Ryan Erwin Email & Phone Number

Keller, TX, US

Bedford, Texas, United States

• Develops Policy on Vulnerability management and Web application security for the company’s custom internal critical applications
• Develops runbooks for step-by-step guidance on strategic Scan Policy creation and scheduling
• Works with 3rd party Vendors for Vulnerability Scans and Remediation plan execution
• Works with functions team leads from Server Administrators/Network administrators/Application Developers
• Coordinates the web application and web site security program
• Conducts web application and web site vulnerability security scans and tracks remediation tasks (NetSparker)

• Participates in the day-to-day security operations monitoring and response from the Cybersecurity Operations Center.
• Performs malware analysis, reverse engineering, and de-obfuscation techniques
• Evaluates, responds, and mitigates alerts that originate from the SIEM and the Cybersecurity product suite, e.g. NGFWs, IDS/IPS, Anti-virus, Web Application Firewalls, NAC Solution, Azure, MCAS, and Office 365
• Implements or recommend mitigations including the creation and development of new alerts and rules within the various cyber security tools.
• Able to analyze and identify malicious activity during the various attack stages.
• Maintaining a high level of technical expertise on Cyber Security defense-in-depth technology and best practices by performing ongoing research and engagement to maintain awareness of industry trends, best practices.

• Incident Detection Analyst March,2020-OCT 2021
• Conducts Event Detection, Incident Triage, Incident. Handling, Hunting activities by leveraging our detection/response platforms.
• Continuously monitors levels of service as well as interpret and prioritize threats through use of cyber threat intelligence, intrusion detection systems, firewalls and other boundary protection devices, and any.
• Provide 24x7 incident detection and monitoring service, and performance report on regular basis.
• Escalates cyber security events according to playbook and standard operation procedures (SOPs).
• Remediate non-compliance with technical and security requirements.

• Develop and integrate security incident response procedures and manages system-wide security incident response plan using the NIST process framework and IBM’s Resilient Ticketing system
• Engineer, deploy and operate incident response tools such as Q-Radar, Trap X, and Perch, Snort, Azure, MCAS, and Office 365
• Coordinate annual cybersecurity exercise purple Team events
• Perform computer forensic response, investigation, and reporting; coordinate forensic service activities with other departments such as compliance, human resources and legal
• Design, configure, analyze, and tune vulnerability management/threat management systems using Cylance Endpoint Security, Firemon, and Cisco Content security management console, Microsoft defender ATP, Microsoft cloud.
• Coordinate threat activities with managed security operations services, external agencies, and information sharing organizations

Experience performing routine tasks of establishing or resetting of accounts, passwords and unlocking accounts.· Performing basic computer system checks for viruses, unauthorized materials and security violations.· Providing basic assistance to staff on the operation and functions of computer equipment to include printers, scanners, modems and basic office.

Plano, Texas

• Maintained security of network infrastructure and communications systems
• Oversaw Information Systems and Network Security view monitoring administration and development of signatures for Intrusion Detection and security information management systems on assigned networks
• Utilized IT hardware and software to combat unauthorized access and damage to sensitive and classified data
• Researched and developed security requirements in the implementation of new systems and major system revisions
• Responsible for the real-time analysis of incoming cyber security alerts using ArcSight ESM and Splunk log analysis
• Initial triage and escalation of the alert, as well as the investigation and remediation of all types of potential cyber threats ranging from minor events to major incidents

Bachelor'S Degree, Information Technology Security

Certifications, Information Technology, 3.8

Certifications, Information Technology, 3.0