Craig S.

Senior Information Security Engineer at Octane®
  • Claim this Profile
Contact Information
us****@****om
(386) 825-5501
Location
San Antonio, Texas Metropolitan Area

Topline Score

Topline score feature will be out soon.

Bio

Generated by
Topline AI

You need to have a working account to view this content.
Join now
You need to have a working account to view this content.
Join now

Credentials

  • CompTIA Secure Infrastructure Specialist
    CompTIA
    Dec, 2020
    - Nov, 2024
  • Network+ CE 2020
    CompTIA
    Dec, 2020
    - Nov, 2024
  • CompTIA Security+ CE 2020 Certification
    CompTIA
    Oct, 2020
    - Nov, 2024
  • Cisco Certified Network Associate
    Cisco
    Aug, 2014
    - Nov, 2024

Experience

  • Octane®
    • United States
    • Software Development
    • 200 - 300 Employee
    • Senior Information Security Engineer
      • Dec 2021 - Present

      -Integrating multiple enterprise products/tools with Information Security solutions to provide increased asset visibility -Mentoring and advising junior security team members -Addressing the security concerns of colleagues and members of leadership -Ensuring continuity of day to day security operations such as threat investigations -Prevented design issues which would have led to security vulnerabilities by consulting with software engineers during planning phases of development projects -Implemented threat hunting capabilities to allow detection of threats automated systems would not detect -Reduced false positives in security monitoring systems by 80% over a 6 month period -Reduced average alert investigation time from 10 minutes to 1-2 minutes -Sanitized logs and developed RBAC groups to allow contractors to view production logs, increasing productivity by at least 50% Show less

  • Equinix
    • United States
    • Internet Publishing
    • 700 & Above Employee
    • Senior Information Security Engineer
      • May 2021 - Sep 2021

      -While investigating incidents, I worked with escalating SOC technicians to identify the most useful data for expedient resolution -I helped HR and other departmental leaders understand their and their team's relationship to security incidents and how I could help them contribute to the security mission of the larger company -I worked with folks in networking, development, IT, and process engineering to help them understand security issues in their environment and get them the necessary information to make proactive security easier for us while reducing the amount of time they spent on security related issues -I contributed ideas to support the overall goals of security team leadership, and suggested solutions for problems that time spent in IT, web hosting, and personal security exploration helped me to recognize -I proactively found opportunities to assist other team members with assigned duties when I wasn't actively tasked -While waiting for the chance to take formal training, during down time without other tasking I read papers from SANS' Reading Room and multiple other sources to improve my skills and awareness of current industry trends (and tracked my activities) -Developed a presentation on relevant "Google Dorks" for intel Show less

  • Motorola Solutions
    • United States
    • Telecommunications
    • 700 & Above Employee
    • Security Operations Consultant
      • Jan 2020 - May 2021

      -I held meetings with MSSP clients to make sure that our organization understood what value they needed from our service, and that we demonstrably provided that value-I communicated to leadership how clients perceived our contributions to their security goals, and challenges faced in working with our offerings which represented opportunities to be better partners-I looked for and regularly suggested ways to improve operational efficacy, and to make sure we were aware of shortcomings in service to improve regardless whether clients noticed or not-I reached out to and worked regularly with the product leadership team to be sure that SOC and product were on the same page wherever possible, rather than working at cross purposes-I helped clients understand what was going on in their environments from our end, research situations in tools such as SIEM and EDR platforms, and create dashboards or automation which would save them valuable time while assessing their environments.-Along with a technician I managed, I started (and ran for a year) the 'Customer Strategy' team to address the above activities, returning valuable investigation and threat hunting time to analysts on the SOC floor. Show less

