Information security professional with over 17 years of technology experience. Defense, offense, and everything in between.
Mentor security team members by conducting individual weekly one-on-one discussions and weekly group project discussions. Act as a liaison between security and other teams to develop collaborative solutions that meet organizational security initiatives. Improve incident response plan by formalizing documentation, automating processes, integrating security tools with ticket tracking system, and centrally locating incident response evidence collection. Lead incident responder during critical and high security incidents. Improve security team effectiveness by prioritizing projects, balancing workload, and managing team schedules. Support company values by taking part in committees for both security and non-security initiatives. Work with M365 product library to improve, combine, and simplify security solutions. Guide security awareness program by planning communications, creating report templates for leadership, and approving trainings/phishing campaigns. Conduct tabletop exercises for security team to practice playbooks for incident response. Assist with previous job duties as needed.
Established new procedures for analyzing and responding to phishing and web proxy alerts. These job duties were then assigned to junior members of the team. Integrated security products with enterprise and open-source solutions to achieve better intelligence in a centralized platform. Improved vendor assessment process by creating an internal summary report for executive leadership. Created and tuned alerting and reports in multiple security tools including EDR, SIEM, IPS, email security gateway, and web proxy. Researched vulnerabilities and verified if vulnerabilities affected any production systems. Worked with other teams to remediate found vulnerabilities. Implemented new security tools and technologies by managing projects from initiation to completion. Tested information security tools using red team techniques to generate alerts or to test automation. Analyzed suspicious files to detect malicious activity.
Develop and maintain vulnerability management program, security policies, security infrastructure, endpoint security system, and end-user education program. Additionally, assist the networking/server administration teams and lead overall security initiatives. Major projects include updating all security policies, establishing a cybersecurity education program that includes simulated phishing, securely configuring web and email security gateways, auditing network environment and cleaning up unused accounts, and securing all possible internal websites with HTTPS.
Maintained servers, network infrastructure, and a fleet of mobile devices for the public safety department. Additionally, developed security procedures and automated software distributions for the city. Major projects included two full mobile fleet replacements, establishing a complete remote support environment, and setting up and deploying a multi-factor authentication system for public safety mobile devices.
Maintained network infrastructure and server environment for a software development company. Responsibilities included setting up test servers in a wide variety of operating systems (Windows, Linux, Unix, and Solaris), maintain Apache webservers, maintain network infrastructure (modem, routers, switches, firewall, and email security gateway), build and maintain user systems, and maintain tape backups. A major project included establishing a new and secure software repository that could be accessed remotely by developers.
Assisted the College of Engineering Information Technology team in providing support for the Center for Biofilm Engineering laboratories. A major project included replacing all computers in the student laboratory.