• Lead Security Engineer for Custom Threat Reporting Portal based on UTM Device events (Layer 3-7)• Administration and engineering of Snowflake Database as a Service• Tableau workbook development for service metrics and client facing workbooks• Remediation of vulnerabilities identified on the Threat Reporting portal and technologies driving service• Documentation of service in internal wiki including items such as topology, dataflow, service flow and past incident details• Senior level support to clients who are having issues seeing their data or wish to know how to use the portal better• Development and repair of Threat Reporting pages for the Threat Reporting portal• Administration and repair of Databricks workflows, compute and run issues• Monthly Business reviews on how the Threat Reporting Portal has been running for the past month, our accomplishments and future state goal setting• Lead SOC 2 Audits against the Threat Reporting portal and the technologies supporting it• Perform User Access Reviews for our Snowflake and Tableau environments• Perform status review of clients and appliances reporting in as well as what pages and threats clients are experiencing and pages tend to visit most often• Perform threat event reviews based on client need and service needs to discover threats and load as well as events that may be overloading customers implementations• Implemented custom concourse configuration and jobs based off of GitHub repos in order to manage code changes• Worked with AWS s3 buckets, security policies for AWS objects and ran SNS topics to notify run team of any latency issues within the Threat Reporting portal• Partnered with run team in order to validate UTM assets are in place for each customer order• Developed report on threats that have impacted our customers’ UTM devices globaly based on threat module, top talkers, and points of interest based of common and unique threat characteristics

Cyber Security Engineer working on Comcast Corp's Threat Management TeamResponsibilities included:ArcSight SIEM Solution ManagementUse Case Development in ArcSight ESM, ArcSight Logger, and Splunk for malicious and/or unauthorized behaviorsLog Management of enterprise systemsThreat Hunting and DiscoveryPCI Compliance InitiativesEvent review for malicious, and unauthorized behaviors with...Host-based forensic solutionsLayer 3-7 network security devicesWindows, Linux, and Unix Platform logsas well as many more point cyber security solutions

Information Security Strategy development and implementation driven by Risk and Threat Mitigation techniques utilizing industry guidelines such as CIS, NIST, SANS, and ISO 27001/2 combined with driver indicators from data breach investigation reports as well as Third Party Risk Assessment feedbackInformation Security Solution prospecting, design, implementation, and continuous improvement in the following areas: host-based anti-malware detection/prevention, network-based anti-malware prevention/detection, vulnerability management, threat intelligence integration, Layer 7 Firewalls, Malicious/Unauthorized Behavior Analytics, Automated Malicious/Unauthorized Incident Detection, malware sandboxing, Forensic response kits as well as several other areasAudit Management and Compliance Advisement for PCI DSS 3.1 and SOX

Prospecting, design, implementation, continuous engineering support of security solutions such as ArcSight SIEM, Firemon Network Security Policy Management Suite, McAfee Email Gateway Email Protection Suite, Access Data's Forensic Toolkit for Digital Investigations, F5 Load Balancers for Log Distribution services, QualysGuard Web Application Scanning, Services,Veracode Static Code Analysis and Data Loss Prevention ServicesDesign, implementation, and continuous improvement of Process and Procedures needed for strengthening information security posture, and assuring compliance for PCI DSS 3.0, AND FTC requirementsFirewall Configuration and Control Risk Review, Firewall Complexity and Control Redundancy Reduction Services, Firewall Control MigrationProactive and incident driven system examination with platform utilities, SIEM systems, intrusion detection/prevention systems (IDS/IPS), packet analyzers, traffic analyzers, Advanced Threat Detection Engines, logging platforms, vulnerability scanners and network security policy management engines to discover and remediate malfunctions, malicious activity, unauthorized activity, vulnerabilities or risks

Design, support, and implementation of Clinical/Non-Clinical information systems utilizing various versions of Windows, Linux, Unix, and specialty Unix/Linux operating systems.Design, support, and implementation of data networksData reconnaissance, restoration, and migration of server and end user systems utilizing Windows, and Linux tools

Design, implementation, and continuous improvement of data networks and information systemsCustom Desktop/Server hardware design and implementation running Windows XP/2003 series and custom Linux/Unix distributions