We provide IT Staff Augmentation Services!

Global Lead Of Cybersecurity Operations Resume

Deerfield, IL

PROFESSIONAL EXPERIENCE:

Confidential, Deerfield, IL

Global Lead of Cybersecurity Operations

Responsibilities:

  • Directed a team of 50+ cybersecurity analysts and engineers responsible for the execution of all cybersecurity operations at a major Confidential 500
  • Security Monitoring
  • Cybersecurity Incident Response
  • Offensive Cybersecurity
  • Threat Intelligence
  • Security Platform Administration
  • Security Information & Event Management (SIEM)
  • Managed a multi - million dollar budget, balancing operational expense and capital expense as the industry migrates to SaaS models
  • Designed and managed the transition from a managed security service model to a fully in-sourced, international labor model, hiring more than 40 staff members in a single year with zero staff loss
  • Designed and managed the transition from obsolete security technologies to modern next-generation endpoint security tools, sandboxing technologies, security monitoring and log aggregation tools, user behavior anomaly detection, security orchestration and automation frameworks, vulnerability management and red-teaming frameworks, and machine/deep learning cybersecurity initiatives to include:
  • Splunk Enterprise / Enterprise Security
  • Splunk User Behavior Anomaly Detection
  • Phantom SOAR
  • Splunk Machine Learning Toolkit
  • Carbon Black Defense / Response / Protect
  • FireEye NX / MX
  • Qualys
  • Core IMPACT
  • Managed multiple consulting/contractor engagements to supplement staff and escalate adoption timelines
  • Implemented red-team, purple-team, and threat hunting activities as part of a continuous, on-going breach assessment process
  • Responsible for the operational implementation of global Operational Technology cybersecurity plan
  • Responsible for building technical and non-technical processes needed to support security monitoring and incident response activities around IoT manufactured medical devices
  • Responsible for construction, maintenance, and implementation of global Cybersecurity Incident Response Plan

Confidential, Baltimore, MD

Senior Associate

Responsibilities:

  • Led a team of consultants engaged with security operations for large international clients
  • Worked holistically on security operations (to include security monitoring, incident response, and threat intelligence) at a strategic scale, including people, process, and technology
  • Developed killchain oriented approaches to threat management
  • Exposed to a wide range of security operations tools
  • Splunk Enterprise Security
  • Lancope StealthWatch NBAD
  • EnCase Enterprise
  • RSA ECAT
  • Fidelis XPS
  • Carbonblack
  • Resilient Workflow Management
  • Enterprise security project and program management including multi-million dollar capital projects
  • Extensive process and documentation development
  • Developed hunting operations to proactively identify unknown threats to enterprise security

Confidential, Owings Mills, MD

Lead CyberSecurity Analyst

Responsibilities:

  • Led an Incident Response Team including senior and junior analysts
  • Responsible for triage and incident response for large, geographically distributed, healthcare organization including system, network, application, and database security
  • Extensive enterprise forensic investigation (Windows, Unix/Linux, Network)
  • Responsible for planning, installing, managing, and maintaining a variety of Confidential toolsets
  • Confidential QRadar SIEM (including full packet capture)
  • Lancope StealthWatch NBAD
  • EnCase Enterprise
  • Cybersponse Incident Response Framework
  • Bit9 / Carbonblack
  • Confidential Guardium
  • Rapid7 and Confidential AppScan Vulnerability Assessment Platforms
  • Palo Alto Next Generation Firewalls
  • Cisco Next Generation IPS (formerly Sourcefire)
  • Enterprise security project and program management including multi-million dollar capital projects
  • Developed runbooks for handling of a variety of incident response types
  • Developed use-cases for Advanced Persistent and Insider Threats
  • Mentored junior analysts

Confidential, Baltimore, MD

Sr. Managing Consultant

Responsibilities:

  • Responsible for the creation and maintenance of a Security Operations Center for a federal health care project
  • Design, develop, implement, and maintain all aspects of FISMA, HIPAA, and Confidential information security assessments
  • Design, develop, implement, and maintain information security infrastructure including firewalls, intrusion detection, vulnerability management, network and system infrastructure, client configuration, and remote access
  • Draft and manage policies, procedures, and work instructions
  • Manage exchange of sensitive information between federal client and multiple heterogeneous contractors
  • Extensive project management of various projects within the scope of risk management and information security
  • Manage a staff of between two and five analysts handling day-to-day incident response and cybersecurity responsibilities
  • Extensive travel to geographically remote locations in support of securing geographically diverse client requirements

Confidential, Columbia, MD

Director

Responsibilities:

