Lewis Roach Email & Phone Number

Los Altos, California, US

New York, US

Mooresville, North Carolina, US

• Threat-based intelligence utilizing MITRE ATT&CK with Malware Information Threat Sharing Platform, an open-source intelligence platform for feeds and detection-based logic.
• Cyber threat intelligence analysis to assist the security leaders in making strategic decisions about information security. Helping security teams as well as implementation/support to assess and improve the overall.
• Conduct network, endpoint, and log analysis by utilizing various consoles regularly to analyze cybersecurity events via Elastic search, Logstash, and Kibana stack for SIEM.
• Case by case investigations and triage of Security Incident Response Platform via The Hive. Request and track mitigations to address cyber threats. Lead other incident response coordination and remediation activities.
• Experience utilizing CylanceOPTICS/PROTECT EDR tool integration for endpoint detection and response across clientele for cybersecurity as a service.
• Technical experience in managing Network Security products like firewall, web proxies, DDoS mitigation solutions – knowledge of Palo Alto FW/Wildfire Malware Analysis Engine.

La Jolla, California, US

• Maintain system readiness and providing in-depth cybersecurity analysis, and trending/correlation of large data-sets such as logs, event data, and alerts from diverse network devices and applications to identify and.
• Develop and execute Government approved security policies, plans, and procedures; implement data network security measures; operate Network Intrusion Detection; handle IS security incidents; support COOP/DR plans, and.
• Operate McAfee ePO Host-Based Security System (HBSS), firewalls, Intrusion Prevention Systems, Intrusion Detection Systems, other points of presence security tools, Virtual Private Networks (VPNs), and related security.
• Knowledge and skill associated with the use of cybersecurity tools, methods, and techniques. Including automated system analysis and design tools to assist with system vulnerability assessments.
• Implement and monitor project measures for communication systems, networks, and adhere to technical controls utilizing Standard Operating Procedures/Security Technical Implementation Guides in a DoD environment.

• Monitoring data sources to detect, characterize, and respond to attacks on the agency's computing environment, domain boundaries, network assets, and supporting infrastructures via SIEM.
• Maintain knowledge of DoD and station command structure, missions, programs, and organizational relationships across several branches. Knowledge of responsibilities assigned to those organizational relationships and.
• Integrate multiple information systems in a networked environment, evaluate and resolve cyber information system problems. repair to maintain mission capability.
• Demonstrated experience in vulnerability assessments includes web applications, networked appliances, enterprise solutions/systems, and remote access/support technologies through the use of industry-standard and custom.
• Use cost-benefit analysis principles to apply outlining standards while working with technical development teams and functional business teams for mission-critical IT service delivery per cybersecurity trends.
• Implement knowledge of programs and missions of the branch organization with market conditions for further development based on industry experience to improve direct contact with prospects and customers in the.

• Manage Cyberoam SIEM security appliance by virtual server technologies. Compiling ACL lists in host-based systems. Security policies and procedures for both virtual networks; Including HBSS, NIDS, and HIDS technology.
• Managed information security/technology strategy, policy, and architecture through a combination of matrixed and direct staff distributed across an international site. Multiple overlapping projects including.
• Providing infrastructure support and server/networking management. Monitor daily host and virtual server machines coupled with their backups.
• Project manage cybersecurity analysis of Critical Systems from start to finish.
• Created and organized folders for systems to better analyze the system’s implementation across the organization utilizing existing application management. Infrastructure hardware/software support for building for 40+.
• Administration of virtualization software for VMware for 2 separate networks.

Houston, Texas, US

• Department of Defense Central Adjudication Facility approved Position of TRUST for 9 years.
• Lead project management under integration standards set by TRICARE and VIP support for MetLife Executives.
• Successfully developed workflow integrations of technical solutions to TRICARE divisions within the MetLife environment.
• System and network administration and support, system maintenance, and operation of a Virtual Desktop Infrastructure (VDI) utilizing Citrix, Windows XP, and Windows 7. Other tools include SMS; Remote Desktop.
• Operational technical controls with sensitive Critical TRICARE information within the divisions in MetLife.
• Troubleshoot and administer assistance with MetLife VPNs on and McAfee Host checking applications for remote users.

• Application Program Interface consultant and account management.
• Technical assistance and website account administration for the United States Postal service customer and postal worker database.
• Troubleshooting of the USPS.com domain and various programmed property of the USPS.
• Assistance with software interface and ecommerce consumers for internet services /products associated with the postal service.
• Extensive use of Microsoft Office and SharePoint administration for conducting audit reports of quarantined accounts.
• Optimize use of existing applications