Cybersecurity Enterprise Account Executive
CurrentIn my role as a Cyber seller, I assist customers in enhancing their security posture & safeguarding their digital resources. I focus on two main areas:1. Application Security (AppSec): Scanning code & infrastructure for vulnerabilities, including coaching Developers how to fortify their environment against exploits.2. Security Operations (SecOps): Real-time security event monitoring, correlation, & alerting with traditional SIEM (Security Information & Event Management) solutions. Threat Hunting, both internal & external, using Unsupervised Machine Learning & analytics.With AppSec, I help Developers scan their source code (SAST: Static Application Security Testing) & infrastructure (URL crawling for exploitability with DAST: Dynamic Application Security Testing) for vulnerabilities. This can be achieved in two ways: either as a security "spell checker" integrated into the developer's IDE (with real-time coaching/guidance on remediation), or through electronic execution as part of the CI/CD pipeline. Many organizations also leverage Software Composition Analysis to identify the presence of specific Open Source library vulnerabilities & upgrade/remediate accordingly. I often provide guidance to developers on repurposing their Functional & Unit Testing resources for automated security testing, eliminating the need for AppSec Engineers to undergo the typical, extensive learning curve related to learning application navigation workflows.For SecOps, I coach Engineers/SOC personnel on how to efficiently run their SIEM & mine the event data. Together, we craft threat hunting methods that reduce operator fatigue by harnessing the power of AI/Machine Learning to distill millions of events down to a handful of highly prioritized leads. Imagine asking ChatGPT to “analyze my SIEM & XDR data to make me a top 10 list of all the Edward Snowden (or careless Homer Simpsons) lurking in my org.” Then out pops a list to be investigated.Call me if this sounds intriguing.