Matt Andre' Email and Phone Number

Responsibilities • Manage Qualys and Tenable.io vulnerability scanning responsibilities including configuring and running bi-weekly scans, compiling results, installing VM agents on servers, and leading remediation efforts.• Delegate vulnerability patching tasks/tickets to the network, server, and end-user teams for remediation • Writes vulnerability management processes, procedures, and policies around various vulnerability management programs.• Leads security incident remediation and investigation efforts as critical situations arise. • Organize weekly calls with various towers to inform them about the latest vulnerabilities in the environment. • Review risk management items with the client security director for compliance, audit, and remediation• Work with end-users, system admins, network staff, and application owners to help understand patches and upgrades; respond to questions and issues when needed.• Create ServiceNow tickets and assigned them to various team members for remediation.• Review existing VM documentation to validate that the information is correct and up to date.• Configure and run WAS scans (Web Application Scans) and report on the findings.• Daily review of threat advisory threads in the cyber-security world to have a more proactive vs. a reactive security stance. (i.e. CISA, Hacker News, Sans, NIST.gov, CVE.org, security week, etc)

Client Security Manager NAO-RACG http://atos.net/en-us/home/we-do/ito-services/managed-it-services.htmlResponsibilities• Set up monthly vulnerability scans within Critical watch, and Nessus tooling, and follow up with each tower manager to remediate the results.• Coordinate with the penetration testing group on yearly basis to review testing results and security best practices with clients.• Consult with offering managers on various security projects, or potential assignments. • Provide tracking and reporting on several different security products such as Proventia IDS, TSS Alcatraz (Atos policy checking tool), Symantec Antivirus, ART (Risk tooling), Qradar, ArcSight• Consult on various security emergencies such as DDoS/Dos attacks, compromised devices, ransomware, and other security red flags. • Address security ticketing queue and tickets that relate to various security issues such as: firewall access requests, AV Malware scanning, on-demand vulnerability scanning, and health check requests related to audit, regulatory and compliance stances for clients.Completed assignments and ongoing projects• Completed Forefront Identity Manager project which entailed moving responsibility away from the customer and into a security group within Atos• Completed work with the development team in bringing audit, compliance, and risk tools into a mature state to be rolled out globally wide in conjunction with eGRC• Worked with the offering manager to bring the management of all IPS/IDS devices away from 3rd party vendors and under Atos• Coordinated efforts between security groups that handle BladeLogic functionality in conjunction with members of the TSS Alcatraz project (Atos security policy compare and remediation tool.)

Security Intelligence Analyst (SIA) Clients: Fluor, Huntsman, UPS, Vanity Fair (VF Corp), Amex http://www-03.ibm.com/security/services/managed-security-services/Technical• Work as a liaison between the IBM SO team and MSS on various issues for both external IBM clients as well as internal IBM divisions• Project managed key security and privacy issues, risks, exposures, and vulnerabilities using workshops and assessments and develop security and privacy programs to meet client's business needs.• Manage device license renewals. • Policy tuning on: IDS, IPS, HIDS, CIDS devices.• Create detailed daily/weekly/monthly reports for security executives. • Lead weekly/monthly calls with clients to discuss various security projects.• Facilitate issues and coordinate troubleshooting between SOC personnel, server administrators, firewall teams, and others.• Ensure that all IDS, IPS, HIDS, and CIDS devices are running current event signatures.• Detect vulnerabilities and high priority incidents Projects• Configured all network IDS devices from passive to active blocking mode for all of Sterling's IDS devices deployed worldwide. • Reviewed effectiveness of policy filters, and other configurations on all: IDS, IPS, CIDS, and HIPS devices.• Created and implemented the “Quarterly Customer Contact” project.• Facilitated communications between AT+T, Verizon, Cisco, ISS, IBM, and various other vendors on updating Cisco IDS device licenses and coordinating the push of those license by SOC personnel.• Solved the problem of comparing vulnerably data with event logs to look for undiscovered threats.