FISERV Enterprise Technology Group Headquartered in Wisconsin Recognized for skill, professionalism, and accomplishments: Promoted from within from Monitoring Analyst to Information Security Engineer to Information Security Engineer III. Charged with Lead Engineer on major client projects. 43+ company recognition awards Lead the administration, deployment and support of security tooling including: Proxy solutions, Web Application Firewalls, and XML Security Gateways for the business units. Navigate in fluid environment; update and revise requirements, programs, and processes as business objectives, the security environment, and the technology base evolve. >>> Information Security Engineer III: Provide technical information security guidance, security requirements, and policy interpretation to managers, data owners, project leads, and stakeholders. Design/deliver workable solutions for security capabilities/vulnerabilities that optimize secure communications, networks, platforms, and business operations across the security applications. Research/evaluate new IS products. Execute IT Disaster Recovery Plan. Determine and propose appropriate remediation activities.
- INFORMATION SECURITY ENGINEER III at Fiserv
- Network Administrator at US Marine Corps
5 years, 3 months at this Job
- BSBA - Business IT Management
- Masters of Science - Management
As a member of the Security Operations Center I am primarily focused on incident and phishing response and responding to and tuning of alerting. Performs analysis on endpoint, IDS/IPS and phishing alerts and takes appropriate remediation action to contain events. Develops, collects and refines security metrics and KPIs and presents monthly to Global Security leadership. Using collected metrics, suggests improvements to email team and vendors for tool and process improvements. Developed and wrote a phishing playbook to standardize all SOC engineer responses to phishing events. Created materials for and performs phishing awareness training for employees who interact with phishing email. Works with stakeholders throughout the company when security incidents are identified to remediate policy and security violations. Researches and maintains an awareness of security topics and the state of information security across the industry.
- Senior Information Security Engineer at Aetna
- Information Security Engineer at Aetna
- Information Security Analyst - Senior at Aetna
- Information System Security Officer at Raytheon Missile Systems - Tucson
2 months at this Job
- M.A. - Project Management
- BS - Information Science and Technology
• Continuously audit of IT policies, ensuring secure practices are being followed.
• Act as security liaison with internal software developers and perform code review on critical repositories for third party libraries with vulnerabilities.
• Implement and maintain compliance across entire organization for SOC.
• Conduct comparative analyses of vendors and technical solutions.
• Design and implement technical solutions (AlienVault IDS, Sophos, StrongDM, VMWare AirWatch).
• Investigate, analyze and manage information security events and alerts generated from IDS and Guard Duty.
• Security Monitoring and Vulnerability management.
- Information Security Engineer at Security Monitoring and Vulnerability management
- Director of Information Technology at Bost, Inc
- Sr. Linux Systems Administrator at Xyleme, Inc
1 year at this Job
- Bachelor of Information Technology - Information Technology
- BA - Security
2 years 4 months + Work cooperatively with Service Delivery Managers, SOC, and other internal teams to establish and maintain a strong and supportive relationship with clients. Communicate effectively both internally and externally, and provide superior customer service throughout the lifecycle of the client. Proactively protect client systems and data through application of advanced security and technology knowledge, using the ActiveGuard platform and related products. Provide continuous managed security and service improvement oversight, and vigilance to possible new threats and the effects of infrastructure changes and vulnerabilities on the client's security status. Utilize escalated events and other tuning opportunities to optimize ActiveGuard and client configurations. Eliminate invalid events and increase the security value of the remaining events, reducing false positives and overall event volumes and assuring that events and alerts provide useful, actionable security event data to the client. Participate in assigned on-call and incident response activities as part of client security service delivery. Function in a technical QA and escalation capacity to support SOC staff and external clients on matters pertaining to Solutionary's service offerings and the digital security considerations of client systems. Engage in continuous tool improvement, process improvement and quality control and documentation activities to strengthen ActiveGuard and all phases of service delivery. Such activities may include participation in new hire training, rules creation and certification support, SCE mapping, helping design specifications for new reports or improved ActiveGuard functionality.
