- Tactical - minded Security Operations Engineer with 18+ years driving system and site security using diverse technical tools and operations security to strategically find and implement practical solutions.
- Extensive record of strategic development of new highly effective procedures, rules, and network tools to conduct investigations to gather facts with the goal of removing existing or potential threats to enterprise and network security.
- Partnered with Columbian Ministry to remove child pornography sites in DNS and firewalls across Latin/North America
- Actively investigate, monitor, and mitigate intrusions, corporate system attacks, and incidents of malware
- Spearheaded the setup and launch of numerous security procedures, rules, and preventive security processes
- SIEM | Security Information & Event Management
- Palo Alto
- Symantec End Point Protection
- CALEA | Communications Assistance for Law Enforcement Act
- Radware / Arbor
- Nexpose Vulnerability Scanning
Confidential, Westminster, CO
Sr. Cyber Security Engineer
- Was hired as a member of Ball’s Security Team and to assist with the current Security Tools.
- Became the primary contact for the Palo Altos, which needed to come up to current code.
- Assisted with the Splunk (SIM v1.0) Project, helped with proof of concept by creating 21 dashboards.
- Splunk is now a full working SIM with multiple dashboards for Security Operations.
- Created multiple knowledge transfer documents/SOP’s so the knowledge would not be lost for tools and processes.
- Assisted with setting up regular vulnerability scans using Nexpose Rapid7 and also part of the Patch and Vulnerability Team (PVG).
- Secondary contact for upgrades and scans using Symantec Endpoint protection. Manage daily operations for Malware alerts, Spam, and ticket queue.
Confidential, Broomfield, CO
Security Operations Engineer/Security Advanced Support
- Led the Security Operations team through various projects, process improvement initiatives, and team collaborations.
- Leveraged multiple technical tools to activate firewalls, track metrics, and document protocol.
- Developed and implemented new procedures, platform evaluations, and system security processes.
- Participated in special projects to investigate intrusion attempts, antivirus/malware issues, and DDOS attacks against clients and the company.
- Set up Firewalls to preemptively guard against security threats.
- Maintained ongoing knowledge of client network security needs and appropriate access levels created and tuned rules and executed system administration.
- Managed Palo Alto Firewalls bringing them up to current code and keeping them working properly.
- Brought Splunk from Proof of Concept to SIM V1.0.
- Took initiative to assist the SOC and co-workers with process improvements as well as training staff to sharpen their skills, earning a reputation as the go-to person who either knew the answer or researched to find it.
- Key party in launching the Network Protect Service by aligning with customers to evaluate their specific requirements and using this information to draft a detailed Access Control List (ACL) for their router interface to prevent common and uncommon attack vectors.
- As one of only three SIEM Administrators, contributed to developing and defining rules as well as conducted research and testing various SIEM products for current and future needs.
- Designed and maintained the Wikis for the entire Security Division as well as for the Network and Enterprise teams.