Lead Security Engineer

• Aug 2022 - Present

Security Engineer

• Feb 2020 - Aug 2022

- Gave multiple presentations on behalf of the Security Engineering team to other internal Proficio departments and to potential new hires around the team's current responsibilities to better provide insight into the team's daily workflow- Served as the primary Security Engineering team representative on 20+ new client onboardings and numerous client projects, working with clients to securely send events from their devices- Trained multiple new engineers on the Security Engineering team's roles and responsibilities and continually assisted team members with day-to-day tasks and issues- Created and/or modified multiple Bash, PowerShell, and Ansible scripts to automate/simplify tasks and to create/improve workflows- Researched, tested, and documented new solutions to collect events from client devices and services to help expand the scope of Proficio's log monitoring capability, primarily for Microsoft Azure and Windows Servers- Gave multiple recorded and live demonstrations to team members around new solutions- Wrote 10+ new configuration guides and improved 30+ existing guides around setting up logging for client devices and services, which significantly improved client onboarding timelines- Investigated client logs in ArcSight and ELK-based SIEMs to better assist with troubleshooting networking/system issues raised by clients- Created firewall policies on Proficio perimeter firewalls and built IPSec-based VPNs with clients to ensure stable and secure transport of client logs to Proficio's environment- Troubleshot issues with vendor software and scripts on Linux and Windows systems to ensure stable logging and system health- Patched security vulnerabilities on internal and client-facing systems- Provided insights and suggestions to internal development teams on existing and new projects to better ensure the needs of the Security Engineering team were being considered Show less

Security Analyst

• Oct 2019 - Feb 2020

- Conducted investigations into the network traffic and user activity of hundreds of clients worldwide, employing the ArcSight and Splunk SIEMs to better review hundreds of thousands of logs for potential indicators of attack and compromise- Coordinated and communicated with clients upon identifying potential and actual security incidents, providing detailed reports and updates on critical findings, along with recommendations on actions to perform as part of incident response- Trained multiple new analysts and interns, communicated with clients and internal teams around analyst account management issues (continuing the role I took on while I was interning), handled requests from customers for log data (for auditing/security purposes), along with forwarding client feature requests to the appropriate internal teamsAnalyzed logs from industry devices/services (including, but not limited to):Microsoft Windows (primarily Windows Server and Active Directory logs), Microsoft Azure (primarily Office365 and Azure Active Directory), Palo Alto PAN-OS, Cisco ASA, Cisco Meraki, Fortinet Fortigate, Juniper JUNOS, SonicWall, Symantec Endpoint Protection, CrowdStrike Falconhost, Imperva WAF, Blue Coat Proxy SG, Forcepoint Websense, Proofpoint TAP, McAfee AV, CylancePROTECT, ZScaler, Carbon Black Defense, etc. Show less

Security Analyst Intern

• Jul 2018 - Oct 2019

- Lead a project to streamline internal and customer SIEM account management for the worldwide Proficio Security Analyst team, coordinating between internal and client-facing teams, and communicating with clients directly when necessary- Migrated and organized 200+ knowledgebase articles from legacy internal websites to Proficio's ServiceNow platform- Modernized the branding for 300+ scheduled customer reports- Conducted a biweekly test of all US office phones- Became familiar with SOC procedures, customer security policies, and SIEM use cases- Became familiar with the unique security needs of hundreds of clients across numerous industries and countries- Remained up-to-date on the latest security threats and news Show less

Instructional Student Assistant - Computer Security

• Mar 2019 - May 2019

- Responsible for grading midterms and finals with the instructor and other student assistants - Prepared LANs with the instructor and other student assistants for attack and defense labs - Responsible for grading midterms and finals with the instructor and other student assistants - Prepared LANs with the instructor and other student assistants for attack and defense labs

Jobs and Competitions Liaison

• May 2018 - May 2019

- Served on the club's executive board to help set club policies and precedents for future generations - Both built new connections and maintained existing club relationships with multiple companies/organizations - Organized field trips to a major security conference and 2 company/organization offices - Invited professionals from the security field to come speak to the club about tools they use in their work and opportunities for internships/employment - Created and updated a weekly newsletter to help members find security-related job openings, online Capture-the-Flag competitions, and local security-related events - Actively engaged in campus outreach throughout the year to increase club membership, including tabling events, classroom outreach, and social media outreach - Provided detailed summaries of weekly club practice session for the Collegiate Cyber Defense Competition (CCDC) and better organized technical documentation from current and previous competition team members and coaches for future generations - Further documented and defined the responsibilities of the Jobs and Competitions Liason role and provided a detailed summary on current club connections and competitions to better ensure smoother transitions for future generations of club executives Show less