Certifications

  • 2023Present

    CISM, Certified Information Security Manager

    ISACA, Information Systems Audit and Control Association

  • 2023Present

    CASP+ Certification

    CompTIA, Computing Technology Industry Association

  • 2023Present

    CySA+ Certification

    CompTIA, Computing Technology Industry Association

  • 2023Present

    PenTest+ Certification

    CompTIA, Computing Technology Industry Association

  • 2020Present

    CDPSE, Certified Data Privacy Solutions Engineer

    ISACA, Information Systems Audit and Control Association

  • 2018Present

    CRISC, Certified in Risk and Information Systems Control Certification

    ISACA, Information Systems Audit and Control Association

  • 2018Present

    CISA, Certified Information Systems Auditor

    ISACA, Information Systems Audit and Control Association

  • 2018Present

    AWS Practitioner

    AWS, Amazon Web Services

  • 2018Present

    Splunk Certified User

    Splunk

  • 2017Present

    CISSP, Certified Information Systems Security Professional

    ISC2, The International Information System Security Certification Consortium

  • 2016Present

    Project+ Certification

    CompTIA, Computing Technology Industry Association

  • 2014Present

    Network+ ce Certification

    CompTIA, Computing Technology Industry Association

  • 2014Present

    Security+ ce Certification

    CompTIA, Computing Technology Industry Association

  • 2013Present

    A+ ce Certification

    CompTIA, Computing Technology Industry Association

  • 2013Present

    Microsoft Office Specialist

    Microsoft

  • 2012Present

    ITIL Certification - IT Service Management

    AXELOS Ltd

Education & Training

  • MS C.S. 2014

    Master of Science in Computer Science

    Troy University

  • M.B.A.2009

    Master of Business Administration

    University of Phoenix

  • B.S.2007

    Bachelor of Science in Marketing

    University of Alabama at Birmingham

Description of Experience

  • 2019-Present
    Senior Information Assurance Officer - Perspecta/Peraton
    Provided auditing services for multiple programs under the Synchronized Predeployed Operational Tracker (SPOT) Cloud project. Coordinated with developers, architects, and managers to write and submit software architecture diagrams, PPSMs, Incident Response Plans (IRPs), system descriptions, and other documents. Completed STIG checks. Provided documentation to maintain each program''s ATO. Utilized eMASS to document and communicate test results of NIST controls.
    • OWASP Top 10
    • Risk Management Framework (RMF)
    • eMASS
    • NIST
    • FIPS
    • DHRA
    • STIG Viewer
    • OWASP 10
    • Auditing
    • POAMs
    • Assessment and Reporting
  • 2017-2019
    Cyber Security Specialist - Oasis Systems
    Audited Risk Management Framework (RMF) controls self-assessed by Information Systems Security Officers (ISSO) and Information System Security Managers (ISSM) to determine compliance based on guidance from NIST special publications such as 800.30, 800.37, 800.53, DODIs, AFIs, FIPS, OWASP, SANS Top 20, and others. Audited the security of applications, servers, operating systems, and databases to obtain an Authorization to Operate (ATO) on the Air Force Network (AFNET). Assessed enclave’s ability to host classified and non-classified information while protecting CIA. Ensured the security of the Air Force network by identifying and presenting risks to Security Personnel decision makers.
    • OWASP Top 10
    • Risk Management Framework (RMF)
    • eMASS
    • Xacta
    • NIST
    • FIPS
    • DODI
    • AFI
    • STIG Viewer
    • OWASP 10
    • Auditing
    • Assessment and Reporting
  • 2016-Present
    Owner - Avora Technology Consultants

    Created the Information Technology company specializing in Vulnerability Assessment, Penetration testing, and Software Development.

    Contract with Hexagon US Federal

    React Software Development Supported the National Geospacial Intelligence Agency in creating custom mapping software.
    • React
    • Node
    • Leaflet
    • AWS

    Contract with Chenega

    Java Software Development Supported the Department of Health Agency (DHA) to maintain healthcare software.
    • Java
    • Eclipse

    Contract with Up and Running, Inc

    CMMI Appraisal Team Member. Attended the Introduction to CMMI for Development Course and acted as a member of the certifying team to recertify Up and Running’s CMMI Level 3 certification. I was tasked with going through documentation and mapping evidence to required process areas to demonstrate compliance. I led discussions, documented interviews, and was responsible for knowing which paragraphs and sentences evidenced compliance with specific areas of audit.
    • CMMI
    • Audit
    • Process Improvement
    • Policy and Documentation

