Work with SOC team to monitor, remediate, support, and manage enterprise endpoint environment including endpoint protection, cloud security, security awareness training and phishing simulations.Role accomplishments:● Respond, remediate and document security incidents as part of the Incident Response team.● Investigate and remediate phishing attempts utilizing Abnormal, Microsoft Defender, ExchangeAdmin Center, Crowdstrike LogScale, OSINT tools.● Investigate and remediate Okta authentication alerts related to impossible travel, unfamiliarsign-ins and reported unauthorized login attempts.● Investigate and report wire fraud case findings to the Fraud Risk Analyst team.● Investigate and remediate malware and botnet callback incidents.● Analyze large data sets to provide metrics to security leadership.● Manage IOCs and custom IOAs in CrowdStrike.● Utilize SCRUM and KANBAN to manage operational stories and planned work.● Investigate Wiz alerts for AWS/Azure resources, suppress or escalate findings when needed.● Troubleshoot connectivity and access issues with Zscaler ZIA/ZPA, add exceptions to ZIA/ZPApolicies when required.● Create/update Security Operations policies, RACI charts, standards and procedures.● Create/update incident response runbooks using NIST cybersecurity framework.● Perform eDiscovery searches and provide Microsoft Content Search query support for Fraud RiskAnalyst and legal teams.● Manage and deploy monthly phishing simulations and security awareness training to allemployees utilizing Hoxhunt security awareness platform.● Work with the IT Team to migrate users and applications from acquired companies.● Review Vulnerability scans (Tenable) and assign remediation tasks to appropriate IT Teams.● Manage vulnerability remediation process and documentation for the SOC team.● Create Knowledge Base articles for operationalized security tools.

Provided expertise and support of successful on-premise (Citrix) to cloud (Workspot/Azure) migration of 300 servers and 1800 endpoints.● Consolidated, improved and managed Netskope CASB policies to increase security and improve end user experience.● Closed external access and archived Sharepoint sites to increase Office 365 data security posture.● Provide new and renewing vendor security assessment and approval by reviewing vendor SOC, SIG and security policies.● Create Powershell scripts for bulk changes in AD, O365 and reporting.● Manage Office 365 licenses.● Managed windows and 3rd party updates, OS images and application deployment for 3500endpoints using SCCM. Upgrade SCCM as needed.● Lead endpoint and server patch governance meetings for monthly updates.● Investigate and remediate phishing attempts using Proofpoint Email Security and Office365tools.● Manage and remediate incidents in QRadar, triage correct team members to resolve issues.● Create and deprovision admin accounts and AD privileged groups.● Manage and audit AD security group owners and membership.● Managed users and Roles in Pleasant Password.● Manage users and devices in Microsoft Intune.● Manage software installation approvals in Carbon Black Protect. Investigate and remediate malware/unknown software alerts.

Provide 365x24x7 monitoring of business infrastructure including enterprise applications hosted on 400 servers.● Proactively detect server, network and application issues and outages using Logic Monitor.● Manage business communication and IT Team triage to resolve server and application MajorOutages.● Monitor 300 DIA and MPLS circuits for connectivity and latency issues with OpenNMS, Merakidashboard troubleshoot and remediate issue, dispatch ISP to location if unable to remediate.● Manage Cisco switch port and Cisco NAC issues with endpoints.● Manage DHCP servers and scopes for all subnets, create IP reservations, troubleshoot IP relatedissues.● Create and manage AD security group membership and owners.● Create knowledge base articles for recurring issues and procedures.● Act as mentor and 3rd level escalation for Service Desk.● Manage Citrix environment performance and reporting with ControUp.● Upgrade owned applications when needed (Lansweeper, SCCM, ControlUp, Bomgar)● Deploy server updates via WSUS.● Manage renewals and replace expiring server certificates.● Manage and create rules for data MFT and SFTP transfers.

● Replaced legacy phone system with RingCentral cloud PBX including 600 extensions over 26 sites.● Replaced MPLS network with DIA circuits including SonicWALL firewalls and Talari SD-WAN over 26 sites.● Upgraded legacy VMware environment with VCSA to 6.5.● Deployed new server, workstation VMs and storage volumes.● Created, updated, tested and retired Group Policy Objects.● Utilized ADSIedit and DNS Manager to cleanup tombstoned servers and stale DNS records.● Upgraded servers, domain and forest to Windows 2012 R2.● Manage and troubleshoot DNS and Active Directory replication.● Manage DFS shares and replication.● Created Email Retention policy in Office 365 to clean up email for 1000 mailboxes.● Utilized PowerShell to identify dead Computer and User Objects in Active Directory.● Upgraded outdated firmware on 20 SonicWALL firewalls and upgraded SonicWALL GMS.● Setup and implemented Lansweeper for asset management of all IT equipment.● Implemented help desk system (Lansweeper).● Utilized PowerShell for Office365 Exchange, SharePoint, Security and Compliance reporting andsetting changes.● Managed SQL server access and permissions.● Managed EqualLogic SAN storage volumes and snapshots.● Managed Unifi wireless controller, deployed, troubleshot and upgraded WAPs● Managed, troubleshot and upgraded SonicWALL firewalls.● Created and troubleshot IPSEC tunnels on SonicWALL firewalls.● Managed SonicWALL content filter, app control and firewall policies.● Managed devices and alerts in What’s Up Gold.● Created content searches in Office 365 Security and Compliance for eDiscovery.● Investigated Office 365 account breaches using Office 365 access log and Content Search.● Configured and deployed templates to Talari SD-WAN new devices.● Created and updated Visio network diagrams.● Managed ShoreTel system adding new extensions and switch programming.● Managed, configured and troubleshot Ricoh fleet of 70 copiers.

● Acted as Chief Security Officer, documented and reported security and HIPAA incidents.● Implemented BYOD policy of all company mobile devices saving company $16,000 a month or$192,000 a year.● Changed E-fax provider to RingCentral to save $1500 a month per facility.● Changed conference calling provider to Office365 Audio Conferencing and saved $1200 a month● Implemented policies to increase IT security, risk logging and breach tracking.● Implemented IT asset management tracking application and process.● Formalized and streamlined business processes to increase productivity and lower costs.● Provided Project Management expertise with 3 acquisitions and 4 hospital campus expansions.● Managed contract for new service and assuming existing contracts for acquisitions and campusexpansions.● Provided lead project management resource for Business Intelligence environment. ● Setup SQL linked servers, created scripts, created queries to access data sources for Qlik-Sense application.● Managed out-sourced MSP help desk and in-house IT staff.● Managed 1.2 million capital and operating expense IT budget.● Created guest WI-FI to protect production network from unmanaged personal devices.● Created production SSID for all organizational WAPs to provide ease of management, increasedsecurity and seamless user experience moving between facilities.

In-sourced IT Service Desk, built out and deployed ServiceNow application, recruited and managed staff.● Provided strategic IT direction for corporate leadership in acquisitions, new business direction and growth of company.● Implemented Self-Service Enterprise applications to streamline and improve user experience.● Managed service desk and provide top tier support for all client based and server-based systems,physical and virtual.● Facilitated and implement client operating system upgrade strategies.● Managed purchasing and refresh cycle of client-based assets.● Managed licensing and vendor relationships of enterprise solutions.● Negotiated vendor contracts, recommend cost-saving solutions and implement new enterprisetechnology.● Documented and improved all client based and server-based support and managementprocesses.