Drew's Resume

I'm a cybersecurity architect with over 5 years of experience leading security programs, incident response, and building secure development practices for global organizations. I specialize in cyber risk management, vulnerability management, and automating operational security. I'm passionate about mentoring the next generation of cyber professionals and sharing my knowledge through writing and community engagement.

Experience

Principal Security Engineer at Monks

Jul 2023 → Present

Led audits to certify offices for ISO 27001, SOC2, TISAX, and TPN, ensuring standards and compliance.
Implemented technical controls, reducing global vulnerabilities by 23%, enhancing security posture.
Streamlined incident response processes, achieving a 35% reduction in global response times.

Security Engineering & Operations Lead at Monks

Jul 2022 → Jul 2023

Enhanced operations and incident response programs, ensuring swift and effective response times.
Developed policies and procedures for mergers and acquisitions, securing incoming integrations.
Led threat hunting and vulnerability management projects to address security risks proactively.

Information Security Engineer at Monks

Jul 2021 → Jul 2022

Developed security operations and engineering programs to enhance organizational security posture.
Conducted technical audits, identifying vulnerabilities and prioritizing future security initiatives.
Served as a Subject Matter Expert, providing insights and recommendations directly to the CISO.

Co-founder, VP, CTO, CISO at Information Security Network, Inc.

Sep 2019 → Sep 2021

Served as VP on the Board of Directors, aligning IT and security objectives with nonprofit strategies.
Lead seminars and training events at BSides and Hack Pensacola, enhancing community engagement.
Collaborated with local groups like DC850 to promote security awareness and education initiatives.

Security Operations Analyst II at Creative Breakthroughs, Inc.

Dec 2020 → Jul 2021

Triaged and validated level one escalations, leading incident response for over 20 client contracts.
Collaborated with engineering teams to resolve operational issues and enhance procedures.
Developed tailored playbooks and documentation for diverse client environments.

IT Security Specialist at Escambia County Commissioners Office

Mar 2020 → Dec 2020

Developed a comprehensive security awareness program, enhancing phishing detection by over 40%.
Triaged alerts and conducted forensics and incident response for over 1k CJIS-certified systems.
Applied CIS and NIST controls to bolster security for public and emergency support systems.

Education & Certifications

MS Information Security Engineering

SANS Technology Institute • Jan 2024 → Present

Defensible Security Architecture
Hacking Techniques & Incident Response
IT Security Planning, Policy, and Leadership
Security Essentials

BAS Cybersecurity

Pensacola State College • Dec 2020

Computer Science Academic Scholar
Cyber Defense Club Training Officer
Capture the Flag Competition Lead
National Technical Honors Society
3x National Cyber League Gold Bracket Finalist

GIAC

GDSAGSTRTGCIHGSEC

CompTIA

CSIECSAECNVPCNSP+10 more

ISC2

Candidate

Mile2

C)ISSOC)PTEC)DREC)DFE

Skills

Critical Skills

LeadershipCommunicationAnalytical SkillsCollaborationCustomer ServiceProblem SolvingCritical ThinkingAdaptabilityTime ManagementProject ManagementMentoring & Training

Security Knowledge

Risk ManagementVulnerability ManagementIncident ResponseThreat HuntingSecurity OperationsCloud SecurityApplication SecurityNetwork SecurityIdentity & Access ManagementData Protection

Frameworks & Standards

NISTCSFSOC2ISO 27001ITILLGPDSTIGsOWASPNIST 800-53CCPA/CPACIS ControlsTISAXTPNCJISGDPR

Technologies & Tools

AWSAzureGCPCloudflareSnykGoogle CloudClaudeCrowdStrikeVisual Studio CodeTenableVercelQualysChatGPTZscalermacOSSplunkAxiomNessusPalo AltoProofpointVMwareWiresharkPerplexityGitHubCarbon BlackBurp SuiteGoogle GeminiMetasploitWindowsGoogle WorkspacePostmanKali LinuxLinuxMicrosoft Office 365JiraSlack

Programming & Automation

PythonNext.jsBashPowerShellGitNode.jsCI/CDTypeScriptTerraformYAMLDockerKubernetesREST APISQLAnsibleReactJavaScriptJSONGoJavaHTML/CSSC/C++