    Software Developer. Developed and maintained the Combat Ammunition Systems (CAS) web application that tracks munitions both in transit and in storage. Wrote several AngularJS modules focused on tracking and procuring inventory with respect to chain of command and proper request procedures in order to allow the distribution of arms and parts.
    • Custodian Requests. Allowed 1) custodians to request issuance of munitions from MASOs 2) Custodians requesting munitions from MASOs to be removed from 1 DoDAAC and to their DoDAAC, formal requesting of munitions to be expended or turned in. 3) Custodians to view and print requests within their DoDAACs 4) MASOs to view and print, accept/reject all request for any DoDAACs that they were authorized. The module would create a Blob PDF of request and await MASO approval upon which the document would be given a print signature from the MASO. The MASO would then be directed to the Expend or Turn In modules with inventory populated ready for them to review and either expend or accept the turn in of said equipment.
    • Regrouped Lots: Module allowed lots of munitions and parts to regrouped into larger lots and torn down into individual lots.
    • Container Movements: Created module to view all containers such as Trailers, Aircrafts and Structures in a DoDAAC, its contents, and a chain of contents within contents. Authorized users were also able to move containers to different DoDAACs.
    • Organization Shops (OrgShops) Allowed authorized users to add or deactivate OrgShops for DoDAAC which they administer.
    Each module was broken down with one route file, multiple controllers, and HTML5 pages. Responsible for creating entities, view models, controllers, service classes, and sending objects in JSON to JavaScript services that linked to AngularJS controllers. Responsible for interfacing with Functional munitions SMEs to gather and interpret requirements to better develop code tailored to the end user. Coded unit tests for continuous monitoring and created documentation of system in Confluence. Utilized:
    • Java
    • Hibernate
    • JPA
    • RestAngular
    • Oracle
    • AngularJS
    • Bootstrap
    • TortoiseHg
    • Jira
    • Confluence
    • Quality Center
    • TomCat
  • 2015
    Technical Consultant - TekSystems
    CARES Project
    Lead Developer. Worked in an Agile Environment to help develop an extensive and highly critical eligibility system for Medicaid, Medicare, DHR and other federal and local government systems.
    • C#
    • WebAPI
    • MVC
    • Angular
    • Knockout
    • Inrules
    • JSON
    • AJAX
    • TFS
    Alfa Insurance
    Lead Developer. Created an Active Directory web service for the enterprise to efficiently query the LDAP server. Created a centralized intranet design with a consistent look and feel. Produced templates for test scripts, and site and access point documentation. SharePoint lead. Provided direction on licensing and converting COTS products to SharePoint. Trained new developers in C#, MVC, Unit Testing, SQL (writing stored procedures, creating tables/views/functions, etc.), Visual Studio, etc. Migrated applications from Server 2003.
    • C#
    • MVC
    • SQL
    • JSON
    • AJAX
    • JavaScript
    • Bootstrap
    • FontAwesome
    • VBA
    • Splunk
  • 2014
    Adjunct Networking Professor - Virginia College
    Developed the syllabus for each course assigned based on ACICS and department criteria including learning objectives expressed in behavioral terms. Made all course materials including daily schedule, PowerPoints, assignments, certification objectives, instructional videos, etc. available via my self-funded, self-designed web application. Also, the web application allowed automated grading and storing of all homework, quizzes, and tests, in HTML in an SQL database. Related the instruction to careers and employer expectations. Prepared and graded examinations based upon course objectives and published exam schedule. Returned all assignments instantly through the site. Maintained a 50% higher certification pass rate than both full-time and part-time instructors teaching the same subject.
    • C#
    • Instructing
    • Networking
    • PC Repair
  • 2012-2015
    Internship to Lead Developer - Northrop Grumman
    Lead Developer for 33 projects written in Classic ASP, and C# .NET. Uplifted, recoded, and recovered multiple applications. Responsible for entire SDLC. Gathered requirements, wrote documentation, gained approvals from management and customers, completed change notices, and provided continuous support and maintenance. Provided timely status reports and completed projects on time if not ahead of schedule. Created and maintained databases in both SQL and Oracle. Used SQL Management Studio 2014 to write stored procedures, functions, and custom types. Used SSRS to create custom reports.
    • Web Forms
    • MVC
    • C#
    • Classic ASP
    • SQL
    • Oracle
    • Documentation

Teaching History

  • 20172017

    Enterprise Applications Programming I| Grand Canyon University

    This course provides an introduction to the fundamentals of C# programming and the .NET platform. The course covers program design and development, debugging techniques, structured and object-oriented programming and basic GUI elements.

  • Apr 2014Jun 2014

    NET 1025 Computer Networks | Virginia College

    NET 1025 is an introductory course in computer hardware. The emphasis will be on the basic installation of computer hardware and computer maintenance fundamentals. This course prepares students to take the CompTIA 220-801 exam.

    The goal is for students to learn not only what computer components make up a PC but also what those components are and how they work today, but also why they are designed the way they are and how they are likely to evolve in the future. We will draw examples primarily from the Internet. Topics to be covered include: congestion/flow/error control, routing, addressing, naming, multi-casting, switching, internetworking, and network security. Evaluation is based on homework assignments, the projects, and two mid-term exams.

  • Jun 2014Sept 2014

    NET 1060 Operating System Essentials | Virginia College

    Operating System Essentials introduces students to operating system fundamentals, as well as troubleshooting basic and essential hardware. File systems and their permissions, command line interface, user/group accounts, and optimizing/troubleshooting operating systems are explained.

    Some of the objectives required to achieve the CompTIA A+ certification are integrated into the course.

  • Oct 2014Dec 2014

    NET 1050 Computer Hardware Essensials | Virginia College

    Computer Hardware Essentials introduces students to the fundamentals of computer technology, hardware, and safety. Students will examine the basic computer components such as motherboards, power supplies, processors, and RAM.

    The student will also investigate effective interaction with customers and peers. Objectives required to achieve the CompTIA A+ certification are integrated into the course.

  • Oct 2014Dec 2014

    NET 1055 Network, Multimedia, and Printer Essentials | Virginia College

    In Network, Multimedia, and Printer Essentials, students will examine fundamentals of networks, multimedia, printers, and mobile devices. Also covered are the foundations of local area networks (LANs), wide area networks (WANs), mobile operating systems, and basic security standards.

    Students will examine effective interaction with customers and peers. Objectives required to achieve the CompTIA A+ certification are integrated into the course.