    • Security Analyst
      • Apr 2019 - Jan 2020

      Qualified security alerts worked to assess and improve defense posture, and administered security tools for over 50 Windows, Mac, and Linux client environments including:❖ Incident handling using tools such as Crowdstrike, Exabyte SIEM and Wireshark to triage and qualify anomalous activity❖ Applying ATT&CK framework with senior analyst to inform in-house SOAR platform development roadmap❖ Mentoring junior analysts on the team, particularly in network activity analysis❖ Advising client’s incident responders on the steps to take to investigate and resolve security incidents in a “copilot” fashion❖ Analyzing threat information gathered from logs, Intrusion Detection Systems (IDS), intelligence, reports, vendor sites, and a variety of other sources Show less

  • Liquid Web
    • United States
    • Technology, Information and Internet
    • 200 - 300 Employee
    • Linux Server Admin III
      • Apr 2017 - Apr 2019

      Duties similar to Site Reliability Engineer (maintenance for production server environments to remedy error conditions and ensure availability) with 2nd and 3rd tier web server support responsibilities including: ❖ Gathering proof of vulnerability mitigation to help facilitate customer PCI, HIPAA compliance to TrustWave and other ASVs ❖ Writing technical articles for LinkedIn and the occasional company blog ❖ Implementing and reviewing controls to protect data and system integrity ❖ Being an advocate for customer trust ❖ Adapting or repairing scripts in BASH or Python ❖ Providing outstanding phone and email support for our customers ❖ Installing, maintaining, and restoring backups Show less

  • Google
    • United States
    • Software Development
    • 700 & Above Employee
    • Enterprise IT Analyst
      • Aug 2015 - Feb 2017

      Applied expert knowledge of troubleshooting and secure IT practices to help employees across a range of extremely diverse job functions to solve problems impeding workflow and protect company data. Duties/experiences included: ❖ Developing solutions that balance business needs against security concerns using risk awareness ❖ Sharpening my security mindset, absorbing strategy and learning from expert security engineer mentors ❖ Managing a complex chain of IAM and zero trust enablement mechanisms ❖ Working in terms of underlying foundational technologies rather than specific solutions to quickly assimilate unfamiliar applications and tools ❖ Monitoring and support of processes for SAP applications ❖ Safeguarding confidentiality, integrity and availability of endpoints and credentials Show less

  • Aviat Networks
    • United States
    • Telecommunications
    • 700 & Above Employee
    • Network Operations Technician
      • Apr 2015 - Aug 2015

      Monitored microwave networks for customers in the financial and governmental sectors ensuring critical reliability for communications such as high frequency trading information and 911 radio communications. Monitored microwave networks for customers in the financial and governmental sectors ensuring critical reliability for communications such as high frequency trading information and 911 radio communications.

  • TengoInternet
    • United States
    • Wireless Services
    • 1 - 100 Employee
    • Network Operations Technician
      • Oct 2014 - Mar 2015

      Identified systemic security issues by analyzing vulnerability and configuration data. Monitored, analyzed, and documented the health of outdoor wireless routers, bridges, and switches to identify upcoming problems proactively. Duties/experiences included: ❖ Collecting intrusion artifacts (e.g., source code, malware, log snips) and used discovered data to enable mitigation of security incidents within the enterprise. ❖ Escalating service disruptions promptly and efficiently ❖ Maintaining/configuring/installing WAN and LAN connectivity, routers, firewalls and security Show less

  • US Army
    • United States
    • Armed Forces
    • 700 & Above Employee
    • Electronics and PC Tech
      • Apr 2007 - Apr 2012

      -Repaired and serviced night vision devices, chemical agent detectors, and other small electronic devices needed in the scope of day to day operations. -Led campaigns to maintain and improve the systems used to account for equipment. -Managed security and accountability for over a million dollars of sensitive cryptographic and communications equipment in a vault -Repaired and serviced night vision devices, chemical agent detectors, and other small electronic devices needed in the scope of day to day operations. -Led campaigns to maintain and improve the systems used to account for equipment. -Managed security and accountability for over a million dollars of sensitive cryptographic and communications equipment in a vault

Community

You need to have a working account to view this content. Click here to join now