AWS Security Engineer

• Jan 2021 - Present

Cloud Security Engineer

• Feb 2020 - Jan 2021

Security Technical AWS Security Certified Guard Duty• Setup and testing• Integration with 3rd party Security products• Analysis and remediation of findings• Suppression of false positivesIAM policies• Security and Compliance remediation• Access key rotation• Assumed rolesCloudTrail• Log source ingestion into 3rd party products• Event investigation• Athena queriesCloudWatch• Custom alerting from CloudTrail• Alert integration into ticketing systemsAWS WAF• WAF v2 setup• Web ACL configuration• WAF Log source ingestionLoad Balancers• 3rd party WAF integration• ELB security policies• ELB loggingNGFW• ASAv• Palo Alto VM-Series• Alert configuration and integrationLogging• CloudTrail• WAF• ELB• S3 Access logging• VPC flow logsImplementation, administration and documentation of 3rd Party Security ProductsPrisma Public Cloud (Compliance) SMEAlert Logic (IDS and Compliance) SMETrend Micro Deep Security (AntiMalware/FIM) SMEArmor Anywhere (IDS, AntiMalware, FIM)Security ProfessionalCustomerEstablishing change management proceduresEstablishing incident response proceduresCustomer cadence meetings to advise on security improvementsGuidance and performance of vulnerability remediationsImplementing custom requestsOptimization of security assetsFielding technical questions on demandTeamSecurity advisoryDocumentation of proceduresProviding security content for meeting agendasStatus updates on changesFielding technical questions on demandExecutiveQuick read and review of considered and implemented security productsProviding status updates for new deploymentsOn-demand product reviews for potential customersHigh level communication of security capabilitiesFielding technical questions on demandPartner meeting cadence to develop and improve security products

Security Analyst

• Oct 2018 - Feb 2020

* AWS Certified Security - Specialty* Trend Micro Deep Security certified* Alert Logic SME* Alert Logic Solution Architect* Trend Micro DSM SME* Palo Alto SME* Prisma Public cloud* Deployment, Troubleshooting and Tuning of Alert Logic* Deployment, Troubleshooting and Tuning of Trend Micro DSM* Deployment and administration of Prisma Public Cloud compliance tool* Implementation, and administration of an HA PA-850 network upgrade with dual ISP and hardware failover* Research, development, and documentation of the Alert Logic AWS security Product* Research, development, and documentation of Trend Micro's DSM product* Investigation and processing of security remediations for 2nd Watch and customers of 2nd Watch* Analyzing and configuring Cloud environments to adhere to multiple compliance benchmarks* Documenting procedures for deployment as a reference for automation* Documenting procedures for compliance as a reference for automation* Deployment assistance and research for engineers and managers in regards to Alert Logic and Trend Micro DSM* Deep dive security analysis of customer and corporate systems on request.

Lead Firewall Engineer

• Jul 2018 - Sep 2018

- Field and help desk support- Research and development of modern capabilities- Development of a multi-vendor testing environment- Integration with the LogRhythm SIEM- PowerShell packages for implementing features such as the Phishing Intelligence Engine.- policy updates- configuration transfers- applying feature keys- BOVPN - API developmentWatchGuardCisco ASAPalo AltoMcAfee Web GatewayServer 2008/2012/2016SQL Server 2016

Security Engineer

• Mar 2018 - Jul 2018

Firewall provisioning and troubleshooting.Deploying and tuning LogRhythm tailored to customer needs.Working with customers to help LogRhythm understand their unique network through the tuning processIdentifying threats and understanding patterns of threats that lead to security breachesEngineering solutions such as the Smart Response action with an approval function for blacklisting.Crafting customized rule and alarm sets to quickly identify specific behavior to isolate potential threats.Isolation and preservation of digital forensics per client requestUse of Lucene syntax to create customized dashboards to view specific content.Deployment and upgrades of the LogRhythm product and feature modulesScheduled meetings with customers to discuss current needs and to relay new security opportunities that developProviding advice to customers regarding security products, designs, and configurations that will benefit their networkInteraction and contribution to the LogRhythm community for collective solutions.Superior adherence to SLAs