- Information Security Engineer at NTT Security
- Security Operations Engineering Technical Lead at NTT Security
- Senior Information Security Analyst/Shift Supervisor at Solutionary
- Information Security Analyst at Solutionary
2 years, 3 months at this Job
- Associate's degree - Computer Systems Networking and Telecommunications
Design and implement firewall requests for bank customers across Palo Alto Panorama,
Cisco, and Checkpoint firewall environments
• Work with application developers and Information Security Officers to establish security needs
• Ensure compliance with security policies and standards
- Information Security Engineer at Wells Fargo
- Network Analyst at Vail Resorts Inc
- PC Technician at Vail Resorts Inc
- IT Intern at Intermountain Healthcare
10 months at this Job
• Working with multiple clients on Real time threat management using SIEM and solutions.
• Provided support in identifying malicious network activity, threats impacting network operations and developing appropriate countermeasures, eliminating network threats and vulnerabilities.
• Performed information security incident response and incident handling based on Working with multiple clients on Real time threat management using SIEM and solutions. Categorization and in accordance with established procedures
• Integration of different devices/applications/databases/ operating systems with SIEM.
• Monitors agencies sensors and SOC (Security Operation Center) systems for incidents and malicious activity.
• Executed daily vulnerability assessments, threat assessment, and mitigation and reporting activities in order to safeguard information assets and ensure protection has been put in place on the systems.
• Designed and implemented enterprise SIEM systems: centralized logging, NIDS, alerting and monitoring, compliance reporting, based on SIEM.
• Responsible for SIEM monitoring and configuration aligned to internal PCI and SOX controls
• Manage the day-to-day log collection activities of source devices that send log data to SIEM.
• Identifying incidents and make recommendations to protect the network using Nmap, Nessus and Wireshark
• Assist in the administration and integration of security tools (SIEM) to include new data/log sources, expanding network visibility and automation
• Performed social engineering attacks using kali Linux and Metasploit to identify the security vulnerabilities in the system.
- Information Security Engineer at Harbor Technology Group
- Information Security Engineer at Wawel Bank
- Network Security Engineer at Viitorcloud Technologies
- Network Engineer at Codebits Technologies
1 year, 11 months at this Job
• As Member of the Security Architecture and Infrastructure team I worked in designing strategies to protect enterprise from information technology threads. ◦ Designed, implemented and configured Cisco Firepower IPS systems on data centers and local remote locations and international locations. ◦ Designed IPS policies and implemented them based on network traffic and vulnerabilities. ◦ Integrated Qualys data with IPS systems. ◦ Integrated third party security intelligence feeds into IPS and log aggregation to use them in log correlation with the enterprise SIEM Arcsight. ◦ Helped analyze and improve current web proxy Blue Coat/Symantec web security policy. ◦ Evaluated and tested different vendors for security solutions by implementing POC in order to compare results and select the best vendor. * SSL decryption POC - Antivirus POC - Desktop Sandboxing POC - IPS POC ◦ Analyzed network threads and implemented controls to mitigate risks using Arcsight ESM, Firepower IPS, and Tipping Point IPS. ◦ Designed correlation of security logs to alert SOC team of threats using Arcsight. ◦ Responded to threads after incident escalations. ◦ Designed security controls and tested current security controls in a Red team/ Blue team effort by performing controlled penetrations tests. ◦ Responded and implemented controls following external penetration test results. ◦ Member of the team that implemented new security Managed Security Service through Cisco. ◦ Monitor and analyze data flow to identify and block malicious behavior and activities with the use of Arcsight, Cisco Firepower, Tipping Point and other tools. ◦ Monitor and analyze network traffic and IDS/IPS logs to identify attacks. ◦ Find risk areas that will require vulnerability prevention and suggest strategies to mitigate risks ◦ Support the SOC team as an escalation member.
