Experience

Independent Consulting Practice · Remote — multiple clients

Also known as: Self-Employed · Independent Consultant · Independent Cybersecurity Consultant / Fractional Security Leader

Serving multiple MSSP and SMB clients across incident response, infrastructure recovery, server modernization, AI-assisted automation, and website engineering.

• Provide independent cybersecurity, infrastructure, and AI/automation consulting services to multiple clients, including MSSPs and small to mid-sized organizations, after the closure of Zyston in November 2025.

  consultingcybersecurityautomation

• Serve as both a technical executor and advisor, helping clients translate business problems into workable technical solutions rather than focusing only on tool administration.

  consultingtechnical advisory

• Apply prior experience from MSSP leadership, enterprise security operations, infrastructure engineering, and customer-facing technical work to solve problems quickly with minimal ramp-up time.

  leadershipsecurity operationsinfrastructure

• Authored and executed a multi-phase professional services SOW for a financial services client covering server virtualization, Azure AD / identity migration, SharePoint and DLP migration, application modernization, and remote-work optimization — owning both the scoping and hands-on delivery phases.

  sow authoringmigrationazure adsharepointdlpvirtualization

• Supported strategic security delivery for an enterprise client by contributing to assessment follow-up, validating MFA assumptions, reconciling EDR telemetry against prior assessments, driving vulnerability remediation follow-up, and reviewing firewall and endpoint posture.

  security assessmentmfaedrvulnerability managementfirewall review

Traced across 1 of 9 resume variants

Zyston LLC · Dallas, TX (Hybrid)

Led a 24x7 global SOC and CSIRT of 20+ analysts supporting 60-80+ regulated customer environments, operating with director-level scope across detection engineering, threat hunting, autonomous AI SOC, and VMaaS while building the KPI, automation, and executive-reporting backbone that scaled MSSP delivery.

• Designed and implemented KPI/SLA frameworks in ServiceNow/Jira (e.g., MTTA, MTTI, MTTE, CTTE, MTTR/MTTRE, customer response metrics), strengthening accountability and executive visibility.

  executive reportingjirakpi developmentservicenowsla development

• As the Security Operations Manager, I was responsible for designing and driving educational initiatives, operational metrics, and key performance indicators while maintaining high quality security operations capabilities, while using and improving security analytic platforms. As a technical lead, I mentored and coached individuals in the analytics process. This position was a client-facing role and required the ability to clearly articulate complex topics to both the technical and non-technical personnel. This role required me to be highly organized and detail oriented.

  analyst developmentclient facing leadershipexecutive communicationkpi developmentsecurity operations managementtechnical mentoring

• Managed a 24x7 global SOC / CSIRT supporting 80+ highly regulated customer environments and a 20+ person organization operating with director-level scope across Security Analysts, Threat Hunting / Threat Emulation, Autonomous AI SOC / Threat Content Development, Emerging Threat Bulletins, and VMaaS.

  ~80 customer environments~20 person organization

  autonomous ai soccsirtsecurity operations managementsoc 24x7threat huntingvulnerability management

• Wrote 7 major ServiceNow epics comprising 80+ enhancement stories, delivered 150+ dashboards / widgets, and built configuration-management governance for management teams to strengthen KPI visibility, accountability, and change discipline. Migrated reporting for Autonomous AI SOC to Jira.

  7 ServiceNow epics~80 enhancement stories~150 dashboards/widgets

  autonomous ai socdashboard developmentjira workflow managementkpi developmentsecure configuration managementservicenow workflow designwidget development

• Directed high-volume detection and response operations involving 500+ alarms per day, including nested-signal investigations; led teams building and tuning 1,500+ ATT&CK-aligned detections, correlation rules, and analytics that reduced false positives by 88% and duplicate alert handling by 77%.

  ~500 alarms/day~1.5K detections88% FP ↓77%

  alert triageincident responsethreat detection

Traced across 6 of 9 resume variants

Security & Solutions Engineer → Director, Cybersecurity Operations

Ativion · Remote

Also known as: ContentKeeper · Impero Software · Ativion / Impero

Owned global cybersecurity operations, product and customer security engineering, and threat detection content across 1,000+ customer environments at an edtech platform (ContentKeeper → Impero → Ativion), bridging Product, Engineering, HR, and Compliance to drive ISO 27001 transformation and AI/ML-assisted detection.

