In my role as a Principal Consultant I manage several internal projects as well as implement and customize SIEM infrastructures for various customers. In my role I am also responsible for building out our best practices, standard templates, standard content, reporting etc... for our engagements to be used by our various consultants. I handle the creation of custom content and parsers for our customers unique infrastructures, and also building out the ability to provide these services as subscriptions.

• Lead the direction and focus of the project with the other founding members. • Designed and architected the framework for our Distributed Honeynet Project. • Designed, architected and implemented a streamlined and modular approach of incorporating other honeynet infrastructures to work with ours to expand our visibility and exposure.

Designed and implemented a Security Operations Center

• Designed and architectured the Phase 2 implementation of the NASA Security Operation Center. • Lead the integration of QRadar's netflow collection environment with ArcSight for better visibility into alerts generated by the various reporting devices. • Designed and implemented a secondary online (long-term) log retention solution that was seamlessy intergrated with SIEM infrastructure.• Implemented and integrated a 3rd party ticketing system with our SIEM infrastructure to keep track and records of closed and on-going cases. • Created and implemented the Phase 2 use-cases as well as refined existing use-cases to leverage updates to the infrastructure as well as the SIEM.

Decurity seeks to simplify IT security. Decurity provides strategic vision for organizations so they can make use of existing investments and intelligently invest in the future so that CIO's can show real value and increasing business enablement.Decurity has significant expertise with SIEM, Enterprise Information Security Operations and Incident Response Solutions and provides that expertise to US Government and Fortune 1000 entities seeking to regain control of their IT Operations.

- Responsible for the Intrusion Detection Infrastructure for both corporate and the wireless presence at our stores nationwide. - Designed and implemented a SIEM infrastructure to leverage existing security devices and content. - Designed and implemented a key management system to provide encryption capabilities to our various e-Commerce functions. Tasked with daily administration, support and training of staff. - Documentation projects to include Policies and Procedures regarding all aspects of the Security team.

• Design, maintain, install and support the SIEM infrastructure for event collection and management. This also includes support of the Host-based Intrusion Detection Systems (HIDS), Network-based Intrusion Detection Systems (NIDS), Policy Management, and the back-end databases.• Created standards, procedures, and flowcharts on Analysis techniques, SourceFire deployments, and Correlation to support ISO 17799, SOX audits, as well as external audits. • Lead escalation analyst for the Threat Team. • Lead the redesign and implementation of the Intrusion Detection infrastructure. Through consolidation monitoring capabilities were expanded to include our international presences. • Lead the design of UK IDS/IPS infrastructure deployment. • Managed and maintained IDS deployment and integration with Event management infrastructure.• Documentation projects to accurately define the roles, activities, critically on all aspects of the Threat Team.

Analyzed, maintained and administered a NIDS deployment consisting of 53 network based sensors. Created and standarized daily, weekly and monthly reports provided to the customer from our SIEM infrastructure as well as various other reporting devices. Tuned and filtered the system to allow for accurate analysis of alerts generated by both our NIDS and SIEM deployments. Through tuning were able to cut down analysis time of (routine) alerts by half.

Security Analyst II in the Managed Security Services section of the business.