Joshua M.

Experience

• 

  Various Fine Dining Establishments

  Apr 2008 - Mar 2012

  Server / Bartender

  -Worked throughout various fine-dining establishments in the Washington D.C. region for over 4 years beginning in college.-Gained an extensive background in providing outstanding customer service to a melting-pot of affluent customers.

• 

  Power Home Remodeling Group

  Jan 2012 - Dec 2012

  Outbound Marketing Manager

  - Main responsibility involved lead generation through door-to-door prospecting and marketing- Received ongoing marketing training and attended regular sales and marketing meetings- Overcame frequent objections in the field, faced a 99% rejection rate, and exceeded daily minimum quotas of 3 leads a day by maintaining a positive outlook and closing prospects at the door- Mentored and provided training to new employees- Worked closely with a team of 5 to meet daily and weekly quotas while reinforcing a positive team mentality. This included identifying mental blocks that employees were running into and assisting them with overcoming these obstacles. Show less

• 

  MICROS Systems Inc

  Aug 2013 - Aug 2014

  Technical Support Analyst

  - Worked with and assisted clients ranging from restaurant managers to corporate IT directors in troubleshooting point-of-sale systems over the phone or by establishing a remote connection with the server to research the issue, document relevant discoveries, implement the most effective solution, and follow-up with client for resolution confirmation.- Configured and managed network devices including routers, switches, client workstations, wireless tablet workstations, and remote order devices in compliance with PCI standards.- SQL Server administration: database installations, backups, and disaster-recovery rebuilds.- Utilized basic and complex SQL scripts to query and update data sets.- Analyzed system log files to assess initial causes of errors and to determine root cause of the problem. Show less

• 

  TerpSys

  Aug 2014 - Jul 2016

  Computer Analyst III

  - Mentored by 3 senior systems engineers/program managers who had over 60 years of combined experience and expertise in network design and systems engineering.- Managed and maintained Active Directory domain, built and maintained self-sustainable 1-man helpdesk system by utilizing systems such as Windows Deployment Server for imaging machines and Kace K1000 for managing system updates and deploying automation scripts- Single point of contact for end-user support involving desktops, peripherals, laptops, mobile devices, conference room A/V equipment, and copiers in a very compliance-driven financial client environment.- Managed, monitored, and deployed all A/V software and Microsoft patches in addition to writing, maintaining, and deploying various scripts via Kace K1000- Consulted directors and department heads to determine what business processes could be improved utilizing Sharepoint. Implemented a multitude of Nintex Workflows that improved business processes across our on-premise Sharepoint farm. Show less

• 

  Viriton

  Jul 2016 - Dec 2017

  - Lead the initiative to enter the Managed Security Services Provider market and designed security service packages, vetting various multi-tenanted security platforms including anti-virus and endpoint management, cloud/off-site backup solutions, log aggregation and analytics, vulnerability scanners, as well as other various security tools required to assist us in providing MSSP solutions.- Developed three tiers of security service offerings: Bronze, Gold, and Platinum. Configuration packages and pricing market were based on market research and client interviews performed alongside our COO.- Established repeatable processes for on-boarding new clients and performing security and compliance audits. Focused on niche medical market by performing HIPAA Risk Assessments for covered entities and health providers.- Implemented very creative security awareness training programs. For example, I designed and printed educational content in the form of office posters, often captioned with 'dad-jokes' to help resonate various cyber-security points across end-user bases. Also trained against social engineering attacks by teaching end-users how to create their own phishing emails, helping them to understand the mentality behind the attacker and ultimately improve their ability to identify these attacks before it's too late.- Designed the security alerting and monitoring architecture for our SIEM which entailed configuration of alert triggers, determining where and who those triggers would alert, and establishing clear procedures for responding to these various alerts. Also outlined and documented SLA's for security response times depending on criticality of alerts. Show less - Provided tier III support for clients in the Healthcare, Finance, Gas & Oil industries and acted as the third and highest point of escalation.- Designed, maintained, and automated routine tasks across various Windows Active Directory environments for over 30 small-medium sized businesses.- Oversaw and managed technical projects from start to finish. Examples of technical projects: Active Directory deployments, Virtual Desktop Infrastructure (VDI) design and implementation, network infrastructure design and deployment, etc. Show less

  • Security Team Lead

    Jan 2017 - Dec 2017

  • Sr. Systems Administrator

    Jul 2016 - Jan 2017
• 

  Self-employed

  Dec 2017 - Sept 2020

  IT Security Consultant

  - Performed HIPAA Annual Risk Assessments for medical facilities and HIPAA-covered entities, including various EHR and EMR SaaS companies- Performed general system and network security assessments that involved running external vulnerability scans, performing ACL and privileged access reviews, aggregating lists of active user accounts and identifying associated employee or service function. Final product included several reports including a risk scoring matrix, a management plan with action-items prioritized by their associated risk score, and a document containing evidence collected.- Provided secure architecture and system design consulting across various self-hosted/on-premise datacenters, hybrid cloud solution providers, and cloud platforms such as AWS and Azure. Show less

• 

  PaySimple

  Feb 2018 - Sept 2020

  Security Engineer

  - Built and implemented Office 365 security hardening standards to mitigate corporate identity breaches. - Lead engineer overseeing AWS cloud application infrastructure and payment processing platform across 5+ highly-regulated VPC's and several Active Directory forests.- Designed and built several OpenVPN servers to provide secure access to highly regulated environments- Oversaw all IT operations throughout corporate and cloud application environments utilizing - Managed Service Provider to provide helpdesk support- Maintained PCI compliance as a level-one service provider and performed/automated compliance document collection and routine internal compliance auditing in preparation for annual PCI audits.- Performed web-application penetration testing, whitebox network segmentation boundary testing, blackbox external vulnerability assessments, and graybox internal penetration testing,- Managed and oversaw 3rd party penetration tests when required by compliance Show less

• 

  EverCommerce

  Oct 2018 - Sept 2020

  Security Engineer
• 

  Robert Half

  Sept 2020 - now

  • Enterprise Security Architect

    Mar 2025 - now

  • Manager, Security Architecture

    Jun 2022 - Mar 2025

  • Senior Security Architect, Team Lead

    Jul 2021 - Jun 2022

  • Principal Security Engineer

    Sept 2020 - Jun 2022