Patrick Wilson - Hire this guy! He is great!

Cybersecurity Operations Manager | Senior Security Engineer

Seasoned Security and IT leader with 15+ years of extensive experience in designing, implementing and maintaining secure systems and architectures at scale. Years of expertise in managing cross-functional teams and projects, focusing on multi-cloud security solutions supporting critical infrastructure. A lifelong cellar-dweller who thrives in non-naturally lit environments and approaches every security and compliance challenge with optimism, collaboration, and a sense of humor. Passionate about enhancing enterprise cloud security, compliance knowledge, and dedicated to being part of a resilient and dependable security operations team. Proven track record with years of experience in many dynamic and unique professional settings and industries.

Technical Skills

Frameworks:

MITRE ATT&CK, HITRUST, OWASP, GDPR, HIPAA, ISO/IEC 27001, NIST SP 800, NIST CSF, PCI DSS, CSA, SOC2, CIS, FedRAMP - Creating Security SOPs and implementing STIGs to enforce compliance

Technologies:

AWS (Amazon Web Services), Azure, Google GCP, Docker, Microsoft Hyper-V, VMware, Citrix, RackSpace, OpenStack, Kubernetes, Nutanix, DigitalOcean, VxRail, and many more

Preferred Tools:

Microsoft 365 Security and Compliance Center, AWS GuardDuty, AWS Config, AWS CloudTrail, Tenable, Entra, CrowdStrike, Nessus, RedCanary, DataDog, Rapid7, KnowBe4, Splunk, Palo Alto, Wiz, Mimecast, CheckPoint SASE, Jira, Confluence, Snyk, StackHawk, Burp Suite

Thousands of hours with various offensive and defensive enterprise and open-source security tools

Professional Experience

Sr. Information Security Manager | <Withheld for Security Reasons>, USA, 2023 - Current

Leads information security team for a leading healthcare IT software provider, ensuring the protection of sensitive patient data, our enterprise security and compliance programs.
Compliance through automation to enforce industry regulations such as HIPAA and HITRUST.
mplemented vulnerability remediation programs, change management, multi-cloud disaster recovery, role-based access control (RBAC), privileged access management (PAM), email security gateways, static code analyst vulnerability reporting, and XDR/EDR solution management.
Oversee day-to-day security operations, including monitoring, incident response, and threat intelligence analysis, while mentoring junior staff.
Frequently meet with the Board, Senior Leadership Team, and other large healthcare organizations to share security experience, playbooks, and best practices.
Manage Security Team personnel to implement security awareness training programs, fostering a culture of security awareness. Train IT Team in best practices for enterprise management.
Implemented SIEM, MDR, SOAR, SAST/DAST, PAM EPM, DLP and SASE solutions.

Sr. Information Security Engineer | Municipal Securities Rulemaking Board, Washington, DC 2022 - 2023

Led key security programs, including Threat Intelligence, Vulnerability Management, Incident Response, Daily Security Operations, and Round Table Events.
Oversaw cloud security services to maintain compliance and mitigate risks.
Developed and maintained security requirements and standards, ensuring compliance and reporting key findings to executive leadership and the Board.
Built SOPs for Info Sec Team for repeatable tasks, investigations, and playbooks.
Managed GRC reporting to support financial regulatory compliance and broader security governance requirements.
Provided leadership and continuous training for colleagues, enabling cross-team collaboration.

Cyber Exposure Consultant | Security Engineer | Tenable, Inc., Columbia, MD 2022

Advised customers and government agencies on vulnerability scanning best practices, ensuring compliance with leading security frameworks. Developed sustainable security programs to strengthen long-term resilience and risk mitigation.
Redesigned onboarding playbooks and engagement scripts, improving usability for Tenable employees and third-party consultants.

Security Operations Manager | Lead Security Engineer | Audacious Inquiry, Baltimore, MD 2019 - 2022

Managed IT, Networking, Infrastructure, and Security departments with multiple reports.
Served as the Technical Subject Matter Expert (SME) for all Operations teams and leadership.
Earned multiple promotions, successfully leading diverse teams across technical disciplines.
Ensured HITRUST Certification; developed processes around compliance and security needs.
Created SOPs for exercises, documentation for all systems, and repeatable actions.
Led multiple daily scrums, managed projects (PM), directed customer communication, and often interfaced with outside organizations' security, networking, or compliance teams.
Managed 40+ AWS accounts and AWS Organization, Azure, and Microsoft 365 deployment.
Migrated thousands of resources from traditional data centers to multiple cloud platforms.
Worked directly with federal government and cloud providers to ensure all guidelines were met, prioritizing compliance and security.
Contributed to the next phase of growth and funding, creating substantial cost savings.
Managed Objectives and Key Results (OKRs) reporting to management and stakeholders.
Recruited and developed the next generation of IT, Networking, Infrastructure, and Security personnel and management team members, building robust hiring and screening processes.
Passionate about growing team members' skill sets and progressing their individual career goals.