- SR. INFORMATION SECURITY ENGINEER at MIAMI DADE COLLEGE
- SECURITY ENGINEER at ASSURANT
- SR. NETWORK ENGINEER at MIAMI DADE COLLEGE
- IT MANAGER/IT ADMINISTRATOR at KEMPLER & CO, INC
2 months at this Job
- - TELECOMMUNICATIONS ENGINEER
- HIGH SCHOOL DIPLOMA
Participate in Incident Response activities for assigned IT systems. Advise system owners on all matters, technical and otherwise, involving the security of assigned IT systems. Develop standard operating procedures in accordance with security control requirements. Perform continuous monitoring of security controls to ensure that they continue to be implemented correctly, operating as intended and producing the desired outcome with respect for meeting the cybersecurity requirements for assigned IT systems. Work with technical teams to mitigate security control deficiencies for assigned IT systems. Assess the cybersecurity impact of changes to assigned IT systems. Conduct self-assessments of security controls, identify weaknesses and track remediation activities in Plan of Action and Milestones (POA&M). Conduct technical vulnerability assessments and prioritize and track remediation efforts. Manage the POA&M process for designated IT systems. Provide the required system access, information, and documentation to security assessment and audit teams. Participate in security assessments and audits for assigned systems and facilitate obtaining evidence for data requests. Complete required A&A (Assessment and Authorization) activities on assigned IT systems. Assist federal staff in assessing new applications, identifying applicable NIST SP 800-37 RMF requirements and advising system owners of the process.
- Information Security Engineer at SPN
- IT Security Analyst at MindPoint Group
- Cybersecurity Assurance Engineer at Crest Consulting Group
- Security Specialist at GAP
3 years, 2 months at this Job
- Bachelor of Science - Cyber Security
- Master of Science - Criminal Justice
• Responsible for Data Loss Prevention(DLP) configurations, monitoring activity, AirDefense configurations and threat detections
• Configured the DLP tools, worked on scripts and provided support to team with info on daily meetings, activities.
• Responsible work Fidelis configurations, worked on tools on threat prevention and information security on both mail exchange and share drives.
• Worked on Fidelis, Worked on license additions, monitoring and ldap. Monitored through debug, threat prevention and detection process and configs are peer reviewed by teams
• Experienced in Vulnerabiliy scanning tools, as well as network security and monitoring tools such as IDS/IPS,Nexpose,Qualys,Splunk,and wireshark.
• Worked on corporate and retail environment Airdefense set up and firmware upgrades, sensor set up, application monitoring
• Airdefense sensors set up for scanning and security, Cisco AP's are set up for general networking and internet access.
• Inspected configuration, checked configuration compliance, test IT Controls functionality and inspected logs. Reviewed signatures within IDS/IPS tools (Snort) to ensure signatures are up to date to minimize false positive and false negative in the System.
• Work on escalations and activates new turn up for new clients and also advance troubleshooting for the SDWAN deployment in both ISP and network infrastructure on both versa and cisco viptela SDWAN Solutions
• Working experience with Datacenter Switches such as Nexus 2K, 5K and 7K.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall
• Managed security firewalls such as ASA and Fortinet firewalls in datacenter environment.
• Used Azure Powershell and Runbooks to automate Azure tasks
• Configured email relay and alerts in the environment., Configured syslog's for the application.
• Provide assistance to system owner, enclave, and/or site personnel by reviewing and completing required system documentation and SOPs addressing cybersecurity requirements for assigned systems.
• Prevented various malware attacks using IDS and IPS which are identified by signature based and anomaly-based engines
• Worked with Cisco ACI for the virtual network and SDN.
• Provide a MARS-E v2.0 SAR based on the CMS SAR template: Executive Summary, Security Review Results: Includes a security control review summary for each control family in MARS-E v.2.0, a description of all issues and findings for each control, recommendations to bring controls into compliance, and the complete results of all system scanning, including an associated vulnerability analysis.
• Experienced in Authentication, Endpoint Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Data Loss Prevention (DLP), Identity and Access Management (IAM) solutions
• Highly skilled in deployment, data security and troubleshooting of the applications using AWS services.
• Activates and Deploy SDWAN appliances for customers on Mpls circuit and DIA circuit and able to get it running on MPLS VR, INTERNET VR and LAN VR of various customers in accordance to their network design with BGP, OSPF, RTP,SIP, and other protocols
• Implemented high availability with Azure Classic and Azure Resource Manager deployment models
• Update and create policy documents to comply with the DoD RMF and the Inspector Audit system logs and build alerts and searches using the SecureVue Security Incident and Event Manager (SIEM)
• Managed the large security, risk and compliance initiatives of SOX-404 IT, PCI DSS and HIPAA/HITECH, Privacy Act, FFIEC, FTC including security policies, procedures and controls.
