Summary
Senior IT and cybersecurity professional with 12+ years of experience designing and securing enterprise infrastructure across nonprofit, education, and retail environments. Deep expertise in Microsoft 365, Azure, endpoint management (Intune/Autopilot), NIST SP 800-53 controls auditing, and risk management. Active practitioner maintaining a public cybersecurity platform at cybergrind.org — featuring a self-hosted threat intelligence pipeline, AI agent security framework, and MISP integration. CISSP candidate. Member of IEEE and SimplyCyber.
Core Competencies
Cross-Platform Administration
- Windows Server, macOS, Linux
- Active Directory, Group Policy
- Hyper-V, Proxmox
- WSUS, Autopatch
Containerization & Services
- Docker, Docker Compose
- Cloudflare (Pages, Workers, Tunnels)
- GitHub Actions CI/CD
- FastAPI, SQLite
Cloud & Identity
- Microsoft 365, Azure AD
- Intune, Autopilot
- Apple Business Manager
- Mosyle MDM
Security & GRC
- NIST CSF, SP 800-53, SP 800-30
- SOC 2, ISO 27001 alignment
- Threat Modeling, Risk Assessments
- Policy Authoring, DR Planning
Automation & Dev
- PowerShell, Python, Bash
- Power Automate
- Hugo (Static Sites)
- Git, GitHub
AI Tooling
- Ollama (local LLM infrastructure)
- AI agent frameworks
- MISP threat intel integration
- AI governance frameworks
Experience
Senior IT Manager of Infrastructure & Cybersecurity
July 2021 – Present
PAWS Chicago — Chicago, IL
- Lead IT infrastructure and cybersecurity for a 250+ staff, 350+ managed device organization serving 700+ volunteers across multiple facilities.
- Architected and manage Azure cloud infrastructure and endpoint compliance via Microsoft Intune and Autopilot, including full Android Enterprise fleet deployment.
- Conducted NIST SP 800-53 controls audit — interviews, document review, and system testing — producing formal findings and remediation roadmap.
- Semi-quantitatively analyzed cybersecurity risk using NIST SP 800-30 methodology; authored risk register and executive briefings.
- Executed threat modeling exercises to identify higher-likelihood threat events and inform risk scoring.
- Developed Information Security policy aligned to SOC 2 Trust Service Criteria and NIST CSF.
- Designed and executed Business Continuity Plans and disaster recovery strategies with documented runbooks.
- Managed IT budgeting and procurement; achieved 10% reduction in operational costs through vendor consolidation.
- Created targeted security awareness content reducing phishing susceptibility and improving end-user cyber hygiene.
- Mentored junior IT staff and coordinated cross-departmental technology initiatives.
Advanced Repair Agent
February 2013 – Present
Best Buy Geek Squad — Arlington Heights, IL
- Diagnose and resolve hardware/software issues for Windows and macOS systems; maintain 95%+ customer satisfaction rating.
- Conduct end-user training sessions improving technical proficiency and operational efficiency.
- Developed streamlined repair workflows reducing average repair time by 15%.
- Advise on IT security best practices and assist customers with endpoint protection configuration.
Systems Technician
May 2013 – July 2021
Lyons Township High School — La Grange, IL
- Maintained LAN/WAN environment supporting 5,000+ endpoints at 95%+ uptime across dual campuses.
- Managed device inventory and lifecycle replacement schedules for seamless hardware upgrades.
- Authored network documentation and self-service guides, reducing helpdesk tickets by 20%.
- Created and deployed Windows 10 workstation images district-wide with full driver and application integration.
- Patched security vulnerabilities and deployed updates using WSUS across all Windows workstations.
Projects
CyberGrind
cybergrind.org ↗Personal cybersecurity platform built with Hugo and deployed via GitHub Actions CI/CD to Cloudflare Pages. Features a self-hosted FastAPI threat intelligence pipeline with MISP, CISA KEV, URLhaus, and MalwareBazaar collectors; a live global threat map; a multi-agent AI security pipeline using Ollama; and an educational content library covering NIST CSF, AI governance frameworks, and blue team techniques. Includes seven Cloudflare Workers integrating EPSS, NVD, AbuseIPDB, and OSINT feeds.
Self-Hosted AI Security Stack
Built and operate a fully self-hosted AI infrastructure stack including a 5-agent sequential security pipeline (Planner → Researcher → Risk Analyst → Mitigation → Writer), live MISP IOC injection into agent context, Slack bot integration, and a local LLM stack via Ollama. Accessible via Tailscale zero-trust networking. All compute runs on-premises with no cloud AI dependency.
Homelab SOC Environment
Hands-on security research lab for skill development and tooling evaluation.
- Proxmox virtualization (Ubuntu + Windows Server VMs)
- Wazuh SIEM — log aggregation & endpoint monitoring
- MISP — threat intelligence platform with live feeds
- Local Active Directory structure
- Windows-based SAN
- Mailcow self-hosted email server
- CachyOS (Arch-based Linux) primary OS
- Plex & Jellyfin media servers
Certifications
CISSP In Progress
CompTIA Security+ In Progress
CompTIA Network+ Current
CompTIA A+ Current
TryHackMe — Cyber Security 101 January 2026
Implementing the NIST Risk Management Framework 2024
IT & Cybersecurity Risk Management Essential Training 2024
SOC 2 Compliance Essential Training 2024
Threat Modeling: DoS & Expansion of Authority 2024
Threat Modeling: Tampering in Depth 2024
Managed Detection and Response (MDR) Fundamentals 2024
Mitigating Cybersecurity Vulnerabilities 2024
Complete Guide to IAM for Network Engineers 2024
Microsoft 365: Administration 2024
Education
B.S. in Information Technology — Cybersecurity Concentration
Strayer University
2025 – Expected Sept. 2027
Prior undergraduate studies in Information Technology & Networking
University of Phoenix & DeVry University
Coursework completed; degrees not conferred
2005 – 2012
Volunteering
Dog Walker
PAWS Chicago
September 2016 – Present