A seasoned IT professional with over 15 years of experience driving technological innovation and strategic growth across diverse sectors, including accounting (Noseworthy Chapman Chartered Accountants), offshore oil & gas (Sea1 Offshore), and automotive ad tech (Lotlinx), with a consistent focus on building and maintaining secure and compliant IT environments.
My ambition and interest in technology at such a young age and throughout my life has given me a technical understanding that I have leveraged throughout my career to consistently deliver effective and secure solutions and lead impactful IT and cybersecurity initiatives.
Known by colleagues for my technical expertise and problem-solving abilities, particularly in the realm of security and compliance, I am passionate about implementing forward-thinking and secure systems and networks that enhance an organization's reliability, robustness, and overall strategic objectives, while adhering to stringent security standards and regulatory frameworks.
Lotlinx is an automotive technology industry leader in VIN demand that enables precision retailing via patented data science and AI/ML technologies serving car dealerships in the United States and employing 150 employees across five offices, with both hybrid and remote staff, in Canada and the United States. Reporting to the VP, Product Operations, the IT Manager is the key organizational resource responsible for all IT Operations across the organization to ensure IT Service Management and Operations objectives are met while the company scales and leads the implementation of cybersecurity compliance initiatives for SOC 2.
Sea1 Offshore is a marine transportation company serving oil and gas companies in the North Atlantic and employing 160 employees across two offices and six seagoing vessels. Reporting to the Director, Operations, the IT Coordinator is the key organizational resource responsible for the maintenance and administration of the marine ERP system (ABS Nautical Systems) to ensure asset and compliance management in a dynamic, regulated work environment.
Noseworthy Chapman is a full-service accounting firm employing 70 staff in local and remote offices. I reported to the Managing Partner and was the sole IT resource in a company recognized as one of Atlantic Canada’s Top Employers.
The Canada-Newfoundland and Labrador Offshore Petroleum Board manages the petroleum resources in the Newfoundland Offshore area on behalf of the Government of Canada and the Government of Newfoundland and Labrador.
The Office of the Chief Information Officer is a professional information technology and information management organization that supports the government and citizens of Newfoundland and Labrador.
The Office of the Chief Information Officer is a professional information technology and information management organization that supports the government and citizens of Newfoundland and Labrador.
Completed BetterCloud Certified Administrator Certificate
Completed Harassment and Violence Prevention for Employees Certificate
Completed Canada Labour Code, Part II An Overview & Health and Safety Committees and Representatives Certificates
Completed Bribery Prevention & Economic Sanctions Certificates
Completed 3 year Programmer Analyst (Business) Co-op program with three 4 month work terms
Directed and executed all stages of a ground-up SOC 2 compliance initiative, resulting in improvement in the company's overall security landscape. This proactive measure ensured alignment with key industry standards, mitigating potential risks and demonstrating a strong commitment to secure IT service management practices.
The International Maritime Organization (IMO) mandated guidelines for seafaring vessels to implement a cyber security plan
to address risks and implement controls and measures to address cyber security threats. As per IMO MSC-FAL.1/Circ.3 Guidelines,
I developed a cyber security plan to satisfy this regulatory requirement. Using the NIST Cybersecurity Framework, I created the
cyber security plan tailored to the information security baseline requirements for process control, safety and support ICT systems.
The cyber security plan includes risk assessments for all critical areas of a vessel, procedures, reporting, policies, drills,
training, inventory, and audits.
Actively involved in all aspects of Personal Identifiable Information (PII) management, ensuring the establishment and enforcement of comprehensive controls, policies, and regular reviews to guarantee the company's adherence to critical legal and regulatory frameworks. This included maintaining compliance with the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), as well as implementing and monitoring controls aligned with SOC 2 standards for data protection and security.
Developed and implemented a suite of comprehensive IT and security policies across the organization, establishing a formal governance framework that received full endorsement and approval from senior management. This initiative was crucial for setting clear standards, mitigating risks, and ensuring compliance across all IT operations and security practices.
Developed and implemented a framework of quarterly Objectives and Key Results (OKRs) and Key Performance Indicators (KPIs) for the IT Operations department to strategically measure performance against service delivery targets and project outcomes. This initiative ensured alignment with business objectives, provided clear metrics for success, and facilitated data-driven decision-making for continuous improvement within IT Operations.
Strategically architected and deployed Okta as a foundational security platform, leading the seamless migration of all organizational applications to a centralized single sign-on (SSO) and multi-factor authentication (MFA) system. This initiative significantly strengthened the company's security defenses while simultaneously streamlining user access and enhancing overall productivity.
