Erik Graham

Erik Graham Email and Phone Number

Security Incident & Investigations Manager at Marsh & McLennan Companies, Inc. @ Marsh & McLennan Companies, Inc.
Erik Graham's Location
Mesa, Arizona, United States, United States
Erik Graham's Contact Details
About Erik Graham

Information security expert/subject matter expert whose qualifications include a Master’s Degree in Information Assurance; CISSP, CISSP-ISSAP, CISM, CRISC and other industry certifications; detailed knowledge of multiple security architecture frameworks, technologies and regulatory compliance standards. Sixteen years of experience in the creation and deployment of solutions protecting networks, systems and information assets.Key Skills:Security Architecture Frameworks, Regulatory Compliance, Risk Assessment/Management, Threat Intelligence, Cloud Computing, Network & System Security, Vulnerability Assessments, Multitier Network Architectures, Malware Analysis and Identification, Mobile Device ManagementCertifications: CISSP, CISSP-ISSAP, CISM, CRISC, CWNA, MCNE, CNE, VCA, VCE, A+, Network+, Security+, 3Wizard, Certified locksmith … Special areas of interest / research include computer network attack (CNA) and threat intelligence.

Erik Graham's Current Company Details
Marsh & McLennan Companies, Inc.

Marsh & Mclennan Companies, Inc.

View
Security Incident & Investigations Manager at Marsh & McLennan Companies, Inc.
Erik Graham Work Experience Details
  • Marsh & Mclennan Companies, Inc.
    Security Incident & Investigations Manager
    Marsh & Mclennan Companies, Inc. Sep 2014 - Present
    New York, Ny, Us
    Member of the Global Information Security Assessment and Incident Response team, responsible for ensuring the organization consistently adheres to its technology security policies and best practices through the implementation and use of various technical security risk assessment tools and methods.• Identify, Document, and communicate technical Information Security Risks in the organization’s data, networks, systems, and applications using standard company toolsets and assessment processes. Assist the development and refinement of global processes as required to ensure continued effectiveness;• Conduct Technical Risk and Change Reviews, enforcing Security Policies and ‘Smart’ best practices as required, ensuring information is appropriately secured. Engage business and project teams to clearly explain policies, decisions, and appropriate next steps to maximize efficiency and productivity of the Security Assessment process;• Review, contain and resolve information security incidents and conduct forensic investigations. Lead incident response calls and meetings with IT, legal/hr/compliance and other business staff in support of investigative activities;• Monitor and research information sources for 0-day and emerging Information Security threats and vulnerabilities impacting the organization and recommend, direct, and/or implement appropriate solutions to mitigate;• Influence technical and strategic direction of the Information Security function as it relates to keeping information secure and available for all MMC clients and staff.
    View
  • General Dynamics C4 Systems
    Enterprise Security Architect / Senior Threat Intelligence Analyst
    General Dynamics C4 Systems Jun 2011 - Aug 2014
    Reston, Virginia, Us
    • Member of the Enterprise Architecture Council responsible to define Principles, Target Architectures, Policies, Standards and Frameworks;• Determine security requirements by evaluating business strategies and requirements and comparing them to existing security standards;• Conduct system security and vulnerability analyses and risk assessments; • Study both deployed and proposed architecture and platforms; identify integration issues and prepare cost estimates;• Develop and maintain roadmaps for various security products and technologies;• Plan security systems by evaluating network and security technologies; • Develop requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; • Promote the concepts of information life cycle management including proper information management techniques, minimizing redundancy, improving data and information quality, and fostering data and information stewardship;• Maintain a threat intelligence process to assess threats to the business so limited security resources can be focused on immediate threats to the business in a cost effective manner;• Have spoken numerous times at both local and national conferences on a variety of information security topics including classified and unclassified audiences;• Cleared for for Top Secret (TS) w/polygraph.
    View
  • General Dynamics C4 Systems
    Principle Information Security Engineer / Threat Intelligence Analyst
    General Dynamics C4 Systems Jul 2009 - Jun 2011
    Fairfax, Va, Us
    • Planned security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards;• Designed and evaluated the security elements of a large private cloud environment;• Maintained a threat intelligence process to assess threats to the business so limited security resources can be focused on immediate threats to the business in a cost effective manner;• Developed and maintained roadmaps for various security products and technologies (HIPS, NIPS, encryption, anti-malware);• Converted legacy security policy and standards to meet NIST 800-53 Rev 3 (FISMA) moderate controls;• Certified and accredited several projects / applications with federal customer;• Spoke at both local and national conferences on a variety of information security topics;• Enhanced security team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members;• Updated job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations;• Cleared for Top Secret (TS) w/polygraph.
    View
  • General Dynamics C4 Systems
    Information Security Manager
    General Dynamics C4 Systems Aug 2001 - Jul 2009
    Fairfax, Va, Us
    • Responsible for all aspects of information security within the General Dynamics business unit, C4 Systems; • Led a 6 person team whose responsibility was to protect the confidentiality, integrity and availability of C4 Systems informational assets of over 13,000 devices used by approximately 8,000 individuals; • Developed, documented and deployed a NIST based information risk assessment methodology; • Extended the risk assessment methodology to cover the evaluation and assessment of network protocols to determine the security risks posed by the protocol and methods to mitigate those risks where possible; • Extended the risk assessment methodology to cover the evaluation and assessment of both commercial as well as open source software packages to determine the security risks posed by the software and methods to mitigate those risks where possible;• Developed a threat intelligence process to assess threats to the business so limited security resources can be focused on immediate threats to the business in a cost effective manner;• Analyzed and evaluated the security of the enterprise Voice Over IP (VOIP) deployment to identify the risks posed by the design/deployment and recommended appropriate changes to ensure the security policy and standards of C4 Systems were met; • Analyzed and evaluated the security of VLANs, 802.11 and other technologies and protocols to identify the risks posed by the technology/protocol and provide guidance as to how to secure the technology/protocol;• Analyzed the business requirements for both email and file/folder encryption and then developed and deployed a standard file, folder encryption tool across the business unit; • Ensured informational assets met FISMA, SOX, HIPAA, California SB 1386, and other state, federal and international laws and regulations as required;• Spoke at both local and national conferences on a variety of information security topics;• Cleared for Top Secret (TS) w/polygraph.
    View
  • Motorola - Corporate
    It Security Engineer
    Motorola - Corporate 2000 - 2001
    Chicago, Illinois, Us
    • Responsible for all aspects of workstation (Win 9x, WinNT, Win2000, Unix) and server (WinNT, Win2000, Unix) security to include vulnerability testing, and designing/implementing security policies and procedures; • Led the project to design, develop and deploy an enterprise wide public key infrastructure project (PKI). Responsibilities on the PKI project included analyzing business needs, analyzing possible solutions and designing, testing and deploying the final solution; • Led the team responsible to develop and document the security standards for Windows 2000 Active Directory, Server and Workstation; • Led the penetration testing team responsible for performing both internal and external penetration test across the enterprise; • Worked as part of a team to design and implement a network and host based intrusion detection system; • Developed and implemented an incident response policy for computer security incidents; • Worked as an investigator, providing computer forensics for security incidents; • Provided support to HR, Legal and physical security on computer related incidents; • Tested and deployed encryption packages for use on multiple email and file systems; • Provided support for anti-virus applications across multiple platforms; • Responsible for vulnerability testing on Novell NetWare servers, Microsoft Windows NT workstations/servers, Windows 2000 workstations/servers and provided additional consultation to resolve those issues discovered;• Cleared for secret (S).
    View
  • Motorola - Corporate
    Sr. Network Security Analyst
    Motorola - Corporate 1998 - 2000
    Chicago, Illinois, Us
    View
  • Motorola - Corporate
    Sr. Network Specialist
    Motorola - Corporate 1997 - 1998
    Chicago, Illinois, Us
    View
  • Vanstar
    Senior Systems Engineer, Enterprise
    Vanstar 1994 - 1997
    Us
    View
  • Us Army
    Infantry
    Us Army 1989 - 1997
    Arlington, Virginia, Us
    View

