Member Of Technical Staff 2, Information Security Engineer
CurrentPrimary duties include architecture and management of information security software and servers related to data security throughout the PayPal environment. This includes multiple data protection solutions from Microsoft, Trellix (McAfee), AWS, Broadcom (Symantec) and Palo Alto Networks.- Implemented Microsoft Purview Information Protection scanners to be able to scan CIFS and NFS shares. Configured Microsoft Defender for Endpoint DLP including support for evidence collection. - Architected and managed Trellix (McAfee) DLP Endpoint and Network solutions from ePO Saas. DLP Network Prevent virtual appliances for both SNMP email traffic and ICAP requests. DLP Network Discover for scanning multiple petabytes of CIFS and NFS shares. Developed custom monitoring using Splunk, Zabbix and PagerDuty to alert on any issues with appliances or logging flows.- Helped with the design and setting the requirements for AWS Macie scanning of S3 buckets to provide the best coverage while controlling cost.- Was part of the team that did the initial deployment of Zscaler Internet Access. Maintained responsibility for DLP and Incident Receivers. This includes developing custom python scripts to manage evidence from the Incident Receivers to secure storage.- Deployed and maintained Broadcom (Symantec) DLP Enforce, Endpoint and Network solutions. DLP Network Monitor for aggregated tap and span traffic. DLP Network Prevent for both SNMP email traffic and ICAP web requests. DLP Network Discover for scanning CIFS shares.- Built out multiple CASBs solution to scan for sensitive data in multiple enterprise Saas products: Microsoft Defender for Cloud Apps, Zscaler SaaS Security API DLP, Skyhigh Security (McAfee) CASB, Broadcom (Symantec) CloudSOC, and Palo Alto Networks (CirroSecure) Aperture.- Provided additional support with Trellix VSE/ENS, Trellix Web Gateways, Beyond Trust Retina, cPacket cVu and HSMs.