SUMMARY:

• Innovative IT Security Consultant with 16+ years of experience designing/implementing security solutions and protecting
• Performed in - depth, extensive threat modeling for numerous applications and network designs using the STRIDE and DREAD methodologies and developed threat mitigation strategies to reduce attack vectors and ensure Confidential ’s solutions could operate safely.
• Implemented Managed Detection and Response services allowing EOG to save approximately $320,000 in personnel costs while increasing the organizations response capabilities and ensuring that response personnel remain trained in the latest threats and incident response techniques.
• Implemented next generation firewalls to complement existing network segmentation firewalls which enabled Frosch to monitor user behavior analytics and block an additional 60,000 risky behaviors a year.
• Directed multiple teams involved in IT security for Orange Business Services’ $100M platform of offerings through comprehensive project and personnel management as well as performed optimization of security systems and applications.
• Developed the data loss prevention roadmap for H&R Block while optimizing the DLP policies to produce more reliable and actionable alerts for ingestion by the SOC team.
• Delivered IT security solutions for Confidential ’s $300M worldwide enterprise. Leveraged subject matter expertise to develop solutions and made recommendations for both the process control and business networks.
• Utilized the NIST Cybersecurity framework for multiple organizations to discover, mitigate, and reduce risk while developing unique strategies which balanced risk reduction with associated costs, optimizing budgets in relation to the effectiveness and prioritization of CSF initiatives.
• Saved Confidential $100,000 annually by reducing personnel effort related costs through the process of evaluating threat modeling and risk assessment processes, determining efficiency improvements, and defining strategies to optimize the execution and accuracy of these processes.
• Utilized OWASP Top 10 and other related Security compliance standards and guidelines to harden product and web applications for the Confidential Enterprise and its customers.
• Protected Hess Oil’s $40M scientific research data from a malicious insider attempting to steal sensitive scientific data.
• Eagle Scout & US Navy Veteran
• OWASP Top 10
• Symantec CASB & DLP
• Incident Response Lifecycle Management
• Vulnerability Assessments
• Security Roadmap Development
• Security Solution Design & Development
• NIST Framework
• STRIDE & DREAD Threat Modeling
• Security Architecture Design
• Security Solution Optimization
• Threat Intelligence & Hunting
• Azure Cloud Security Design
• Project Management
• Identify Finder & GTB DLP
• PCI DSS Compliance
• Emotional Intelligence
• Digital Guardian UEBA & DLP
• Cloud Security|CASB|AWS|Azure
• Critical Thinking
• Security Architecture Blueprints
• Team Development & Coaching
• Security Strategy Implementation
• Proxies & SSL Traffic Decryption

TECHNICAL SKILLS:

IT Vendor Experience: BeyondTrust, Identity Finder, Nessus, WebInspect, Palo Alto, Cisco, Checkpoint, Juniper, Symantec Anti-Virus, Digital Guardian, Bluecoat, Barracuda, Arcsight, FireEye, Metasploit, Wireshark, Splunk, WinF Disk, Cain & Abel, Zed Attack Proxy, and Social Engineering Toolkit, DDI Vulnerability Scanner

Network Security Technologies: Network Access Control, Web App Firewalls, Next Generation Firewalls, Network Segmentation Firewalls, Forward Proxy, Reverse Proxy, Packet Filters, Spam, Filters, DDOS Defense and Damage Mitigation, SIEM, Penetration Testing, Packet Analysis

Cyber Security Technologies: Data Loss Prevention, Vulnerability Management, Forensic Analysis, CSIRT, Web App Hardening, Malware Defense, CASB, Threat Dragon

Systems: Windows Server (2000, 2003, 2008, 2012), Linux Ubuntu, NOOBS, Raspbian, Tails, Tor, Wix, Python, AKS Containers

General: Microsoft Office Suite (Word, Excel, PowerPoint, Outlook, OneNote), Google Suite (Drive, Documents, Sheets, Forms), CISSP

PROFESSIONAL EXPERIENCE:

Confidential

Cyber Security Architect (Contract)

Responsibilities:

• Secured multiple enterprise level applications through the use of data loss prevention integration and Microsoft Azure policy creation.
• Spearheading the AKS container security initiative to implement the Lacework solution including coordinating with the application development, container management, image management, vulnerability management, security architecture, and SOC teams to integrate Lacework’s different capabilities with each teams processes.
• Evaluated current data loss prevention architecture to determine gaps, deficiencies, and designs that created excessive strain on both the work force and the system/infrastructure and currently drafting a plan of action and milestones to address these issues.
• Engaging multiple teams across the enterprise to develop role and responsibilities documentation as well as a RACI matrix to address the variances in container management maturity and begin the process of solidifying security for all AKS containers.
• Drafting a one-year roadmap for the data loss prevention program incorporating not only the growth requirements of the technology but also how this growth impacts the organization and ensuring timeframes, alert volume, and data egress thresholds have a minimal impact.

