Austin Dunn Email and Phone Number

As a Senior Security Engineer at Google, I am passionate about securing the infrastructure and applications that power the world's leading technology company. I have a deep understanding of how systems and applications interact with the network on premise, hybrid, and cloud (GCP), and I enjoy solving problems with Python.I have over nine years of experience in security engineering, working with various teams and projects across Google, where I was the Inventory and Risk Team Lead, along with Box and eBay(StubHub). I have contributed to the development and implementation of security policies, standards, and best practices, as well as the identification and mitigation of security risks and incidents and risk exposure management. I have also acquired multiple certifications in security, networking, and cloud computing. I hold a Master of Science degree in Cybersecurity and Information Assurance at Western Governors University.

Devices & Services Infrastructure Security. Inventory & Risk TL.

Provision, maintain, and secure a hybrid GCP/On-Prem. Environment to provide a secure and stable environment utilizing both compute instances and K8 architecture. Working closely with developers to ensure their needs are understood and met. At times help developers to own their code end to end by providing them feedback on how to operate in a more secure and efficient way. Using terraform to maintain a complex hybrid environment through the use of deployment pipelines and source control. Design a multi-region environment which allows for growth and expansion. Provide security through automation of patching and upgrades.

Monitoring and improving security posture. Frequent cross team collaboration with compliance, developers, and architects to bring a well-rounded security culture. Working on with both cloud and on premises architectures to find security solutions to identified gaps such as: • Vulnerability management • Firewall automation and policy control enforcement • ASV scanning and remediations • SIEM admin: o Generate reports, alerting, & dashboards off OWSAP top 10 vulnerabilities to assist productivity of the SOC o Administer log ingestion, retention, and data curation o Architect and buildout an advanced logging architecture • Network traffic analysis • Evaluate and POC controls to help improve security posture

Member of global security network operations team.• Monitoring: Investigating network and security alerts for all StubHub sites & platforms, and building actionable use-cases.• Incident Response: Running significant network and security incidents – whether classified as such by severity matrix or visibility implications.• Advanced IR: Providing fraud and attack analysis, forensics, and threat intelligence to the company and T&S in the context of incident response.• SIEM Admin: collect, filter and analyze network traffic.• Set up & build the security alerts in Splunk ES for the SOC team • Test the alerts that were configured in Splunk ES or other security tools against a live fire white box hack, with every intention of firing an alert.• Manage security tools, vendor relation, configuration, maintenance, and training other team members. • Contributed to 99.99% availability of stubhub.com platform in 2017, exceeding business goal, by managing & coordinating the changes on the platforms.• Enabled critical integrations and enforced security standards by configuring our security tools, and automation.• Discovered critical systems, application and network security flaws and implemented fixes or collaborated with other teams to prevent exploitation.• Contributed to the creation of C-FLAT team cultural expectations that each team member should abide by:- Challenge the status-quo – Be creative, simplify, and improve how we monitor and respond. - Focus on the right thing – Optimize the alerts and resources to ensure 100% response rate- Lightweight process – Take Ownership. If we lack a particular process or procedure, then write and documented it on the wiki and transfer it to the rest of the shifts. - Automate – Whether it's by SNOC team or with the assistance of another team, automation should always be on the forefront of what we do.- Tracking – Track all incident with RCA and corrective action (Sev1, Sev2, Sev3)

Systems Administrator for Windows, Linux and Solaris Systems. Supported diverse suite of internal applications and tools hosted in our data-centers.• Improved the availability and security of Active Directory services by optimizing replication topology and enforcing IPSEC encryption between sites.• Progressively administered Siebel CRM deployment with 1500 customer service users by proactively sitting with users, collecting pain points and escalating issues to app developers.• Enabled automated Siebel code deployments with PowerShell allowing developers to quickly release and hotfix code improving customer service interactions.• Introduced automated software package deployments using PowerShell in order to scale Windows Server deployments.• Delivered project to implement 2-factor authentication for RDP and SSH access to production jump hosts.• Designed and deployed automated patch management for all Windows systems using WSUS, GPOs and custom scripts.• Responded to trouble tickets and account management escalations from NOC.