Senior Information Security Engineer
Current• Implemented a patching and vulnerability/compliance scanning solution• Implemented a SIEM solution incorporating data sources from cloud providers, firewalls, syslog and servers. • Implemented Enterprise Detection and Response (EDR) solution• Worked with managed SOC provider to ingest SIEM and EDR logs, manage groups for remediation of alerts• Built a vulnerability management program for the enterprise. Conduct scans, provide reports and work with IT/DevOps to remediate findings• Initiated a phishing testing and security awareness campaign using the Knowbe4 platform• Built intranet Information Security portal for security announcements, access to audit reports, and security metrics• Perform information security incident investigations, root cause analyses, and forensics• Implemented a firewall audit program• Create and deliver high quality written communications on security, compliance, and audit issues• Work with 3rd party penetration testing vendor for testing for all cloud products