Confidential

Cyber Security Architect (Contract)

Responsibilities:

• Developed Security Architecture blueprints to be across multiple enterprise level environments for multiple enterprise level ap plications.
• Performed in-depth, extensive threat modeling for numerous applications and network designs using the STRIDE and DREAD methodologies and developed threat mitigation strategies to reduce attack vectors and ensure Confidential ’s solutions could operate safely.
• Developed and hardened cloud infrastructure used by Confidential for multiple applications and infrastructures including the Cloudview Platform.
• Built extensive documentation to organize and streamline the security assessment and architecture review process improving the speed, accuracy, and information reliability surrounding the entire process.
• Leveraged team building exercises and activities to increase collaboration and communication within and between the many teams that are needed to effectively address the ever-changing risks associated with Confidential ’s cyber landscape.
• Consistently utilized critical thinking skills to formulate out-of-the-box threat mitigating solutions that reduced additional cost to Confidential .
• Worked with the secure software development life cycle team to ensure coding practices were followed and that code was tested for weaknesses.
• Utilized multiple standards, laws, and best practices to ensure that internally developed code was compliant and secure.
• Performed Threat Modeling for numerous cloud and on-premises applications as well as for new infrastructures utilizing both STRIDE and DREAD methodologies.

Confidential, Austin, TX

Senior Cyber Security Engineer (Short-term Contract)

Responsibilities:

• Created multiple templates for use during the control evaluation phase of the project that were applicable across multiple control families.
• Evaluated multiple applications for NIST and HIPPA compliance, determined gaps, and formulate remediation POA&Ms.
• Designed solutions to meet compliance requirements as needed by the DADS applications.
• Wrote multiple System Security Plans for the 39 DADS applications.

Confidential, Austin, TX

Data Loss Prevention Architect (Contract)

Responsibilities:

• Developed an Azure cloud security architecture that focused on delivering high availability Microsoft services while addressing security concerns by identifying risks and attack vectors then implementing compensating controls to mitigate them.
• Reduced EDM processing time from 2 months to 1 week by restructuring the data sets in a way that allowed for easier processing and greater accuracy.
• Decreased maintenance time of the DLP system by consolidating the policies while maintaining the required granularity needed by the Information Security Operations division.
• Decreased complexity of the DLP system by reducing the number of rules required in each policy through the process of simplifying the data set design of the EDM data.
• Designing cloud integration for the DLP system to protect SharePoint data and create greater email resiliency during a disaster recovery scenario.

Confidential, Houston, TX

Cyber Security Architect (Contract)

Responsibilities:

• Handled over 800 incidents through their entire lifecycle including Preparation, Detection & Analysis, Containment, Eradication, Recovery, and Post-Event Activity.
• Managed the vendor selection and filtering process for multiple projects including Application Security, Managed Detection and Response, and Data Loss Prevention.
• Utilized the OWASP Top 10 to harden web applications against attacks and threats of various types by reducing attack vectors and baselining normal traffic.
• Implemented Managed Detection and Response services allowing EOG to save approximately $320,000 in personnel costs while increasing the organizations response capabilities and ensuring that response personnel remain trained in the latest threats and incident response techniques.
• Performed extensive proof of concepts for multiple security technologies including determining the success criteria for each security technology, setting up testing environments/selecting test equipment, configuring security applications, and performing exercises/gathering evidence to determine what success criteria is met.
• Used Confidential Data Loss Prevention technology to gather and report valuable information needed by legal for multiple investigations.
• Performed application security assessments using multiple tools and managed a project to integrate vulnerability management with the SSDLC to secure applications early during development and throughout the development lifecycle.
• Performed threat hunting exercises to detect any ongoing attacks within the organization as well as to enumerate attack vectors to gain a more holistic understanding of how the current threat landscape applies to the organization.
• Optimized security technologies currently in place by increasing their performance as well as reducing the number of false positives reported for Confidential ’ NGAV solution and multiple APT defense systems saving EOG $50,000 in professional services.

Confidential, Houston, TX

Information Security Operations Manager (Short-term Contract)

Responsibilities:

• Led the CASB vendor selection project researching multiple vendors, determining capital and labor investment, key deliverables, software capabilities, and value add summary for executive management.
• Analyzed the existing Azure cloud environment and its security controls then developed a strategic roadmap for implementing additional security measures in a manner that would not impact business functions.
• Optimized threat reporting by coordinating with the vendor to report new, more extensive and actionable metrics.
• Enhanced the vulnerability management program through improved reporting and increased coordination across multiple teams to remediate vulnerabilities.
• Managed multiple teams involved in the Meltdown and Spectre remediation project by coordinating efforts, creating a project plan and timeline, assigning responsibilities, determining deliverables, and working with vendors.
• Oversaw the Incident Management Program through objective evaluation of possible incidents, coordinating proper response, and delivering key metrics.
• Led multiple other security projects under the supervision of the CISO to achieve an increased security posture and reduce overall risk to Confidential .
• Worked with multiple teams including the infrastructure and Azure cloud teams to raise the O365 security score from in less than 90 days.

