability scans, triage queues, and operational risk registers, coordinating patch cycles across cloud and physical environments.
- ›Disaster Recovery & Redundancy: Designed, reviewed, and tested disaster recovery (DR) plans and automated backup architectures for critical hybrid (on-premises and cloud) operations.
- ›SaaS Handoff Hardening: Audited Microsoft Exchange and collaborative enterprise directory structures to block vector exposures.
Education
B.S. Cybersecurity and Network Management
Minor in Computer Science
Weber State University
Ogden, UT
Skills
Technical Arsenal
Network Security
Zero-Trust ArchitectureSD-WANFirewall PolicyVPNNetwork Segmentation
Cloud & Infrastructure
Google Cloud Platform (GCP)CNAPPCloud LoggingConfiguration ManagementDocker
Identity & Access
Microsoft Entra ID (Azure AD)SSOIAM PoliciesLeast-PrivilegeOAuth 2.0
Offensive Security
Penetration TestingRed Team CoordinationThreat ModelingVulnerability HuntingCTF
SIEM & IR
Incident ResponseSIEM Log AnalysisMTTR OptimizationAnomaly DetectionRunbooks
GRC & Compliance
SOC2GDPRRisk RegistersCompliance AuditsPolicy Authoring
Operating Systems
Linux (Arch, Ubuntu, Debian)macOSWindows Server
Scripting & Dev
PythonBashPowerShellGitTerraform
Interested in working together or want to discuss security strategy?
Open Secure Channel →