Senior Vice President, Director of Infrastructure & Security
Experienced technology executive with a demonstrated track record of leading engineering teams and implementing highly functional, resilient, and secure operating environments. Skilled in developing and executing infrastructure and cybersecurity strategies across the full technology stack. Adept at aligning technical execution with business goals, leading cross-functional teams, and modernizing enterprise systems through innovation, collaboration, and disciplined delivery.

Core Strengths:
Leadership • Cybersecurity Strategy • Cloud Architecture • Risk Management
DevSecOps • Zero Trust • AI-Driven Automation

Summary

Over 15 years of experience in infrastructure and cybersecurity leadership, guiding teams across systems, network, cloud, and information security.

Proven ability to design and implement scalable enterprise architectures, integrate security into every layer of technology operations, and mentor teams to achieve technical excellence.

Committed to advancing modernization, continuous learning, and the responsible adoption of automation and AI for faster, smarter problem solving.

Employment

2024–Present

Eastern Bank
Senior Vice President – Infrastructure and Security Director

• Lead 40 technology professionals (8 direct reports) across infrastructure, cybersecurity, identity, and network operations.
• Oversee 850 on-prem servers, 12+ Azure workloads, and 700+ enterprise applications supporting 2,500 employees.
• Direct the design and execution of Zero Trust network model, enterprise MFA/SSO, and modern EDR/email security controls.
• Manage strategy, architecture, and vendor partnerships across the entire infrastructure stack.
• Champion continuous learning and structured career development within the technical organization.
• Led successful 2025 data center migration from Massachusetts to Equinix NY with zero unplanned downtime.

2021–2024

Eastern Bank
Vice President – Infrastructure and Security Manager

• Developed and executed enterprise infrastructure and support strategies across server, network, and security teams.
• Defined architecture for high availability and compliance, including SOX and GLBA controls.
• Directed multi-million-dollar technology budgets, vendor contracts, and SLA governance.
• Spearheaded major modernization projects including hybrid cloud expansion, vulnerability remediation, and risk-based audit response.
• Partnered with business units to align infrastructure capabilities with growth and compliance objectives.
• Led cross-functional remediation planning for regulatory, audit, and risk-based technology reviews.

2020–2021

Eastern Bank
Vice President – Security Operations Manager

Leadership

• Managed cybersecurity teams in Incident Response, Information Assurance, Security Engineering, and IAM.
• Coordinated directly with auditors to maintain compliance with regulations and policies.
• Directed security budget and vendor contracts, leading evaluation and procurement of solutions.
• Mentored team members and established individualized training and career development plans.

Technical Initiatives

• Oversaw SailPoint IDN implementation and enterprise-wide SSO (Azure AD/SAML) configuration.
• Managed PKI infrastructure and enterprise MFA rollout.
• Automated Splunk dashboards, alerts, and forensic data workflows using PowerShell and Python.
• Enhanced incident detection and response processes for faster containment and recovery.

2019–2020

Eastern Bank
Information Assurance Manager

• Managed team of three cybersecurity professionals, overseeing vulnerability management and audit compliance.
• Drove product evaluations, process improvements, and cross-departmental security integration.
• Maintained ongoing communication with auditors to ensure regulatory compliance.
• Defined and executed training plans for professional growth and operational readiness.

2017–2019

Eastern Bank
Principal Information Assurance Analyst

2016–2017

Eastern Bank
Senior Information Assurance Analyst

Focus Areas

• Oversaw vulnerability management program and CIS baselines for servers and network devices.
• Performed SAST and DAST code reviews (Java, JavaScript, PowerShell, Python, PHP, HTML).
• Managed penetration testing and internal red-team operations.
• Led digital forensics program, performing disk and memory captures during investigations.
• Automated audit data collection, incident response workflows, and risk documentation.
• Integrated Domo BI platform for security metrics, data visualization, and KPIs.
• Created automated ETLs combining data from 30+ systems for operational intelligence.

2007–2016

Stony Brook University
Information Security Officer

• Led campus-wide security program for academic and healthcare divisions ensuring HIPAA and PCI compliance.
• Directed vulnerability management, IDS deployment, and endpoint encryption programs.
• Designed firewall and VPN architecture for secure vendor integration.
• Served as HIPAA Security Officer, overseeing annual audits and compliance training.
• Managed VMware, Hyper-V, and Windows domain infrastructure.
• Implemented server patching, configuration management, and EMR database security.

2005–2007

Stony Brook Medicine
Help Desk Technician

• Provided desktop and application support for over 10,000 users.
• Supported hospital-wide SSO project design, testing, and deployment.
• Designed and maintained IT department website (HTML/CSS).
• Managed upgrades to Unicenter Service Desk and ACD call recording systems.

Education

2011–2014
American Public University System
Master of Science in Information Technology (Digital Forensics)

2009–2011
American Public University System
Bachelor of Science in Information Systems Security (Dean’s List)

Certifications

• GIAC Defensible Security Architecture (GDSA)
• GIAC Certified Forensic Analyst (GCFA)
• GIAC Certified Penetration Tester (GPEN)
• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Forensic Examiner (GCFE)
• GIAC Certified Enterprise Defender (GCED)
• GIAC Security Essentials (GSEC)
• Metasploit Pro Certified Specialist (MPCS)
• Microsoft Certified: Azure Fundamentals
• Microsoft Certified Desktop Support Technician
• Microsoft Certified Professional
• Certified HIPAA Security Specialist
• Certified HIPAA Professional
• CompTIA CIOS
• CompTIA Network+
• CompTIA A+

Projects

Enterprise Data Center Migration – Strategic Execution & Infrastructure Modernization (Jun 2024 – Apr 2025)

Led the migration of a legacy enterprise data center to a modern, SOC-certified facility to enhance scalability, security, and sustainability.
The initiative required precise coordination among server, network, and security teams to complete a one-way migration with zero rollback option.
Key accomplishments:

• Built and outfitted the new data center cage, racks, power distribution, and ISP connectivity.
• Executed relocation of networking, firewall, and storage systems with zero downtime.
• Aligned disaster recovery testing and business continuity validations with the migration timeline.
• Deployed new firewalls, segmented networks, and inter-site connectivity for enhanced security.
• Completed the transition ahead of schedule with minimal disruption to users.

