Vice President of Global Engineering and Managed Services

• Aug 2022 - Present

Senior Director of Global Engineering

• Jan 2022 - Present

The Sr. Director, Global Engineering oversees our Security Engineering (onboarding and production), MSS (firewall and Managed EDR), Hosted SIEM, and Managed Sentinel Services teams at our corporate office, across the US, Barcelona, and Singapore. Operating out of corporate headquarters in Carlsbad, CA, this role reports directly to the CEO and coordinates our global engineering efforts in conjunction with team leadership in our Singapore and Barcelona SOCs. This role drives onboarding timelines, customer production environment up-time, and monitors adherence to contract SLAs. In addition to driving daily activity, this role ensures 24x7 coverage and support for security engineering, MSS engineering services, Hosted SIEM, and Managed Sentinel Services, and spear heads, hiring, training, and development of Global Engineering staff.Roles and Responsibilities - Hire, train, mentor, grow, and support all Global engineering, MSS Engineering, Hosted SIEM and Managed Sentinel Services staff, both local and remote employees - Act as primary point of support and escalations for engineers in the region - Ensure standard operating procedures are consistently being followed by all engineers in the region - Assess, enhance, and refine global engineering policies and procedures - Collaborate with internal departments to identify methods for increasing the operational effectiveness and efficiency of Proficio managed services - Participates with Cybersecurity leadership to develop strategic plans and objectives to reduce risk and increase security posture globally - Contributes to the development of departmental strategies and adapts and executes plans to achieve key global Security, IT, and business objectives - Provide training and troubleshooting support as needed to all engineers in the region - Identify gaps in processes and procedures and execute on areas of improvement Show less

US DIrector of Security Engineering

• Oct 2021 - Jan 2022

The US Director of Security Engineering oversees both our Onboarding Engineering and Managed Security Devices teams at our corporate office and across the US. This role drives onboarding timelines, production environment up-time, and monitors adherence to contract SLAs. In addition to owing overall daily activities, this role ensures 24x7 coverage and support for security engineering services and spearheads hiring, training, and development of US Engineering staff.The Onboarding Engineers play a pivotal role by onboarding new clients in our ProSOC Managed Detection and Response services; primarily by deploying remote collector devices at client sites to gather and forward logs into our SIEM technology stack. The Managed Security Devices Engineers duties typically include the design, deployment and managed of security devices owned by the client such as NGFW's, IDS/IPS and EDR/EPP technologies. Show less

MDR Security Investigator / Training Lead - Managed Detection and Response (MDR)

• Dec 2019 - Oct 2021

Tier 2 Information Security Analyst / SecOps SME

• Apr 2019 - Dec 2019

• Assisted in incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts. Compile detailed investigation and analysis reports for internal SOC consumption and delivery to management• Performed Root Cause Analysis of security incidents for further enhancement of alert catalog. Review alerts generated by detection infrastructure for false positive alerts and modify alerts as needed• Monitored incoming event queues for potential security incidents; identify and act on anomalous network activity• Provided support to the Security Operations Center during incident response and threat hunting activities that includes cyber threat analysis support, research, recommending relevant remediation and mitigation• Collaborated with Cybersecurity and Incident Response team to provide targeted Threat hunting reports for ongoing engagements based on work performed on the client enterprise• Developed analytics to correlate IOCs and maximize threat detection capabilities based off defense analysis processes. Conduct analysis of network traffic and host activity across a wide array of technologies and platforms• Monitored and analyze cybercrime threat reports for a client business vertical, a specific client or APT groups to proactively create IOCs for Threat Hunting• Analyzed complex malware analysis through endpoint and network traffic forensics to determine if systems are impacted• Performed forensic analysis using security tools and monitoring systems to discover the source of anomalous security events• Created, developed and supported in place and future SOC processes including runbooks, engagement guidelines and escalation procedures• Provided forensic analysis of network packet captures, DNS, proxy, Netflow, malware, host-based security and application logs, as well as logs from various types of security sensors. Show less

Tier 1 Information Security Analyst- Active Threat Analytics

• Jun 2017 - Mar 2019

• Lead Continuous Threat Detection of Critical Infrastructure for better Visibility, Monitoring and Segmentation of Industrial Networks to mitigate threats across the entire cyber kill chain• Responsible for the day-to-day operational MDR ICS requirements set by management• Conducted daily health & welfare checks of all critical infrastructure Identify system mis-configurations, create incidents, and provide solutions to issues detected in a timely manner• Established standard operating procedures security operations workflows that provide clear, concise instructions on how to handle ICS / OT• Implemented and managed operational security capabilities including log management, event monitoring, incident detection and remediation, data loss prevention, user behavior analytics, and vulnerability assessment / penetration testing• Claroty Subject Matter Expert in assessing Security and Operational Alerts through Real-time Threat Monitoring, Advanced Vulnerability Detection, and Continuous Vulnerability Monitoring•Triaged, analyzed, and handled over 50,000 security incidents for 50+ customers that consisted of 20 types of malware, and 6 variants of Ransomware (WannaCry, Petya, Not-Petya, Bad Rabbit, Locky, TelsaCrypt)•Monitored network security technologies to include IDS, Firewall, A/V, vulnerability scanning, content filtering, load balancing, encryption, VPN, security information event manager, packet-capture, netflow analysis, incident response (AMP4E, Bro, Cisco ASA, eStreamer, Splunk, Suricata, Symentic, wireshark, etc.)•Analyzed Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention (DLP), forensics, sniffers and malware analysis tools•Conducted threat hunting for network intrusion on a network involving manual packet capture analysis, Domain Name System (DNS) log review, and open source and closed source intelligence analysis Show less