• Coordinate Symantec DLP, endpoint protection manager and anti-malware bytes exploit for endpoints agent and software upgrades. Experience in cloud security, threat monitoring, and prevention.
• Identified the vulnerabilities and non-compliant issues in the network and applications using vulnerability scanners and SIEM tools.
• Extensive level of experience on Network firewall security like Palo Alto, ASA, IPS/IDS, checkpoints, NGX R65 Gateways, Secure Platforms.
• Assisted with all audits review related to Dealertrack DLP application and Dealertrack website access control
• Proficient in AWS services like VPC, EC2, S3, ELB, Auto Scaling Groups (ASG), EBS, RDS, IAM, Cloud Formation, Route 53, Cloud Watch, Cloud Front, CloudTrail.
• Defined project scope, produce the MARS-E v2.0 IT audit project plan, which includes: A description of assessment activities and timelines, a process for reviewing potential findings and recommendations with AHIM, and an IT audit assessment controls checklist using the MARS-E 2.0 documentation.
• Collaborated with other departments in investigations for HIPPA and PCI violations.
• Supporting the operational needs of customers using Stealthwatch for network security and forensics.
• Developed shell Python scripts to automate the maintenance process.
• Hands on experience in conducting Web Application Security scan, Ethical Hacking using commercial and non-commercial applications and methodologies such as SANS Web application assessment, OWASP Top 10 and CVSS Scoring using IBM App Scan.
• Worked in IDS/IPS to trigger the alerts which intern used for forensic purposes
• Utilized Splunk for monitoring and reporting purposes and to identify potential threats.
• Configuring network devices to send Syslog messages externally, which contains the required amount of data for forensic and compliance.
• Responsible for auditing server and workstation security configurations and working closely with server support staff to take corrective actions where necessary
• Vulnerability assessment using tools such as Nessus and Qualys, and implementation of Security Policies. Knowledge in design and deploy of F5 LTM, GTM, APM, ASM solutions.
• Experience with industry recognized SIEM (Security Information and Event Management) solutions such as NITRO, Splunk, Forcepoint and many other tools.
• Oversee Vulnerability assessment /penetration testing of scoped systems and applications to identify system vulnerabilities.
• Participate in troubleshooting SDN/SD-WAN deployments
• Provide consultation regarding segmentation, security and policy of the SDN network
• Provided critical analysis of cloud access management capabilities for the Cybersecurity Architecture Review which serves as a baseline for evaluating Federal Civilian Agencies cybersecurity architecture.
• Excellent knowledge of FISMA, HIPAA and NIST Compliance usage, rules and regulations
• Use Splunk Security Manager to identify threats and assigned category.
• Strong understanding of DLP Architecture, Rules and Policies and its implementation
• Assist in the creation of an end-to-end technology strategy for SIEM to address current and future security concerns, emerging threats, regulatory compliance and alignment with technology and the business
• Provide support in security architecture, design, developing, monitoring and supporting enterprise infrastructure environment
- Information Security Engineer at CVS Health
- Sr. Network Security Engineer at Biogen
- Network Engineer at IEGRP & OSPF
- Jr. Network Engineer at Kensium Solutions Pvt Ltd
1 year, 3 months at this Job
- Bachelor's in Electrical and Electronics Engineering - Electrical and Electronics Engineering
• Design secure networks, systems and application architectures
• Monitor and protect sensitive data and systems from infiltration and cyber-attacks
• Use Rapid 7 MDR to conduct penetration testing
• Prepare reports of findings to be reported to management
• Constant monitoring of networks and systems for security breaches or intrusions
• Install McAfee antivirus and Win Magic encryption software
• Educate the workforce on information security through training and building awareness.
• Use risk assessment tools, technologies and methods
• Assist end users with installation or processing of new security products and procedures
• Communicate network security issues to peers and management
• Read and use the results of mobile code, malicious code, and McAfee anti-virus software
• Perform standard software installations and troubleshooting
- Information Security Engineer at Change Healthcare
- Team Lead Desktop Support at Aspire Healthcare
- Desktop Support Technician at Change Healthcare
- Team Lead Desktop Support Technician (contract position) at Vanderbilt University Medical Center
6 months at this Job
- Associates of Applied Science degree - Applied Science
- Bachelor of Science degree - Television Production