Cloud Solutions Engineer | Systems Administrator | Dollar Bank, Pittsburgh, PA 2018 - 2019

Redesigned all on-prem infrastructure to be cloud-ready using industry best practices.
Oversaw large-scale virtualization deployments with 700+ VMs, establishing cloud footholds in AWS and Azure, including Azure AD, Intune MDM, and E-Discovery.
Designed and implemented high-availability and multi-site disaster recovery, backups, baselines, and configurations, bringing the organization into industry-standard IT methodologies.
Ensured all platforms and infrastructure adhere to federal guidelines and regulatory compliance.
Introduced DevOps methodologies and infrastructure-as-code practices, streamlining operations with standardized procedures and environment documentation.
Worked in tandem with the Security Team to design more robust monitoring and SIEM.
Established the Enterprise Architecture Board to standardize project onboarding and operational procedures, providing strategic security guidance across initiatives.

Lead Systems Engineer | B2BConnector, Washington, DC 2016 – 2018

Designed highly available E-Commerce platform in the AWS cloud for internal testing.
Leveraged hosted services to house GDPR and PCI compliant databases and servers.
Built a sustainable fleet of EC2 instances using Spot Instances for maximum cost savings.
Created and maintained monitoring and logging for all infrastructure.
Developed CloudFormations for disaster recovery and automatic deployment.

Systems Engineer | NCsoft Subsidiary, Seattle, WA 2017 – 2018

Led the migration of 1,000+ servers to AWS for an MMO game, achieving an industry-first with zero customer-facing downtime.
Established a globally distributed game server infrastructure with robust disaster recovery mechanisms, optimizing performance and reliability.
Developed a global presence for game servers and disaster recovery for all infrastructure.
Implemented IAM Secure Access, Route 53, and advanced monitoring and alerting systems. Spearheaded large-scale HA SQL deployments, strategically converting SQL Servers to SQL Express, yielding hundreds of thousands in cost savings.
Ensured GDPR compliance of the platform, working with Amazon counterparts on-site at AWS.
Managed security and forensic tactics and strategies, published documentation and standard operating procedures along with mentoring junior staff.

Systems Engineer | Brailsford & Dunlavey, Washington, DC 2013 – 2017

Managed 50+ servers, IT systems for 200+ users, 8 national offices, and multiple BI interfaces.
Migrated on-premise servers to multiple co-location facilities for high availability.
Developed security policies, disaster recovery plans, white glove service, and E-Discovery.
Developed a 24/7 enterprise monitoring system with real-time reporting, achieving 99.9% uptime and ensuring infrastructure resilience.
Developed new business solutions and implemented through IT, BI, and analytics.
Migrated MS Exchange from 2007 to 2016 and created high-availability (HA) DAG.
Directed IT operations for sister company CENTERS USA, earning promotion from Systems Administrator to Systems Engineer through demonstrated leadership and technical expertise.

IT Specialist | Freedom House, Washington, DC 2012 – 2013

Solely designed IT for HQ and 10+ international offices, managing a 200+ user environment.
Managed multiple systems, including AD, Exchange, SharePoint, SQL, BES, Archive Servers, NAS/SAN, and VMware.
Deployed multiple secure systems, dealing with various encryption technologies and secure communications platforms.
Network Administration: Managed LAN, WAN, VPN services, Firewalls, IPS, switches, etc.
Interfaced with executive-level management regularly, attended local conventions and meetings, and worked across multiple languages and time zones worldwide.
Published international best practices for personal device encryption and security standards.

Education | Certifications | Affiliations | Groups

Education:

University of Maryland University College – College Park, MD – CyberSecurity
Howard Community College – Columbia, MD – Computer Forensics

Affiliations & Groups:

InfraGuard – FBI Civilian Relationship
Open Source Security Foundation Member
Cloud Security Alliance – Pittsburgh Chapter Founding Member
Information Systems Security Association – ISSA
Cybersecurity Association of Maryland Affiliate

Certifications:

VMware Certified Professional 2006
EC-Council Certification: ENSA
CompTIA A+ 2006, Sec+ 2006
ITIL Foundation Level
AWS Certified SysOps Administrator 2017
AWS Certified DevOps Engineer 2017
Splunk Power User
Microsoft SharePoint Architect for NGOs

Contributor on Security Publications and Communities such as AWS Security and Networking Best Practices for internal Amazon Web Services use Download Resume (PDF)