Employment History

Acting Information Systems Continuous Monitoring (ISCM) Lead at the Consumer Financial Protection Bureau

9/16/2019 - 9/8/2020

  • Led the project to deploy and implement software to automate work related to continuously monitoring compliance with the NIST Risk Management Framework. This included writing and presenting about processes and strategy, and demonstrating the product to CFPB colleagues and outside auditors.
  • Provided cybersecurity support to a team of other IT Specialists working to re-engineer how we work with our primary cloud service provider, with a focus on how we measure and enforce security compliance.
  • Consulted with IT Specialists throughout the bureau to get hardware procured and configuration changes completed to support the ISCM automation platform.
  • I developed software that used application programming interfaces to import data from our existing Governance, Risk, and Compliance (GRC) tool into the new ISCM automation platform.

Software Developer at the Consumer Financial Protection Bureau

9/27/2011 - Present

  • Led the project to implement encrypted HTTPS on consumerfinance.gov, which improves the integrity of website content and provides confidentiality to end users. This involved coordination and consultation with IT Specialists in systems engineering, cybersecurity, software developers, and an outside cloud service provider. I did research, explained options and decisions in writing, and presented orally to change management and technical teams. I also tracked the details of the ways our site was not yet ready for the change– carefully ensuring these “mixed content” problems were resolved before we enabled HTTPS.
  • Led the project to implement Content Security Policy (CSP) on consumerfinance.gov, making the site more resilient against Cross Site Scripting (XSS) attacks, which can impact site integrity and user security. Similar to the HTTPS change (described above), this required a detailed accounting of all the parts of our site that could be impacted by the change, and thoroughly working through those issues before CSP could be enabled.
  • Developed software to monitor the availability of systems and application programming interfaces.
  • Solved availability and reliability problems across the “full stack” of technology involved in developing and delivering software, including: operating systems, development tools, container platforms, networking, web application software, automation tools, application programming interfaces, web application firewalls, content delivery networks, cloud service providers, and web browsers.
  • Supported the cybersecurity team by providing evidence of compliance, and working to resolve vulnerabilities and misconfigurations.
  • Proposed, researched, presented options, wrote about, and managed the implementation of large technical changes to consumerfinance.gov, for example the switch from Wordpress to a Python-based content management system.
  • Provided customer service to stakeholders throughout the bureau – ensuring that the website continued to serve the diverse needs of development teams and communications professionals. This includes a period of time where I acted as “product owner” for the consumerfinance.gov platform, which involved talking to customers, synthesizing those conversations into detailed “user stories”, and incorporating those stories into our prioritized backlog of work.
  • I helped lay the groundwork for moving consumerfinance.gov forward into a cloud-native future, using software like Docker and taking better advantage of the features provided by our cloud service provider.

Senior IT Manager at Stratacomm LLC

8/2007 - 9/2011

  • I provided customer service and IT support to a company with 40 employees in two offices. This included procuring and preparing hardware and software, troubleshooting PC, Mac, and mobile devices, and coming up with creative solutions to technical needs.
  • I ensured a secure working environment by performing yearly validation of Sarbanes Oxley (SOX) security controls, managing the network, and keeping software patched and up-to-date.
  • Managed IT projects like the move of our Detroit office, and integrating our network with that of our parent company.
  • Wrote documentation, did oral presentations, and answered questions about technical changes at the company, including the roll-out of Microsoft Office 2007 and the deployment of a more secure wireless network.
  • Consulted with IT Specialists at our parent company to negotiate budgets, manage inventory, and solve technology problems, all while advocating for the unique needs of Stratacomm’s partners, staff, and customers.
  • Helped conceive, present, and implement software development projects for Stratacomm customers, including web applications, digital maps, and task automations.
  • Used application programming interfaces to integrate disparate products into integrated solutions. For example: one application involved fetching the latest events from an online calendar, and sending it out as a weekly newsletter.

Customer Support Coordinator at STBS, Inc

11/2006- 8/2007

I was the front-line customer support for the STBS web-based telecom billing solution.

Systems Support Engineer at Anka Systems (now part of Topcon)

12/2005 - 11/2006

I provided customer service to doctors and medical technicians using Anka’s image management system for ophthalmology, Eyeroute. This included on-site deployments of Eyeroute servers, remote administration, and handling incoming support requests.

Support Analyst at KnowledgePlanet (now part of Mzinga)

6/2003 - 12/2005

I provided technical support and customer service for users of the KnowledgePlanet Learning Management System (LMS). I also participated in the Quality Assurance process, and produced ad-hoc Python, PHP, and Unix shell scripts to support the Data Services group.

Education

Rochester Institute of Technology

Bachelor of Science, School of Individualized Study ###Northern Virginia Community College Career Certificate in Geographic Information Systems

Certifications:

  • Prosci® Certified Change Practitioner
  • AWS Certified DevOps Engineer - Professional
  • AWS Certified Sysops Administrator- Associate

Recent Training

  • Advanced Dashboards and Visualizations with Splunk (April 2020)
  • Advanced Searching and Reporting with Splunk 8 (April 2020)
  • No Fluff just Stuff Machine Learning Workshop for Developers (August 2019)
  • Splunk Fundamentals I, II, and II (August 2019, September, and October 2019)
  • Creating Dashboards with Splunk(October 2019)
  • Elasticsearch Engineer II (June 2019)
  • Implementing Jenkins Pipelines as Code (December 2018)
  • Systems Operation on AWS (June 2018)
  • No Fluff just Stuff Software Architecture Training (Februa