Career Profile
With over two decades of IT experience, including 4+ years as Senior Director of Information Technology at SEPTA, David specializes in cybersecurity, networking, and cloud solutions. They have contributed to the organization’s mission by enhancing infrastructure security and operational efficiency. Prior roles, including Senior Project Leader at SEPTA, highlight their expertise in managing technical teams and implementing robust systems for detection, threat and vulnerability management. Dedicated to fostering resilient IT environments, they aim to align technology initiatives with organizational goals to empower seamless and secure operations.
Experiences
I provide technical leadership and ownership for SEPTA’s information protection functions. I own all aspects of information security for SEPTA, including procedures, risk analysis, threat modeling, incident response, vulnerability management, security engineering, staff development, application security, Identity and Access Management (IAM), the Security Operations Center (SOC), and Governance, Risk, and Compliance (GRC). I lead a team of 34 people, 5 of whom are dedicated to information security. I had several notable accomplishments in this role. I engineered improved information security systems to protect SEPTA’s digital assets after a serious incident in August 2020. I established information security standards for internally developed and externally acquired applications and systems. I architected and implemented technologies including SIEM, SOAR, DevSecOps, EDR, firewalls, and IAM solutions. I worked with diverse groups within SEPTA to influence them to adopt stronger cybersecurity standards. I authored a grant request that led to the Department of Homeland Security (DHS) granting SEPTA approximately $10 million to improve SEPTA’s information security systems. I grew the size of the information security team to meet SEPTA’s needs and handle a realistic workload.
- Technical leadership and ownership of all cybersecurity functions
- Lead a team of 34 people
- Engineered improved cybersecurity systems
- Established cybersecurity standards
- Implemented SIEM, SOAR, DevSecOps, EDR, firewalls, and IAM solutions
- Authorized grant that was awarded $10m for cybersecurity improvements
I managed a team responsible for SEPTA’s networks, servers, cloud infrastructure, and end user support. My team consisted of 14 people.
My notable accomplishments in this job included modernizing dozens of legacy systems, improving security posture of infrastructure systems, implementing direct Internet service, improving network performance, completing SEPTA’s transition to virtual servers, and instituting standard architectures and standard procedures for infrastructure.
- Improved infrastructure security
- Instituted security architecture standards
- Lead a team of 14 people
I provided security and network engineering services to clients. EIRC served both public and private organizations. I worked with a team of other engineers on projects ranging from incident response, security engineering, network engineering, and server engineering. I had several notable accomplishments in this role. I designed, engineered, and operated a secure shared Internet Service Provider (ISP) for school districts. I implemented complex firewall systems for large customers. I provided expert advice on information security architecture to clients.
- Incident Response
- Security Engineering
- Network Engineering
- Server support
I managed all aspects of the district’s networks, servers, and end user support systems. I was the team lead for a team of 5 people, including myself.
Certifications
I am studying for my CISSP certification.
Talks
I submit talks to and volunteer for several cybersecurity conferences.