Director of Knowledge Management

• Apr 2014 - Jan 2016

•Instructed 250 Soldiers in advanced Open Source Intelligence techniques, Social Engineering, Socio-Cultural Analytics, Geospatial Intelligence Analysis, Physical Security Assessments, Web Application Exploitation, Vulnerability Management, Centers of Gravity, Identifying Civil Vulnerabilities, and Insider Threats•Assisted, and advised executive management in identifying or leverage internal vulnerabilities, mitigating risk with security controls, performing gap analysis, and properly documenting these findings to create Concept of Operations Plans (COOP) / Business Continuity Plans (BCP) Show less

Senior Non-Commissioned Officer

• Feb 2003 - Jan 2016

Throughout SFC Crabb’s 13 year tenure in the Army, SFC Crabb successfully completed multiple combat deployments including: two combat deployments in support of Operation Iraqi Freedom (OIF), one operational deployment in support of Operation Enduring Freedom- Philippines, and one Joint Operational Exercise to South Africa in support of US Army Africa. His superb leadership, dedication, and commitment to professional excellence immensely contributed to the success of his missions on three separate continents.While deployed to OPERATION SOUTHERN ACCORD as a Civil Affairs Team Sergeant, SFC Crabb assisted Joint Task Force Medical in the treatment of nearly 6,000 animals while assigned to JTF-Dagger. Working collaboratively with fellow Soldiers, Sailors, Airmen and numerous branches of the South African National Defense Force. SFC Crabb superb leadership enabled JTF-Medical to successfully vaccinate, deworm, and treat 7 different animal species for a multitude of parasites across 8 locations surrounding Belambu, South Africa. During the 2011 Typhoon Disaster Relief Operations, SFC Crabb's expertise was instrumental to the success of Joint Special Operations Task Force-Philippines. SFC Crabb participated in numerous rescue and relief operations throughout Western Mindanao Command addressing the plight of internally displaced persons and alleviating unfit conditions within the emergency evacuation centers. His efforts contributed to humanitarian assistance and disaster relief operations resulting in the safety and well-being of over 3,000 IDP's. Show less

Civil Affairs Team Sergeant (Human Resources, Physical Security, Logistical Coordinator)

• Jan 2012 - Apr 2014

While deployed to OPERATION SOUTHERN ACCORD as a Civil Affairs Team Sergeant, SFC Crabb assisted Joint Task Force Medical in the treatment of nearly 6,000 animals while assigned to JTF-Dagger. Working collaboratively with fellow Soldiers, Sailors, Airmen and numerous branches of the South African National Defense Force. SFC Crabb superb leadership enabled JTF-Medical to successfully vaccinate, deworm, and treat 7 different animal species for a multitude of parasites across 8 locations surrounding Belambu, South Africa. As the fourth Civil Affairs Soldier assigned to the 82nd Civil Affairs Battalion, SFC Crabb’s versatility was imperative to standardizing polices and procedures prior to the battalion's activation. While assigned to the BN CIM cell, SFC Crabb personally created, instructed, and certified over 350 Soldiers, Sailors, Airmen, and Marines on advanced qualitative and quantitative data mining techniques using Boolean operators to systematically perform socio-cultural analysis allowing teams the ability to accurately depict the operational environment. Show less

Civil Information Management Chief

• Jan 2011 - Dec 2011

During the 2011 Typhoon Disaster Relief Operations, SFC Crabb's expertise was instrumental to the success of Joint Special Operations Task Force-Philippines. SFC Crabb participated in numerous rescue and relief operations throughout Western Mindanao Command addressing the plight of internally displaced persons and alleviating unfit conditions within the emergency evacuation centers. His efforts contributed to humanitarian assistance and disaster relief operations resulting in the safety and well-being of over 3,000 IDP's. Show less

Civil-Military Operations Cell Supervisor

• Apr 2008 - Jan 2011

Aviation Operations Supervisor

• Jun 2006 - Feb 2008

RF Communications Manager

• Mar 2003 - Jun 2006

•Installed, operated, and performed unit level maintenance on multichannel line-of-sight (LOS) and tropospheric scatter communications systems, antennas and associated equipment •Supervised the installation, operation, deployment, and direct support systems maintenance of large and small electronic switches and associated equipment •Installed, operated, and performed unit level maintenance on multichannel line-of-sight (LOS) and tropospheric scatter communications systems, antennas and associated equipment •Supervised the installation, operation, deployment, and direct support systems maintenance of large and small electronic switches and associated equipment

Line of Sight Team Chief

• 2003 - 2005