• Lead Vulnerability Management program, develop strategies to mitigate/remediate vulnerabilities, and continue to drive down risk using Nexpose InsightVM.• Develop a plan and implement Application Whitelisting on a zero-trust network.• Manage the endpoint antivirus program using CrowdStrike with over 10 thousand devices.• Automate incident response with Demisto by using custom scripts and workflows to suite the organization.• Create and implement a Windows PC and Server baseline to harden all devices on the network.• Identify and manage all privileged accounts on the domain to ensure they are audited and revolved on a regular basis.• Identify false-positive and false-negative alerts using Splunk to aid in the team’s accurate incident handling.• Provide hardening recommendations to secure the Amazon AWS implementation.• Review, deploy, and manage Zscaler proxy configurations.• Review Office365/Azure configurations to ensure users and administrators are allowed access based on secure industry standards.

• Perform Information Security assessments of organizations, including, but not limited to, Internal/External Pen Testing, Policy review, Wi-Fi assessments, Social Engineering, Physical assessments.• Review and provide recommendations to enhancement IT policies, programs, and plans.• Conduct Incident Response (IR) table top exercise assessments to critique an organization’s IR plan and enrich the team’s ability to respond in the event of an incident.• Assist, on an as needed basis, customers requiring Incident Response.• Conduct Red/Blue team assessments for • Research, understand, and provide feedback on new and upcoming products that increase the value of an organizations InfoSec team.• Document and share SOPs with the team, tools and exploits that can be used for assessments.• Effectively communicate, document, and present security findings to all levels of an organization (C-Level to Tech Support).• Peer review security assessment reports for quality and validity.• Maintain schedule for external security assessments, including collecting forms of consent for these assessments.• Develop and automate tools to streamline the assessment and report writing process.• Provide forensic analysis of files and systems to determine the origin and any data lost.• Be the security expert, for organizations of all sizes, to identify flaws or weaknesses in the organization and infrastructure, then provide solutions and guidance on how to become more secure.• Foster client relationships while on-site with customers.• Make recommendations based on financial regulating bodies and FFIEC guidelines.

• Review the infrastructure of clients and provide recommendations to improve the security posture that makes the most sense for the organizations and fits within their budget.• Design and adhere to zoned security matrix.• Architecting secure environments to meet the needs of the client and obeying security best practices.• Evaluate BlueCoat proxy, including investigating improperly categorized policies and adjusting as necessary.• Provide mentoring to Jr. Engineers and Technicians on firewalls, proxy’s, IPS, and APT detection systems.• Design and deploy FireEye appliances to detect APT attacks on the network.• Designing and implementing of Netscaler Load Balancer policies.• Support BlueCat External DNS records and zone transfers.• Managing Cisco Email Gateway and designing policies to ensure proper spam handling.• Analyze Tipping Point IPS/IDS appliances, including, deploying equipment and virtual patches in response to zero-day vulnerabilities and limiting exposure.• Managing, modifying, and creating SSL certificates.• Determining security measures necessary to protect business data and users from malicious code/persons from exploiting/mining/etc.• Analyze and assess Tenable Security Center vulnerabilities scan results and make recommendations to the client to prevent outbreaks, data loss, or down time.• Analyze WireShark packet captures to ensure security device integrity, verify application behavior, and root cause analysis of incidents.• SOP creation and documentation of security systems. These documents are then dispersed for training and collaboration.• Daily communication with users of all levels (CISO to Intern) for request/incident resolution & project status.• Configure and evaluate ArcSight reports to locate vulnerabilities and network events for SOC incident investigation.• Identify false-positive and false-negative alerts using ArcSight reporter to aid in the team’s accurate incident handling.

• Implemented a new service to perform monthly backups automatically which resulted in 120 hours of effort savings annually. • Conducted firewall refresh to convert policies/ACLs/NAT/etc. from EOL hardware to new hardware, which provided savings to the customer.• Conducted consulting services to On-Board 2 new clients, which included, but is not limited to:o Network and Security discoverieso Assisting/advising in setup of management, monitoring, and backupso Communications to ensure trust and confidence in the team’s abilitieso Provide feedback on security posture and products to close any “gaps”• Successfully segmented manufacturing network from business networks. Monitoring for several months to maintain and update equipment policy to ensure zero business interruption.• Implemented a new service to perform monthly backups automatically which resulted in 120 hours of effort savings annually.• Managing Firewall Policies and verifying they are up to date• Monitoring and Backups of security equipment.• Troubleshoot incidents of all types and driving to immediate resolution. Including but not limited to: VPN, Remote Access VPN, Routing, Switching, NAT, ARP, Interface settings, IPS/IDS, Virus/Malware infections, Authentication, MQ, more available upon request.

-Applied my knowledge as a seasoned athlete and assisted customers finding the right running shoe for them-Put customers thru a 3 stage fit process to allow the customer to know the kind of form and feet they have.