• Operated and secured a global SharePoint environment spanning four continents and executed SharePoint data migrations tied to the ContentKeeper → Impero acquisition and the Impero → Ativion rebrand, preserving content, permissions, and compliance posture while absorbing two corporate identity changes.

  microsoft 365sharepoint

• Reviewed and approved system architectures incorporating 3rd-party vendor hardware and software, ensuring security, interoperability, and supportability across customer deployments at ContentKeeper → Impero → Ativion.

  security architecturevendor management

• Supported proposal development and Basis of Estimate (BOE) reviews for prospective customer engagements, aligning technical scope, effort estimates, and delivery risk with commercial positioning.

  vendor management

• Established professional development and training programs for the cybersecurity and engineering organization, building role-based learning paths, certification targets, and internal knowledge-sharing cadences.

  cybersecurity program managementtraining development

• Reviewed and approved system architectures incorporating third-party vendor hardware and software into secure environments.

  security architecturevendor management

Traced across 8 of 9 resume variants

Network & Systems Engineer → Coordinator (Director)

Waco Independent School District · Waco, TX

Directed district-wide network, systems, and cybersecurity operations for 18,500+ users across 32 locations within a $200M+ annual-budget organization, managing a technology department budget that grew from $2.5M to $3.6M (43% YoY). Aligned the program to NIST CSF and Texas SB 820 while delivering infrastructure refreshes, a 5-year $5.3M Capital Improvement Plan (CIP), Disaster Recovery plan, and Business Continuity Plan (BCP).

• Delivered major infrastructure refresh outcomes: replaced 1,500 Cisco AP/ISE with 600 Ruckus/Cloudpath across 32 locations in 3 months, cutting refresh costs by 70 percent and reducing support tickets by 90 percent.

  1.5K APs600 APs32 locations3 months70% cost ↓90% tickets ↓

  cisco isecloudpathnetwork modernizationruckuswireless networking

• Designed and managed a wireless and NAC refresh project, replacing over 1500 Cisco AP/ISE with 600 RUCKUS/Cloudpath APs in just 3 months across 32 locations. This effort reduced wireless support tickets by 90% and decreased the wireless refresh budget by 70%.

  ~1.5K APs600 APs3 months32 locations90% tickets ↓70% cost ↓

  cisco isecloudpathnacproject managementruckuswifi designwireless networking

• Replaced 1,500 Cisco AP/ISE components with 600 Ruckus/Cloudpath units across 32 locations in 3 months, cutting refresh costs by 70% and reducing support tickets by 90%.

  1.5K components600 units32 locations3 months70% cost ↓90% tickets ↓

  cisco isecloudpathnetwork modernizationruckuswireless networking

• Led a district-wide wireless and NAC refresh, replacing 1,500 Cisco AP/ISE with 600 RUCKUS/Cloudpath APs across 32 locations in 3 months, eliminating systemic vulnerabilities, reducing support tickets by 90%, and cutting refresh costs by 70%.

  1.5K APs600 APs32 locations3 months90% tickets ↓70% cost ↓

  cisco isecloudpathnacruckusvulnerability remediationwireless networking

• Replaced 1,500 Cisco AP/ISE with 600 Ruckus/Cloudpath APs across 32 locations in 3 months—reduced support tickets by ~90% and cut refresh costs by ~70%.

  1.5K APs600 APs32 locations3 months~90% tickets ↓~70% cost ↓

  cisco isecloudpathnetwork modernizationproject managementruckuswireless networking

Traced across 8 of 9 resume variants

11B Infantry → 17C Cyber NCO / CPT operator

TX ARNG Cyber · Austin, TX

Served as trainer and team lead for forensics, threat hunt, and vulnerability assessment with the Texas Army National Guard's Cyber Protection Team, earning national recognition at Cyber Shield 2017-2020 and building DFIR and hunt training programs adopted across multiple states.

• Executed first-hand SharePoint migrations at the Texas Army National Guard as the U.S. Army consolidated multiple on-premises SharePoint farms and began its shift to cloud-hosted collaboration — handled data transfers between the TX ARNG and big-Army SharePoint environments and applied industry-standard DLP controls to prevent data spillage across classification boundaries.

  microsoft 365sharepoint

• During Hurricane Harvey, re-engineered the Joint Forces Headquarters (TX ARNG) personnel reporting system from a 2-hour-per-day manual process to an instantaneous formula-driven workflow.

  incident responseprocess improvement

• At Cyber Shield 17 and 18, as a Forensic Expert, investigated over 150 computers, 3 server systems, to find compromises in their systems, effectively shutting down all 'call-outs' and re-stabilizing the integrity and confidentially of the systems

  ~150 computers3 server systems

  dfirincident response

• At Cyber Shield 17 and 18, awarded a medal for outstanding performance in security the network and training other service members to do the same, received recognition and a coin of excellence from Washington's Lieutenant Colonel, Commander for performance.