Confidential

Technical Security Manager (Contract)

Responsibilities:

• Reduced potential security incidents 75% by developing a comprehensive plan to implement a vulnerability management program, defining implementation schedule, capital and labor investment, key deliverables, software capabilities, and value add summary for executive management.
• Resolved security incidents 80% faster by managing 40 tier 1, 2, and 3 support personnel, troubleshooting problems, performing root cause analysis, repairing issues, and outlining a strategy to prevent future recurrences thereby saving Orange $150K in SLA breach costs and creating a high customer satisfaction rating.
• Managed, maintained, and administered secure network internet gateway of multiple applications, firewalls, intrusion prevention and detection systems, forward proxies, reverse proxies, SIEM systems, secure remote access systems, routers, riverbeds, switches, and web application servers.
• Increased security 55% by performing root cause analysis for P1 incidents and creating detailed root cause analysis reports for management and introducing fixes to avoid future issues.
• Delivered and maintained 99% uptime for all security devices by ensuring the engineering teams followed all processes, policies, and procedures through careful management and the creation of workflow matrices.

Confidential, Houston, TX

Security & Account Management Systems Analyst (Contract)

Responsibilities:

• Improved Confidential ’s enterprise anti-virus suite 70% (securing 65,000+ endpoints) by providing and implementing key insights for senior management as a security subject matter expert (SME).
• Saved Confidential $200K in security equipment replacement costs by creating proactive maintenance procedures that allowed the equipment to remain in good working order past their expected lifecycles.
• Managed intrusion prevention system with multiple consoles and 100+ sensors across a global enterprise environment.
• Oversaw health alerts for the intrusion prevention system and remediated issues.
• Directed and maintained a highly sophisticated APT and malware defense system for Confidential ’s global network.

Confidential, Houston, TX

Incident Response Analyst (Contract)

Responsibilities:

• Directed suspected security incident analysis, determined incident factors at multiple levels, and responded to incidents with extreme proficiency and capability.
• Protected Hess Oil’s $40M scientific research data from a malicious insider attempting to steal sensitive scientific data.
• Managed the Data Loss Prevention system used to control, monitor, and secure data movement globally.
• Improved incident response time 65% by creating Incident Response Plans including forensic tools and analysis procedures.
• Prevented threats by correlating and analyzing data to identify malicious traffic, determine the source, severity, and appropriate remediation strategy.
• Mitigated data theft risk 90% by creating data movement reports informing on data egress in the environment.
• Increased project success 70% by implementing project management software to enable tracking across numerous IT projects.

Confidential, Houston, TX

IT Security Analyst (Contract)

Responsibilities:

• Managed remediations for gaps, vulnerabilities, and misconfigurations discovered while performing cyber and network security assessments and testing.
• Saved clients $250K by designing custom vulnerability lifecycles for Confidential customer environments using Nessus and WebInspect vulnerability scanning software to perform assessments and host/network device discovery.
• Delivered extensive IT security architecture documentation to support continuous monitoring, compliance, vulnerability management, configuration management, disaster recovery planning and testing, incident response, and computer and web use restriction.
• Developed proofs-of-concept for proposed security solutions for both internal and external (resale) deployment, analyzing and testing specifications for performance and security gaps, failures, and unmet expectations.
• Performed numerous security assessments utilizing NIST CSF and RMF methodologies to help organizations understand and reduce overall risk.

Confidential, Houston, TX

IT Security & Network Administrator (Contract)

Responsibilities:

• Implemented next generation firewalls to complement existing network segmentation firewalls which enabled Frosch to monitor user behavior analytics and block an additional 60,000 risky behaviors a year.
• Oversaw network infrastructure and security for 70+ virtual servers and 20 physical servers including 2008/2012 domain controllers and 2010 exchange servers across multiple nationwide sites.
• Establish a cybersecurity framework program that calculated and addressed risk to the organization at program, policy, procedure, and technical levels.
• Reduced risk identified by the CSF by 50% thru the implementation of Identify Finder DLP to support data loss prevention and Retina vulnerability management software to identify and analyze system/network vulnerabilities.
• Saved FROSCH $1.5M by developing cyber security GAP analysis and Data Loss Prevention processes and protocols to obtain PCI compliance.
• Managed the implementation of IPS/IDS, firewalls, enterprise level anti-virus software, and performed broad scale virus removal and anti-virus administration for 1,100+ computers running windows XP, 7, 8, 8.1, and 1,100 end users.