Matt M. Email & Phone Number

Chicago, IL, US

Responsible for continuous improvement of defensive Cybersecurity Operations, Incident Response, and Vulnerability Management. Major advisor to CISO/CTO/CIO in all Information Security matters. Additionally, I provide executive support to internal and outside legal teams for compliance and litigation efforts.Current certifications: CISSP, CISM, GCIA, GCED.

Chicago, IL, US

• Executed a plan addressing attack surface cyber risk reducing cyber insurance costs by 30%.
• Established a risk assessment process to quickly assess and approve requests from business and technology units.
• Established a robust managed detection and response program improving incident response key performance indicators.
• Expanded cybersecurity use cases to detect and contain modern threats to cloud and on-prem business systems.
• Expanded the vulnerability management program to cover a growing cloud footprint increasing asset and vulnerability discovery by 25%.
• Improved enterprise-wide incident response processes facilitating purple team exercises and executive tabletops.

Dallas, Texas, US

• I built and led the Cybersecurity Operations Center (CSOC) and Incident Response program for a national ISP-telecom.
• Expanded cybersecurity operations, hiring and maturing a large team of high caliber cyber defenders.
• Established an effective program to train defensive cybersecurity skills in house.
• Fostered an environment of learning and professional growth for all defenders, resulting in an extremely low turnover rate. Something very rare in cybersecurity operations.
• Matured capabilities, processes, and use cases reducing meantime to detect and mean time to respond key performance indicators.
• Established enterprise threat hunting operations to detect Advanced Persistent Threats and zero-day Indicators of Compromise in the environment.

Plano, Texas, US

Stopped by for a quick cup of coffee.

Dallas, Texas, US

• Established cybersecurity operations for a national telecom/ISP.
• Hired and trained a team of analysts focused on defending the enterprise.
• Defined processes and playbooks for security event triage and response.
• Coordinated "Purple Team" exercises to train analysts in current threat detection.
• Led Incident Response efforts while working with internal and external stakeholders across organizations.

Dallas, Texas, US

• Led efforts to build out cybersecurity operations tools for a large enterprise including defining workflows, processes, and policies.
• Authored the company Incident Response Playbook.
• Major contributor for the implementation of SIEM in a large environment, including build out of use cases and correlation rules.
• Proficient with CrowdStrike Falcon endpoint detection and response (EDR).
• Proficient with WireShark and tcpdump for packet inspection and incident triage (GCIA certified).
• Proficient with Indicators of Compromise (IOC) on Windows, Linux, and network device endpoints.

• I was contracted to Frontier Communications during this period.
• Engineered and administered Storage Area Networking for critical business applications.
• Administered and managed security access to data shares for the enterprise.
• Authored company backup and restore, acceptable use, and disaster recovery application policies.

Washington, DC, US

• I retired from the Navy as a Chief Naval Aircrewman (Avionics). I have held many leadership positions and technical roles over my 20 year military career. I worked very hard to establish my reputation as a leader.
• Managed combat reconnaissance operations for the largest special mission unit in Naval Aviation.
• Performed various leading technical roles while flying in combat patrol and reconnaissance aircraft.

Master Of Science - Ms, Information Security

Post-Baccalaureate Certificate, Cyber Defense Operations

Bachelor Of Arts (Ba), History