Engineered a robust and automated user lifecycle management system leveraging advanced technologies such as APIs, SCIM, webhooks, and event triggers to enhance organizational security. This critical project automated access controls, ensuring appropriate user permissions throughout their tenure and facilitating prompt offboarding, thereby mitigating security risks associated with outdated access. Custom JavaScript scripts were developed using BetterCloud extensions to optimize API interactions.
Drove the implementation of a robust Remote Monitoring and Management (RMM) platform across all end-user devices, directly supporting the achievement of IT Service Management (ITSM) goals and the adherence to critical SOC 2 security controls. This initiative facilitated proactive device management, improved operational efficiency within IT, and provided essential data and controls necessary for maintaining SOC 2 compliance.
Successfully implemented the KnowBe4 cybersecurity awareness training platform, managing the procurement process and ensuring the efficient export and import of its training content into our corporate LMS. This initiative directly supported the organization's commitment to strengthening its security defenses by providing employees with industry-leading cybersecurity awareness education.
Implemented Microsoft Intune as the organization's Mobile Device Management (MDM) solution across all end-user devices. This critical initiative directly supported key IT Service Management (ITSM) objectives by enabling centralized device management, application deployment, and policy enforcement. Furthermore, the implementation of Intune was instrumental in meeting and maintaining critical SOC 2 security controls by providing capabilities for device compliance, data protection, and remote wipe functionalities across the entire mobile device fleet.
Initiated and successfully delivered the implementation of an Endpoint Detection and Response (EDR) solution across the entire fleet of end-user devices, a strategic measure to enforce essential security controls mandated by SOC 2. This project was instrumental in enhancing the organization's security monitoring and incident response framework, ensuring compliance with industry regulations.
Led the strategic upgrade of the organization's network infrastructure by implementing Fortinet network devices, including FortiGate firewalls, FortiAP wireless access points, and FortiSwitch managed switches, across all office locations. This initiative established centralized control and management over the networks, significantly enhancing security protocols, improving overall network uptime, and ensuring reliable connectivity for all users.
Championed and executed the implementation of 1Password as the organization's secure password manager, modernizing password management practices and significantly improving overall security. This project included the seamless migration of all passwords from insecure shared spreadsheets to the 1Password platform. To ensure successful adoption, I developed and delivered comprehensive training sessions for all employees, empowering them to effectively manage, generate, and securely share passwords.
Conducted a comprehensive audit of all email-enabled systems to scope and implement a DMARC email policy, significantly enhancing the organization's email deliverability and proactively mitigating the risks of email spoofing and spam. This initiative strengthened the security posture of the organization's email communications and improved overall operational efficiency by reducing spam-related disruptions.
Completed a complex Slack Workspace migration project, seamlessly merging two separate instances into a single, integrated platform with zero downtime. This carefully orchestrated transition minimized impact on end-users, ensuring continuous communication and collaboration, and ultimately streamlining IT service management and enhancing the overall user experience.
Engineered a comprehensive data migration solution utilizing the APIs of both Docebo and LearnUpon to facilitate the company's switch to a new learning management system. Developed custom JavaScript scripts to extract and import all data and historical records, ensuring a seamless and accurate transition that preserved critical learning history and minimized impact on users.
Successfully executed a full system migration of all VoIP services from RingCentral to Zoom Phone, managing the transition for both software and hardware phone endpoints across the organization. This project prioritized a smooth user experience and included the essential configuration of 10DLC campaign registrations to maintain full SMS and MMS capabilities for all provisioned phone numbers.
Deployed Zoom Meetings for the Sales and Commercial teams to enhance revenue operations by introducing essential capabilities for recording and tracking customer meetings, as well as establishing integration with Salesforce. This project directly addressed the previous lack of meeting data within the CRM system, empowering sales teams with valuable insights and improving overall sales effectiveness.
Identified key inefficiencies and integration issues stemming from the Sales team's reliance on Chromebooks, which hindered scalability with the company's technology roadmap and negatively affected user productivity. Following a comprehensive assessment, proposed and secured approval for a transition to Windows laptops, leading the successful deployment and achieving a notable enhancement in user experience and overall efficiency within the Sales organization.
Led the successful implementation of Google's Mobile Device Management (MDM) solution and Google Credential Provider for Windows (GCPW) to strengthen device security and streamline user access. The deployment of Google MDM provided the necessary tools for managing and controlling devices, ensuring that security policies were consistently enforced across the organization. By implementing GCPW, users were enabled to leverage their existing Okta credentials for Single Sign-On (SSO) to their Windows devices, enhancing both security and user convenience.
Led a comprehensive overhaul of the Jira Service Desk platform, focusing on enhancing the user experience of the customer portal to facilitate proper ticket submission. This strategic redesign included the implementation of automations, tailored issue types, Service Level Agreements (SLAs), and streamlined workflows, resulting in significant optimization of the overall IT service management process and improved service delivery.