Network Analyst II

• Jan 2017 - Mar 2018

- Advanced awareness of events in multiple monitoring systems.- Monitoring of a statewide DWDM network capable of 100G- Outage management and following proper escalation procedures - Layer 2/3 troubleshooting within a multi-vendor network- Interface analysis for trends indicating larger issues- The ability to learn and utilize monitoring and ticketing systems quickly.- Information gathering to provide accurate information to senior analysts and engineers- Processing TAC cases and RMAs to resolve faulty or failed equipment- Negotiating with tail circuit providers that serve our customers to find solutions for issues- Tracing circuits to prove internal circuit integrity and/or create DLRs.- Isolating issues to determine root cause of outages or degraded services- Negotiating with customers and providers to setup windows for intrusive testing and/or maintenance- Monitoring the status of a live maintenance and providing requested information to engineers- Monitoring of various national networks within multiple ticketing and remote monitoring systems.- Quick learning and implementation of new technology or procedures.- Any additional duties that are required. - Pro phone- Pro Email- Pro ticketing

Network Analyst I

• Sep 2015 - Dec 2016

Responding professionally and quickly to customer emails/call ins from multiple counties.Testing the operations of devices and reporting failures to PUDs or providers.Noticing patterns of events that reduce the time needed to provide solutions for customers, or to help in the isolation of bigger issues. Responding to network alarms and conducting ticket/call-outs to providers to begin the process of resolution.Diligent monitoring of environmental alarms - temperature - humidity - smoke - access - power.Remotely assisting field technicians to verify gateway/ONT function during installs or repairs. MAC tracing.MPLS, DWDM, REP. Setup, provisioning, and troubleshooting of ONTs using software.Pro ticketingFacility entry/exit procedures.* Connectwise/LabTech * Cloud admin - Feb 2016 - Sept 2016Remote technical/application/server (cloud) support for multiple companies with ConnectwiseVendor negotiations and application support for Microsoft Dynamics/Great Plains - OpenTable/Guestbridge - Caterease - InDesign Professional demeanor and timely response to end users from different companies via call-ins or a ticketing system that satisfies or exceeds the SLA.Remote management of APs with Sonic WallAD/Exchange/Outlook administration - New user setups - distro groups - permissions - login scripts - group policy - printer and drive mappingNetwork monitoring with ObserviumPBX provisioning - extensions - mailbox setups - ring groups - forwarding - greetings - firmware - customization of featuresPro ticketing

PC Support Technician

• Aug 2014 - Mar 2015

This is a Volt contract positionWindows 7 migration including refurbishing and imaging of 1100+ end of life desktops, 400 new desktops, and setups/repair of 500+ laptops and tablets.Use of PowerShell and batch script customization to install software and drivers.Use of Remedy ticketing system to resolve customer issues and set up hardware and software for new users based on their needs.Network and local printer setups and support. Location of legacy drivers for very old local printers. Familiarity with software such as Meditech, Docuware, Alaris Carefusion, AS400, iPeople, Dragon, Centricity, Carestream, Navicare WatchChild, Fluke, Metasys/Johnson Controls, Lync, Outlook setups and personal folder location.Symantec AV, Encryption, and Enterprise Vault setups.Use of AD to locate users, lost or misplaced devices, and device name management.Use of SCCM to locate all Windows XP machines in the Enterprise network for migration.Professional and empathetic customer service when resolving sensitive user issues.Overtime mitigation to ensure projects remained within the scope.

Windows 7 Deployment Technician

• Jan 2014 - May 2014

This is a Volt contract position. User workstation and software surveys to apply to new Windows 7 system. Windows 7 deployment via engineer's script within a given time frame of 4 hours for a deployment, and 2 hours for a pre-deployment. Professional level customer service. This is a Volt contract position. User workstation and software surveys to apply to new Windows 7 system. Windows 7 deployment via engineer's script within a given time frame of 4 hours for a deployment, and 2 hours for a pre-deployment. Professional level customer service.

Customer Support Technician

• Sep 2013 - Dec 2013

Phone support for CCTV IP and Analog security camera systems. RMA processing and physical repair of cameras and camera systems. Phone support for CCTV IP and Analog security camera systems. RMA processing and physical repair of cameras and camera systems.

Internship

• Aug 2013 - Sep 2013

This was an unpaid internship. Here I was fortunate to experience a large corporate terminal server. I found drivers for all of the printers on the network and applied them. I also practiced setting up a RAID 5 array before installing Server 2003. I did this repeatedly to improve the speed of my work. I also configured a router on a dual NIC DHCP server to provide a separate network. I also learned how to terminate CAT5 cables. This was an unpaid internship. Here I was fortunate to experience a large corporate terminal server. I found drivers for all of the printers on the network and applied them. I also practiced setting up a RAID 5 array before installing Server 2003. I did this repeatedly to improve the speed of my work. I also configured a router on a dual NIC DHCP server to provide a separate network. I also learned how to terminate CAT5 cables.