Matthew Keener Email and Phone Number

Capability Lead for single workstream in very large security modernization project, representing Security Operations.Current role description:- Design solutions to close existing and emerging security gaps by engaging system owners and business leaders through open dialogue and local business systems.- Proactively engage project owners on new technology based project deployments that may impact SOC- Develop and maintain requirements to transition technology solutions from project deployment phase to operational phase.- Oversee vision and implementation of incident response automation strategy- Asses SOC readiness to respond to new threat vectors and make recommendations to increase security- Develop and maintain SOC technology architecture design document- Serve as SOC Capability Lead in modernization program, leading delivery of the solutions within the scope of the workstream- Provide final approval on key functional decisions, business processes, and system configurations

I coordinate incident response across multiple business units in a very large manufacturing company (50k+ employees). I also provide advisory and escalated support for incident response, including digital forensics. - Wrote 20+ playbooks for Security Operations and Incident Response- Coordinated new and custom content packages with MSSP- Led and participated in multiple investigations into server and workstation compromise- Created and led an intensive, two day combination tabletop and training exercise, using a created phishing scenario and evidence using Powersploit- Led SOAR implementation for corporate and all subsidiary companies, including: * Proof of Concept for purchasing a SOAR product, including gathering requirements, narrowing down candidates, and full workflow development and testing for 4 products * Creating the majority of workflows used at both corporate and subsidiary levels * Integrating with ticketing systems, enrichment and investigation related sources, and containment sources such as Splunk, Zscaler, Active Directory, Cherwell, Servicenow and more.

I managed the Security Operations Center at a Financial Institution. I provided supervision, technical escalation, training and professional goals, and leadership for a team of 8 analysts.

I was the senior security analyst in the Security Operations Center for Pentagon Federal Credit Union, the Incident Response Team Lead, Technical POC for our Phishing Service and the back up SIEM administrator.

I was an Information Security Engineer at multiple projects in the Federal space, working on small security teams. Since the teams were small, I was fortunate enough to have been challenged in a number of areas including:Network Monitoring (Arcsight watch officer, analyst, and super user)Vulnerability Management (Army IAVM, Tenable Security Center implementation and administration, Nessus, BeyondTrust/eEye Retina administration and analysis)Endpoint Protection (McAfee Host Intrusion Protection 7 and 8, McAfee VirusScan Enterprise 8.8, McAfee ePO Server 4.5, HBSS Administrator)Security Authorization (Compliance, Risk Analysis)Developing Security ProcessesDeveloping and following a project plan for a year of ArcSight content generation (Integration with Oracle Databases, integration with SAP, inventory automation)

Responsible for maintaining a small wireless network, administrating SQL Databases and Windows Servers, writing simple programmatic tools to simplify and automate processes, and training new technical analysts.

Responsible for managing up to 30 students and providing a creative and integrated set of lesson plans that conformed to state requirements. Position required significant organizational and presentational skills.

Responsible for managing up to 20 students and creating lesson plans that emphasized portions of the curriculum in order to reinforce the regular school year curriculum for students who did not succeed during the regular school year. Involved similar skills to teaching at Madison County, with more emphasis on efficiency and flexibility.