University of Texas at San Antonio
May 2008 — July 2011
Assisted in the development and management of security processes for the following functional areas: risk management, threat management, systems security, education/consulting.
Served as subject matter expert on tools and processes.
Evaluated IT security tools.
Provided guidance and leadership to less-experienced staff members.
Technical experience varying in level in the following areas: application development security, risk management, incident handling, threat detection, security architecture and design, network security, policy development.
• Lead the E-Discovery and digital evidence preservation effort.
• Managed the Incident Response Team on containment, remediation and mitigation of various threat agents.
• Consultant to various colleges on security policy, procedures and processes, and the Legal Department on
• Created metrics and reports for ISO, CIO, and the Chief Legal Officer; also developed comprehensive questionnaires, forms, and chain-of-evidence documentation.
• Oversaw PCI compliance coordinating between ASVs, Audit, Information Technologyand Financial Services teams.
• Performed regular vulnerability assessments on internal servers and workstations using SAINT; recommended remediation.
• Worked closely with Central IT Windows and UNIX Teams on vulnerability remediation.
• Monitored network activity and created reports using Arbor Peakflow and Splunk.