I have worked in IT and administration since before 1989. This includes 17 years in software development, producing applications from environment control for experiment bays for shuttle missions, to business applications for insurance agencies, to applications for natural language translation of large documents into minority languages deep in the Amazon rainforest and the mountains of Papua New Guinea. This also includes 8 years working in IT administration and IT security. In early 2018 I was invited to join the newly formed IT Security team at TAMU. Since then, I have initiated and designed processes for managing vulnerabilities and reduce TAMU's threat surface. Those processes have been tremendously successful. Our vulnerabilities in our Public IP's have been reduced by 99.7%, and vulnerabilities in our internal facing high value assets have been reduced by 87% to date. The strong use of metrics has proven instrumental to drive those improvements, and to provide an objective measurement of the improvements. I am also leading an Application Security Program aimed at implementing SSDLC/DevSecOps for all application development being done at Texas A&M. I have spoken at a number of national, state and local conferences on topics ranging from general IT Security, down to specifics of writing secure code and hardening servers for security.