To begin, click your user name
After you log on, explore the desktop, Start menu, and My Documents.
Everything opens in its own window.
Orlando, Florida
I build and harden security for large-scale cloud and multi-tenant infrastructure. My focus is zero-trust architecture, security automation, and the governance that keeps systems ready for audit and resilient against real attackers. I have spent eight years across federal cyber operations, defense engineering, and the university classroom.
CISSP · CGRC · CompTIA Security+
M.S. Cybersecurity · B.S. Business Administration · USF Alumni
I began my career defending Air Force networks that spanned classified and unclassified systems, where the cost of a gap was immediate. That work shaped how I operate today. I secure the architecture first, automate the repetitive work, and verify that the controls hold under inspection.
I now design zero-trust controls and run security automation for cloud and distributed platforms, and I run the vulnerability management that keeps them defensible. I give the governance side as much attention as the engineering, because a control only matters if it survives an assessment and a determined attacker. My background covers RMF, NIST 800-53, and the audit work that proves a program is sound.
I also teach. As an adjunct professor I helped students build practical skills in threat analysis and prepare for certification, and I mentor the engineers on my own teams. Strong security depends on people as much as on tools.
Hardening multi-tenant cloud, VMware and NSX-T, and container workloads against NIST and CIS baselines.
Microsegmentation, identity, and east-west controls built to NIST 800-207.
Shift-left security gates, security as code, and Ansible automation that removes manual effort.
RMF and ATO ownership, automated evidence collection, and risk-based remediation tied to business priorities.
Cole Engineering Services, Inc.
Oct 2024 - Present · Orlando, FL
Engineers cloud and application security for a multi-tenant VMware Cloud Foundation platform behind one of the world's largest cyber ranges. Built the zero-trust controls, compliance automation, and defense-in-depth detection stack that keep distributed workloads audit-ready, and authored the vulnerability-management and incident-response standards the team runs on.
ECPI University
Nov 2024 - Mar 2026 · Orlando, FL
Designed and taught undergraduate cybersecurity courses in network defense and applied threat analysis, built hands-on offensive labs mapped to MITRE ATT&CK, and mentored students toward Security+, CISSP, and CGRC.
Scientific Research Corporation
Oct 2023 - Sep 2024 · Charleston, SC
Promoted within six months for re-engineering compliance scanning into a parallelized pipeline that cut runtime by 94 percent and unblocked the weekly release cadence. Embedded shift-left security gates into CI/CD and owned compliance across concurrent ATO cycles.
United States Air Force
Jan 2020 - Jan 2024 · Oklahoma City, OK
Engineered network and host security controls protecting a multi-site enterprise across classified and unclassified systems. Conducted more than 750 control inspections and built the Tenable-driven detection automation and hardening baselines adopted organization-wide.
PEO Exchange (acquired by Alkeme Insurance)
Jul 2018 - Nov 2019 · Tampa, FL
Ran third-party risk assessments across more than 200 enterprise vendors and advised clients on the vendor-risk strategy that reduced supply-chain exposure across their portfolios.
A few programs that show how I approach scale, automation, and proof.
Designed and hardened the east-west controls for a VMware Cloud Foundation platform that supports national-scale cyber training. NSX-T microsegmentation contains traffic between isolated tenant enclaves and keeps each boundary auditable.
VMware VCF · NSX-T · NIST 800-207 · PKI
Result. Isolated, audit-ready tenant boundaries across one of the largest ranges of its kind.
Re-engineered compliance scanning to run in parallel and orchestrated it with Ansible across Linux and Cisco fleets, replacing a slow manual process that was holding up the release cadence.
Ansible · Python · CI/CD · STIG
Result. Scan time fell from 8 hours to under 30 minutes, a 94 percent reduction, and about 40 hours of manual work each week was eliminated.
Built a PKI-secured, containerized platform that consolidates thousands of STIG and CKL artifacts into a single auditable interface, so evidence collection no longer requires a manual scramble before each assessment.
Docker · PKI · NIST 800-53 · RMF
Result. Pre-audit preparation reduced by 70 percent.
Built a risk-based remediation program that ranks findings by CVSS and asset criticality and aligns fixes to the engineering release cadence, so the highest-risk issues are resolved first.
Tenable · Elastic SIEM · F5 WAF/IPS · CVSS
Result. Lower mean time to remediate on critical findings.
AWS, VMware vSphere and VCF, NSX-T, Kubernetes, Docker, Red Hat Enterprise Linux, Terraform, Ansible
OWASP Top 10, threat modeling, SAST, DAST, SCA, API security, F5 WAF and IPS, microsegmentation, PKI, mTLS, SSO, LDAP
Elastic SIEM, Splunk, Tenable and Nessus, Microsoft Defender, CrowdStrike, MITRE ATT&CK, threat hunting, incident response
Python, Bash, PowerShell, Ansible, Terraform, shift-left security, security as code, GitOps
NIST CSF, NIST 800-53 (RMF), NIST 800-207, SOC 2, ISO 27001, FedRAMP, third-party risk management
I am open to senior and lead cybersecurity roles, and to advising teams that need their security to hold up under real scrutiny.
This folder is empty.
No abandoned security findings here. They all got triaged, prioritized, and remediated.