Strategic Integration Leadership – Bank Merger (Aug 2024 – Apr 2025)

Directed the end-to-end technology integration of systems, networks, and workflows during a large-scale financial institution merger.
Key responsibilities and achievements:

• Oversaw infrastructure migration, SD-WAN deployment, and enterprise-wide SSO and email cutovers.
• Partnered with multiple technical workstreams to ensure zero downtime during conversion windows.
• Maintained compliance with security standards and automated provisioning throughout the transition.
• Coordinated cross-functional collaboration to resolve DNS conflicts, shared drive access, and credential issues.
• Delivered regular reports to executive leadership, ensuring alignment and transparency across departments.

Change Control Workflow (Jan 2019 – Feb 2019)

Redesigned the enterprise change control process by developing a dynamic approval workflow in Salesforce Lightning.
Impact:

• Replaced a manual, inconsistent process with an automated, risk-based approval system.
• Created guided forms with automatic impact scoring and variable approval paths.
• Enabled full auditability and centralized visibility across all change activity.
• Reduced turnaround time and increased compliance consistency across departments.

Cyber Alert Bot (Apr 2018 – Jun 2018)

Developed an automated alert-handling workflow using Power Automate to streamline cybersecurity incident triage.
Highlights:

• Parsed SIEM alerts to identify affected users and validate actions in real time.
• Automatically routed validated incidents for review, reducing manual investigation time.
• Improved triage efficiency and response accuracy, accelerating resolution workflows.

Next-Gen AV Replacement (Jan 2018 – Apr 2018)

Led the enterprise-wide migration from legacy antivirus to a modern endpoint protection platform.
Key outcomes:

• Deployed next-gen AV across thousands of endpoints with no operational disruption.
• Coordinated with compliance and identity teams to ensure seamless integration.
• Enhanced detection, response, and threat prevention capabilities enterprise-wide.
• Established the foundation for future security automation initiatives.

Cyber Security Metrics Automation (Jan 2018 – Mar 2018)

Architected an automated metrics platform to centralize cybersecurity and project management reporting.
Technical and operational impact:

• Integrated data from 30+ sources (SQL, APIs, spreadsheets) into a unified Domo environment.
• Built ETL pipelines and dashboards to deliver real-time insights and cross-departmental transparency.
• Enhanced reporting accuracy, risk visibility, and executive decision-making.
• Reduced manual data handling while strengthening governance and alerting precision.

Network Migration (Jun 2015 – Jul 2015)

Directed the migration of a healthcare network from a public environment to a private, segmented Class C network.
Highlights:

• Designed and implemented redundant high-availability firewalls for continuous uptime.
• Introduced granular access control policies and modernized network architecture.
• Improved reliability, performance, and compliance with institutional security standards.

Single Sign-On Implementation (Aug 2007 – Nov 2007)

Collaborated with vendors and internal teams to design, test, and deploy an enterprise SSO solution for thousands of users.
Results:

• Delivered seamless authentication across multiple applications.
• Improved user experience, efficiency, and security.
• Authored knowledge-base documentation and trained staff for sustainable long-term support.

Technical Skills

Languages & Automation: PowerShell, Python, Javascript, Bash, RegEx
Security & Monitoring: Splunk, SailPoint IDN, Tenable, CrowdStrike, FireEye, Threatlocker
Cloud & Infrastructure: Azure, Cloudflare, Akamai, VMware, Cisco
Development Tools: Git, GitLab CI/CD, HTML, CSS
Analytics & Data: Domo, SQL, Power BI, API Integration

Areas of Expertise

Vulnerability Management • Penetration Testing • Incident Response • Security Metrics • Risk Management • API Management

Awards & Recognition

• Above and Beyond Awards (8x) – Eastern Bank (2016–2024)
• GIAC Advisory Board Member
• President’s Volunteer Service Award – Lifetime Achievement

Volunteer Leadership

2005–2015

Port Jefferson EMS – President and Chief of Department

• Led 125 volunteers and employees, managed operations, budgets, and emergency response coordination.
• Implemented electronic medical records system and improved KPI-based performance tracking.
• Chaired board meetings and negotiated inter-municipal budgets.
• Developed comprehensive EMT and continuing education training programs.

2001–2015

Port Jefferson EMS – EMT / Critical Care Technician

• Provided emergency medical care and transportation for Suffolk County patients.
• Coordinated care with physicians and nurses; ensured compliance with NYS DOH Part 800 regulations.
• Logged over 5,000 hours of volunteer service.

Philosophy

I embrace AI and automation as tools that elevate both coding and troubleshooting efficiency.
By encouraging teams to explore AI-assisted development and data analysis responsibly, I promote a culture of curiosity, learning, and continuous improvement — ensuring innovation remains secure, efficient, and human-centered.

References

Available upon request.