  • Responsible for information security policy and projects for a diverse holding of companies offering a variety of financial products
  • Responsible for intrusion detection/prevention system design, implementation, policy, and maintenance for an array of sensors
  • Handled security incidents on a daily basis including system forensic and network protocol analysis with a variety of support tools
  • Performed penetration analysis and security audits using a wide variety of internally developed tools and customized open-source applications such as Nessus and Metasploit
  • Responsible for the internally developed software infrastructure for multiple companies
  • Managed a team of 3-8 full-time software developers, a project manager, and a staff of part-time contractors
  • Managed projects through complete software development life-cycle
  • Developed internal project proposals and performed complete Return on Investment (ROI) and Cost of Consequence modeling for all proposals
  • Managed an aggressive Work from Home program

Confidential, Baltimore, MD

Information Security Consultant

Responsibilities:

  • Consulted with multiple Confidential 1000 clients around the United States in an incident response capacity including development of post-remediation strategies and vulnerability assessment protocols to identify potential trouble areas before the onset of an incident
  • Designed, drafted, and implemented a large scale IDS/SEIM evaluation for an international and geographically diverse client
  • Extensive research and development on open-source Linux and BSD platforms
  • Consulted with local and national businesses on information security policies and technologies under a variety of auditory frameworks

Confidential, McLean, VA

Sr. Information Security Engineer

Responsibilities:

  • Member of a 21-person team responsible for assessment of information security assets at the Confidential Corporation ( Confidential )
  • Built and maintained an open-source database of information security vulnerability information; responsibilities included schema design, extensive coding in Python and Perl, web interface design and construction, documentation development, and Linux system and security administration within a virtualized VMWare environment
  • Performed extensive infrastructure and application security assessments and penetration analysis
  • Responsible for project management of a variety of software development and security activities
  • Provided technical security expertise in Solaris, Linux, and Cisco security to other group members as needed including formal and informal training program
  • Published in December, 2005 edition of rlogin
  • Developed an ARPA information security research proposal

Confidential, Rehoboth Beach, DE

Information Security Consultant

Responsibilities:

  • Consulted with local small businesses on information security policies and technology
  • Designed a large scale intrusion-detection and intrusion-prevention rollout across eleven geographically diverse sites; lobbied for and received funding and executive support for the project; managed a team of consultants and contract labor for the implementation
  • Assisted a local value-added reseller in their training program
  • Consulted with a variety of Confidential 1000 clients around the United States in an incident handling capacity

Confidential, Lakewood, CO

Sr. Information Security Engineer

Responsibilities:

  • Responsible for global information security program development at a strategic and tactical level
  • Responsible for development of all technical and non-technical security programs, including all information and physical security policies, procedures, and work instructions
  • Responsible for implementation of all technical security solutions including firewalls, intrusion detection systems, vulnerability management platforms, system and network infrastructure, and client configuration templates
  • Extensive project management of security and peripherally-related projects
  • Project lead on corporate HIPAA/Security compliance
  • Packaged, marketed, and sold security processes within the organization, developing a consensus of support for information security within a budget-limited environment
  • Managed vendors, consultants, and contractors in security-oriented tasks

Confidential, Norwalk, CT

Director of Security

Responsibilities:

  • Responsible for all physical and information security initiatives for a large, international, internet-based travel company
  • Responsible for all technical security projects including system hardening, penetration analysis, log management, and honeypot/honeynet management
  • Responsible for network architecture, design, and maintenance of an international WAN and campus-wide Cisco network environment
  • Responsible for resurrection of failed $1.5M network management project completed under budget and under schedule
  • Drafted, maintained, and extended security policies and procedures
  • Implemented, tested, and maintained security incident response team
  • Managed several multi-million dollar projects from initiation to completion
  • Designed and deployed information security auditing, penetration testing, and intrusion detection systems
  • Extensive security incident handling and management
  • Extensive use of virtualized system environments of incident response and penetration analysis
  • Managed a staff of engineers in a team-oriented environment

Confidential, Nashville, TN

Enterprise Security Architect

Responsibilities:

  • Contracted to the State of Tennessee, Office of Information Resources for the length of employment
  • Responsible for technical and non-technical network security projects for State of Tennessee’s 1000+ node Cisco-based WAN
  • Vendor selection, design, implementation, and maintenance of large-scale Checkpoint Firewall-1 installation
  • Vendor selection, design, implementation, and maintenance of Virtual Private Networking technologies across hundreds of remote physical locations
  • Extensive incident handling responsibilities involving frequent liaison with federal, state, and local law enforcement

Hire Now