Successfully implemented the Logitech Rally Bar Conferencing System in strategic meeting spaces throughout the company, ensuring seamless integration with the established Google Meet Hardware infrastructure as a calendar resource. This upgrade provided a unified and intuitive audio-video conferencing experience, improving the effectiveness of meetings and facilitating enhanced team collaboration across different office locations.
Engineered a robust and automated identity management system centered around Okta as the definitive source of truth for all employee access and metadata. This involved the development of API integrations, configuration of SCIM for streamlined provisioning, and implementation of SAML for secure authentication. The HRIS (Rippling) was integrated to automatically populate and update Okta with employee data, which was then distributed to all relevant systems. Employed BetterCloud with API automations to bridge gaps in native Okta support, ensuring consistent user provisioning and de-provisioning across the entire technology ecosystem.
Built from scratch, I implemented Nagios monitoring for several remote sites on CentOS (RHEL) to monitor all critical network and
server infrastructure. This includes all network equipment, physical servers, hypervisors, virtual machines, printers, and UPS's.
All of this monitoring was centralized and alerts were setup to let me know if certain checks didn't pass, so I can address issues.
Completed a migration project to migrate Microsoft Exchange 2010 on-premise to another Microsoft Exchange 2016 on-premise server.
Completed a migration project to migrate GoogleApps email to an on-premise Microsoft Exchange 2010 server.
Built from scratch, I developed a WordPress intranet site for all employees to access. This site used a WordPress plugin utilizing OAUTH with Office 365 for authenticating users. The site also tied in Yammer feeds from different departments and also hosted the document management system (DMS) I developed.
From the ground up, I developed a document management system (DMS) that allowed authorized users to create or modify documents on a SMB share which then would be replicated via FTP to remote sites and the Intranet. The DMS was accessible via the SMB share or the web interface on an internal LAMP stack web server. The website was programmed in PHP.
Implemented Veeam Backup & Replication in multiple sites. This allowed backups to occur regularly as well as replication of virtual machines to hypervisors at remote sites for fail over and redundant offsite backups.
Implemented the OpsLock HSEQ and crewing system in our environment. OpsLock is used for work permits, risk assessments, crewing training documents, and other functions of an offshore workplace. This system replaced and streamlined a paper based process into a digital process.
TM Master is a fleet management, maintenance, purchasing & procurement, HSEQ, crewing, and voyage system that allows companies to manage vessels.
When our company would procure new vessels for the organization, they would likely be using a different fleet management system which had data in it that
needed to be imported into our fleet management system. I exported data from this MSSQL database using SQL queries and formatted the data to be imported
into our fleet management system ABS Nautical Systems.
K-Fleet (Consultas) is a fleet management, maintenance, purchasing & procurement, HSEQ, crewing, and voyage system that allows companies to manage vessels.
When our company would procure new vessels for the organization, they would likely be using a different fleet management system which had data in it that
needed to be imported into our fleet management system. I exported data from this MSSQL database using SQL queries and formatted the data to be imported
into our fleet management system ABS Nautical Systems.
Implemented the ESET Protect virtual appliance for central management and monitoring of ESET antivirus products at all remote sites. This allowed monitoring, updates, control, and reporting from a central interface.
Converted physical servers to virtual machines and setup new servers running the VMware ESXi hypervisor. This enabled a fully virtual environment for all servers which allowed much easier management, monitoring, and fail over.
Implemented PDQ Deploy and PDQ Inventory for software patch management and asset management. This created a greater visibility of software assets deployed on workstations and servers which also allowed for easy patch management of vulnerable software.
Deployed GoToAssist on all workstations and servers to allow remote access for troubleshooting, support, and management of assets.
Implemented the SonicWall Email Security Virtual Appliance as the edge MTA for the organization to filter incoming email for spam and malware.
Provisioned new HP servers to run VMware ESXi and migrated virtual machines to these new servers.
Setup Ubiquiti AP's and setup the software controller to manage the wireless access points.
Implemented AirWatch MDM on all employee owned (BYOD) devices so that the business could satisfy the information security requirement for controlling confidential information. This allowed us to remotely wipe corporate data from the user owned device without erasing everything on the device. This also allowed the provisioning of corporate apps and data to devices without manual intervention.
CaseWare Working Papers is a desktop software solution for engagement management. Used by accounting firms this platform integrates everything you
need to conduct assurance and reporting engagements.
BAIWay ClientDocs is a methodology used for standardizing the way accounting firms use CaseWare Working Papers and I implemented this methodology
to help standardization and transition from a paper based to paperless system.