Brian Z. Email & Phone Number

Bellevue, WA, US

• Investigate T-Mobile breach identifying artifacts on TOR network
• Investigate suspicious employee behavior and violations of process, procedures, and standards
• Audit, Deny or Approve all software, technologies and third parties to be used in the environment
• Audit every aspect of the business from procurement to software development, deployment, configurations, and diagrams
• Review architecture diagrams for cellular networks recommending a defense in depth approach with security controls pertinent to the technologies
• Investigate project managers and their teams to identify suspicious and illegal activity gathering required evidence to establish sufficient use case for further investigation

130, Kansas, US

• Participate in 3rd party bank audits of True Accord's services
• Audit client and vendors to ensure regulatory and legal compliance
• Build out a comprehensive security program while achieving PCI and SOC2 certification
• Monthly meetings with the Chief Legal Officer to review laws, policies, and technologies
• Audit payment gateways for CIA and ensure GAPs and violations from audits are remediated
• Identify opportunities during Brexit to ensure secure opportunities for growth with measured ROI

San Francisco, California, US

• Penetration test VPN, NAC and DLP for PII and PCI data exposure
• Utilize Net Witness to complete event reconstruction and analysis
• Implement architect for special projects migrating Wells Fargo from SWIFT to block chain
• Identify potential threat vectors and remediate in alignment with the changes control approval process
• Engage in Threat Hunting activities with Splunk identifying IOCs, correlating timelines, and reviewing packet captures
• Catalog artifacts from Threat Hunting and penetration tests and assign risk profiles to assets based on vulnerabilities, threat, and asset value

US

• Penetration test high value assets and validate vulnerabilities utilizing Burp Suite and Metasploit
• Present to executive leadership ROI of the vulnerability management and pen testing program and project plan
• Automate the vulnerability remediation and validation process partnering with server owners for exception review
• Provide continuous scanning for over a million globally connect assets across multiple cloud environments and on premise

San Francisco, California, US

• Drive Forensics deployment in AWS using AWS-labs security automation
• Penetration test custom applications in AWS and communicate best security practices recommendations
• Configure cloud resources and 3rd party vendor tools to vendors best practices in alignment with legal and regulatory GRC
• Work with Principal Engineers on architecture and design of the multi cloud environments before and after penetration testing
• Lead Wells Fargo in implementing security technologies within the AWS cloud including the deployment and configuration of 3rd party Vendor tools and AWS resources

Austin, Texas, US

• Participate in the vendor management process and executing POC’s of vendor products
• Develop vulnerability management program with AWS utilizing Nessus Security Center
• Integrate Mine Meld threat intelligence with Palo Alto Autofocus next generation firewalls
• Migrate AWS and on-premises logging into Alert Logic SIEM for MSSP partnership and collaboration
• Pentest and patch Palo Alto Firewalls and present findings and remediation project plan to executive leadership
• Lead the security team in the deployment and tuning of Cylance and creating Playbooks to respond to SIEM alerts

Bachelor Of Science - Bs, Logistics, Materials, And Supply Chain Management

Computer Science, Computer Science