Technical Projects

Engineered and deployed secure Group Policy Objects (GPOs) at scale using System Center Configuration Manager (SCCM) to enforce enterprise-wide security baselines across classified and unclassified enclaves. Developed custom configuration baselines and task sequences to standardize firewall settings, USB control, and BitLocker enforcement, reducing policy drift across geographically dispersed nodes. Integrated McAfee ePolicy Orchestrator (ePO) to manage endpoint protection, leveraging Host Intrusion Prevention System (HIPS), Application Control, and ENS modules for real-time threat prevention. Implemented policy tuning and centralized alerting workflows that improved endpoint detection fidelity by 45% and reduced false positives by over 30%, strengthening compliance with DoD and STIG mandates.

Directed classified hunt forward operations in support of U.S. and allied forces, targeting advanced persistent threats (APTs) on high-value DoDIN enclaves. Built and led joint cyber task forces composed of threat hunters, intelligence analysts, and incident responders. Developed and implemented custom detection heuristics and anomaly-based analysis frameworks to identify lateral movement and covert command-and-control channels. Integrated threat intelligence feeds into SIEM platforms in real time and coordinated response protocols across interagency boundaries. These operations led to the discovery and remediation of multiple long-dwell threats, directly protecting operational integrity and influencing national cyber defense posture.

Spearheaded the migration of a mission-critical application suite from an on-premises vSphere-based infrastructure to a hybrid cloud environment leveraging Azure Government and IL5-certified services. Conducted a full-stack architecture review and defined a cloud transition roadmap encompassing network re-architecture, containerization strategies, and identity management via Azure AD and MFA enforcement. Led the design and deployment of secure transit gateways, virtual network peering, and automated compliance scanning using Azure Policy. Collaborated with DevSecOps teams to replatform legacy services using infrastructure-as-code (IaC), reducing deployment times by 40% and improving audit readiness across classified workloads.