Erik Graham Skills

Cissp Information Security Computer Security Security Network Security Vulnerability Assessment Computer Forensics Information Assurance Penetration Testing Fisma Security Architecture Design Cism Security Policy Firewalls Information Security Management Networking Diacap Vulnerability Management Enterprise Architecture Anomaly Detection Crisc Issap Vpn Application Security Risk Assessment Digital Certificates Dcid 6/3 Nids Unix Pki Intrusion Detection Incident Response Ips Ids Iso 27000 Encryption Nist Risk Management Iso 27001 Security Clearance Security Audits C&a Security+ Vulnerability Scanning Threat Analysis Ceh Cloud Security Physical Security Wireless Security Malware Analysis

Erik Graham Education Details

  • Norwich University
    Norwich University
    Information Assurance (Ia)
  • University Of Phoenix
    University Of Phoenix
    Information Technology (It)

Frequently Asked Questions about Erik Graham

What company does Erik Graham work for?

Erik Graham works for Marsh & Mclennan Companies, Inc.

What is Erik Graham's role at the current company?

Erik Graham's current role is Security Incident & Investigations Manager at Marsh & McLennan Companies, Inc..

What is Erik Graham's email address?

Erik Graham's email address is er****@****an.info

What is Erik Graham's direct phone number?

Erik Graham's direct phone number is +160233*****

What schools did Erik Graham attend?

Erik Graham attended Norwich University, University Of Phoenix.

What skills is Erik Graham known for?

Erik Graham has skills like Cissp, Information Security, Computer Security, Security, Network Security, Vulnerability Assessment, Computer Forensics, Information Assurance, Penetration Testing, Fisma, Security Architecture Design, Cism.

Free Chrome Extension

Find emails, phones & company data instantly

Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Get Chrome Extension - Free

Aero Online

Your AI prospecting assistant

Download 750 million emails and 100 million phone numbers

Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.