John Moracho, Cissp Email & Phone Number

Northbrook, IL, US

• Lead the following four pillars of Security: SOAR & Security App Dev; SIEM (Content; Ops and Engineering) Security Platform Engineering; Database Activity Monitoring and Data Loss Prevention.
• Responsible for empowering our customers with protection by leveraging a robust set of security controls and services.
• Providing value for the customers by ensuring that our controls are efficient, affordable and have proven efficacy.
• Ensure that policies and procedures are in place to help guide our vision while creating a structured work environment.
• Collaborate with business stakeholders in order to help reduce risk and increase their cyber security posture.
• Mindful and responsible of managing large budgets. Exercising cost-benefit analysis on a cadence to ensure we are investing our time money and resources appropriately.

Northbrook, IL, US

• Advisor to the VP of Security Ops and the Director of Security Operations Center on all aspects of the Security Program across all Domains.
• Contribute and provide strategic planning for the growth of the security program.
• Assisted the onboarding process of Family of Companies and integrating the security program with said companies in order to monitor and respond to incidents while complying to enterprise standards and regulations.
• Interim leader in different service areas during times of attrition (ex. Sr. Manager over DPS; Training; IH).
• Uphold and make relevant CSIRT policy, Business Continuity planning and documentation in order to remain compliant as well as reduce risk.
• Developed and delivered the first Global Security Fusion Center War Game which consisted of over 100 individuals.

US

• Led the IT Security Program in all aspects across the enterprise as well retail stores.
• Responsible for hiring and building the security team.
• Introduced policy, procedure and controls in order to make company PCI-DSS Compliant as a Level 1 merchant.
• Worked with 3rd Party Auditors in order to provide artifacts and gain PCI compliance.
• Performed IT Control Gap Analysis. Process was put into place with HR to distribute and enforce.
• Led Penetration Testing that was done to reveal vulnerabilities which led to remediations in applications.

Charlotte, NC, US

• Developed and fostered the Xenial Information Security Program to adhere to company’s Gold Standards.
• Implemented and enforced Security Policies and Standards.
• Secured the Software Development Lifecycle. Deployed HPE Fortify Secure Code Analyzer in CI/CD pipeline.
• Developed and delivered IT Security Training.
• First responder to Security Incidents (Incident/Response).
• Oversee implementation of security controls and assisted in designing the architecture around them

Columbia, SC, US

• Responsible for building the Security Operations Center (SOC). Interview candidates, lead the team.
• Worked with the CPA 3rd Party in order to obtain a SOC 2 Type 2 report for our datacenter.
• Created in house DNS servers that are protected from DDoS attacks for customer and partner use.
• Led the team in becoming PCI compliant.
• Found gaps in security within the company and provided solutions to remediate issues.
• Report weekly to the Director of IT on findings; KPI and provide suggestions and track progress on current projects.

Redmond, Washington, US

• Created the first ISC² Chapter in Charlotte, became the President of the Chapter, held monthly meetings on Security topics. Membership has grown to almost 100 individuals. (albeit Chapter is now on led by new President)
• Created and delivered training to the group that helps other engineers solve complex problems.
• While in the Microsoft Security Team I resolved cases involving hacking, spoofing, user intervention and or any other types of compromises. Help determine RCA as well as advise on how to prevent such attacks in the.
• Supported Exchange Online, Exchange Online Protection and Office 365. Setup Hybrid scenarios for customer moving to the cloud and Mailbox Migrations.
• Secure customers messaging environments using encryption, digital signatures, antivirus as well as anti-spam protection ex. TLS, SSL, DKIM, DMARC and SPF to prevent spoofing and ensure trusted comms.
• Worked on the Incident Response team (IR Team), delivered training in India, work directly resulted in the development of first official Microsoft India Security Support Team.  I was awarded a Microsoft Gold Star.

US

• Provided technical support for all Antigen for Exchange customers throughout North America.
• Was responsible for Technical Account Management as well as a dedicated technician for about 20 clients, including the U.S. Marine Corps, Disney and Volkswagen.
• Became the Lead Engineer for Anti-Spam Defense (ASD).
• Delivered training to the group on various products including Antigen Enterprise Management.

New York City, US

• Managed all areas of support on multiple occasions when required.
• Redesigned Network Architecture in the N.Y.C. Operations Center to better suit the business.
• Created and configured a VPN connection with NAT for Wireless LAN client’s instadium events.
• Supported MS Exchange and domain services for all teams within the league.
• Created an ImageCast 3 server for automation and deployment of workstations.
• Installed MS Software Updates Server (MS-SUS) for centralized and managed updates to all workstations.

Boston, Massachusetts, US

• Built, tested and supported networks running Windows 2k Servers, Cisco switches and routers in financial institutions in NYC.
• Installed and supported MS Exchange Server 2000.
• Set up and configured Windows 2000 services for web hosting using IIS 5.0 (including OWA)
• Installed FTP, Terminal Services, backup services (Backup Exec.), Blackberry servers as well as antiviral solutions.

New York, US

• Supported all desktops/applications for the design company’s headquarters in Manhattan. This included both Windows and Macintosh.
• Repaired broken laptops (Sony, IBM and Compaq)
• Participated in weekly meetings offering ideas such as in-house training and other cost reducing plans for company growth.

New York, NY, US

• Installed and supported Windows 2000 & NT Servers on Compaq Proliant and DL-360/380’s.
• Implemented and deployed services for software file serving and print serving.
• Modified and set system policies (GPO’s) to reflect company policy.
• Contributed to the design of the network architecture for a new office.

• While working for this Application Service Provider I troubleshot issues for clients using Microsoft Office and Exchange services remotely on BlackBerry Devices. (Exchange 5.5)
• Configured AT&T Merlin PBX and telephone stations for internal users.
• Installed and supported Blackberry Services for Exchange Server to allow customers to connect to their email remotely with these devices.

Business And Marketing

Computer Engineering