James Slowey Email and Phone Number

• Incident Commander of Cyber Security Incident Response Team responding & leading multi-team investigations related to privileged data exposure, high profile vulnerabilities, and active threats to EG systems & brands.• Responsible for confirming threat level of an event, identifying relevant teams, establishing remediation steps, acting as primary point of guidance as teams work towards resolution, documenting incident, and communicating with stakeholders.• Work closely with other teams within Cyber Security Organization to improve cross team ticket completion and/or information sharing. Acting as a liaison for CSIRT team to provide input on projects from a cyber security response perspective, help define/document new workflows, or give historical details about an event when needed.• Assist in business level projects such as PCI/PII audits, corporate policy updates, tool/service testing and deployment such as MFA, EDR, SOAR, or SIEM platforms• Review completed cases by Security Operations Analysts for emerging threat trends, possible operational improvements & pain points in ticketing system, ensuring cases are being investigated & documented to meet department standards, and provide individual training if needed.• Tier 3 level escalation for Cyber Security Operations and Insider Threat Operations team. Often act as either an ad-hoc escalation point or source of guidance to other teams due to being known by their leadership from work we did in a Incident Response level event previously.• Create and/or update custom detection rules in security tools to identify or prevent possible new threats, reduce false positives, or improve event to provide more actionable details to Security Operation Analysts.

• Investigation & Remediation of asset compromise or widespread threat attacks against EG.• Escalation point for case work & incidents for T1 and sister teams such as Insider Threat andVulnerability Management.• Confirm validity and implement blocking of IOCs in applicable tools based on findings in incidentsor as escalated up through T1 cases.• Assist T3 on Threat Hunts, process improvement, automation, rule improvements, and highpriority incidents as needed.• Training and guidance of T1 on tools, security processes, and ticket improvements• Create alarms, dashboards, runbooks, and similar process automation tools to improve Time-to-Discovery of possible security events and/or malicious activity.• Assist in support documentation and KB writing for new issues and process optimization.• Team AWS SME for incidents and security recommendations on projects.• Technical lead on multiple critical level security incidents. Worked closely with IncidentCommanders to investigate, document, and remediate issue.

• Data & Network security monitoring in 24x7x365 team.• Monitor network traffic, AV reporting, and vulnerability scanners for threats & weaknesses incorporate environments.• Team lead on supporting development of custom machine learning user historical behaviorsecurity model.• Respond to "Code Red" situations to discover issue, mitigate threat, provide remediation, anddevelop prevention strategies for future occurrences.• Work with Incident Response team on cloud based incidents and provide expertise forremediation.• Monitor ~600 AWS accounts and maintain security standards to limit risk exposure..• Report violations and priority of detected weaknesses to department leads to be remediated.• Recommendation on optimal use of each cloud service and functionalities to update workflows.• Work directly with developers to build infrastructure and migrate on-prem applications.• Test hardware, AV, encryption, and backup settings for new equipment, software, and projects.

- Documentation and KB writing for remediation steps, issue resolution, and process optimization.- User support and advanced troubleshooting for hardware, software, network, and account settings.- Daily shift at "Walk Up Desk" to assist users with rapid issue resolution. - Low level physical network maintenance. Assist in networking hardware replacement and installation.

- Configure hardware, OS, encryption and backup settings for new company equipment and users.- Ensure backup systems operation, reliability, configuration, and ease-of-recovery for user machines.- Train interns and contractors on hardware, software, and appliance settings and best practices.- Maintenance and configuration of desktop hardware, teleconference systems, and networking equipment.- Provide “overflow” and backup assistance to other teams as skills allow.

- Freelance small home and office technician. Specializing in network configuration and hardware repair services on the Mississippi Gulf Coast.- Consultation of clients on hardware purchases to best suit operations.- Consultation of practices, policies and technical support about government compliance such as HIPAA.- Acted as direct contact for vendors, suppliers, and service providers.- Analyzed and repaired client systems for security concerns and malicious attack vectors.- Installation, configuration, and troubleshooting of desktop, laptop, servers, and networking equipment.

- Lead IT support technician and junior system administrator for the “College of Osteopathic Medicine” medical school. Other duties included overseeing recording and editing of weekly simulation testing, and assisting in maintenance and operation of medical simulation hardware- Maintenance and deployment of computer hardware, software, networking, printers/copiers, and phones.- Junior admin for medical school AD account permissions, group policy, and network configuration.- First point of support for over 500 faculty, staff, and students via helpdesk tickets, phone, and/or office walk-ins.- Worked directly with vendors on warranty replacements for in house hardware repair, and software updates.- Reduced downtime due to hardware failure via a device loaner program and imaging & deployment solutions. - Conducted regular training sessions or consultation with users about IT policies, hardware, software or general Q&A.- Custom designed and configured server hardware to improve student testing time and grading optimization.

- Producer and technical specialist of weekly live broadcast of Main Street Baptist morning service on local TV station.- Ensured regulatory compliance and equipment performance.- Maintained audio/visual equipment, storage server, networking equipment, workstations, and server OS.- Trained program interns on proper procedures and operation of production equipment.- Worked with vendors for hardware replacement and upgrades.