  network securitytraining development

• Trainer and Team Lead for Digital and Windows System Forensics, vulnerability assessment and hunt with the TX Army National Guard's Cyber Protection Team, rewarded for performance at Cyber Shield '17, '18, and '19.

  dfirforensics trainingpeople leadershipthreat huntingvulnerability assessments

Traced across 8 of 9 resume variants

Groesbeck Independent School District · Groesbeck, TX

Primary district technician and appointed Information Security Officer for student PII/PHI systems in a 4A district of 2,200+ students and 200+ staff, leading infrastructure migrations, DR and continuity planning, and security upgrades that reduced help-desk load and raised critical-service uptime from 50% to 99%.

• Built detections and monitoring logic in tools such as GoGuardian, SonicWall, and Barracuda.

  barracudagoguardiansecurity monitoringsonicwall

• Project lead for Change Management to split 1 Server 2012 R2 to Configured and Administered 4 Server 2012 R2's to run Google Cloud Print Service with over 150 printers across the district, splitting the printers by campus for over 2200 users in 2 weeks, causing a 75% printer help desk ticket reduction. Primary technician for all technology repairs in the district, to include over 2200 Chromebooks, 200 projectors and over 150 printers

  4 servers~150 printers~2.2K users2 weeks75% tickets ↓~2.2K Chromebooks~200 projectors

  change managementhelp desk process improvementproject managementtechnical supportwindows server

• Project lead for changing PlascoTrac SQL database and software to HeroK12 Cloud solution, increasing the uptime and availability, of the service, up 50% to 99% of the time

  50%99%

  high availabilityproject managementsql

• Project lead for changing PlascoTrac SQL database over to HeroK12 Cloud Database, increasing the uptime and availability, of the service, up 50% to 99% of the time

  50%99%

  high availabilityproject managementsql

• Project lead for a Printer Change Management project to split 1 Windows Server 2012 R2 to 4 Windows Server 2012 R2's to run Google Cloud Print Service with over 150 printers across the district, splitting the printers by campus for over 2200 users in 3 weeks, resulting in a 75% reduction of printer help desk ticket request

  ~150 printers~2.2K users3 weeks75% tickets ↓

  change managementhelp desk process improvementproject managementwindows server

Traced across 6 of 9 resume variants

Texas Army National Guard — Infantry

Deployed across three OIF/OEF tours as Personal Security Officer for a Major General, Sergeant of the Guard, and Team Leader.

• Operation Iraqi Freedom 09-2010 - Personal Security Officer for a Major General

  physical security systems

• Operation Enduring Freedom 2011-2013 - Sergeant of the Guard and Team Leader

  people leadership

• Operation Enduring Freedom 2013-2014 - Team Leader

  people leadership

Traced across 1 of 9 resume variants

Self Employed · Abilene, TX

Delivered end-to-end IT and security consulting to 25+ SMB/SOHO clients and 100+ competitive-gaming tournament networks, pairing vulnerability assessments, penetration testing, and system hardening with high-availability designs targeting 99.999% uptime.

• Supported customer operations with configuration management, backup and recovery planning, CRM usage, and technical workflow discipline across platforms including Salesforce, Microsoft Dynamics 365, HubSpot, and other common business systems.

  disaster recovery planningsecure configuration managementvendor management

• Built detections and monitoring logic in tools such as GoGuardian, SonicWall, and Barracuda while supporting Active Directory, Windows Server, RAID recovery, Windows Server Backup, Veeam, Barracuda Backup, Azure / Entra administration, AWS access, Git-based content handling, and configuration-controlled operating practices.

  active directoryazure administrationbackup and recoverybarracudagitgoguardiansecure configuration managementsecurity monitoring

• Managed and mentored three personnel providing a detailed three-step analysis of customers. This process was to Identify, Recommend, and Execution step to ensure industry best practices were being followed, designing for a 99.999% uptime

  3 personnel99.999%

  high availabilitypeople leadershiprisk mitigationtechnical mentoring

• Delivered independent security operations, systems, infrastructure, and threat-detection consulting across regulated business environments, building and tuning detections while staying hands-on in administration, engineering, and customer-facing technical execution.

  client facing leadershipinfrastructure securitysecurity operations managementsystems administrationthreat detection

• Delivered end-to-end IT and security consulting, including vulnerability assessments, penetration testing, remediation planning, and high-availability design targeting 99.999 percent uptime.

  99.999%

  high availabilitypenetration testingvulnerability assessmentsvulnerability remediation

Traced across 8 of 9 resume variants

Groesbeck ISD

Traced across 1 of 9 resume variants