|
|
|
|
Cyber Security Operations Manager Resume
|
| Desired Industry: Engineering |
SpiderID: 84456 |
| Desired Job Location: Argyle, Texas |
Date Posted: 1/16/2024 |
| Type of Position: Full-Time Permanent |
Availability Date: Immediately |
| Desired Wage: 200000 |
|
|
U.S. Work Authorization: Yes |
| Job Level: Executive (President, VP, CEO) |
Willing to Travel: No |
| Highest Degree Attained: Bachelors |
Willing to Relocate: No |
Objective:
Solutions-focused, innovative, and accomplished IT professional, with extensive experience in leading engineering projects and maintaining the security of systems, networks, and data across a Fortune 50 company.
Recognized for adeptness in developing and executing incident response plans and activities to ensure the preparedness of the organization for mitigating cybersecurity incidents. Expert at building and directing high-performance technical teams to drive the successful completion of complex projects within requirements, deadlines, and budgets. Knowledgeable of the latest standard techniques, procedures, and best practices toward proper coordination of security and engineering initiatives. Noted for solid work ethic, along with the capability to guarantee the confidentiality, integrity, and availability of sensitive information and technology resources.
Experience:
GOLDMAN SACHS ▪ VARIOUS LOCATIONS
VICE PRESIDENT ▪ SENIOR ENGINEER | DALLAS, TX Apr 2022–Nov 2023
Supported the development and implementation of the Goldman Sachs Innovation Center (GSIC), an externally hosted Amazon Web Services (AWS) environment facilitating swift and low-effort vendor proofs of concept (POCs) and displaying GS solutions to potential external customers and buyers.
Rendered comprehensive security oversight, coupled with hands-on coding of Terraforms for automated environment setup and specific POC requirements.
Took charge of introducing, contracting, building, and orchestrating multiple POCs for external vendor solutions, which included the following:
Linux Endpoint Detection and Response agent bake-off with CrowdStrike Falcon and SentinelOne;
Next-Gen Security Orchestration Automation and Response (SOAR) bake off in several platforms, such as Tines, Torq, and Splunk;
Attack Surface Management bake-off in numerous platforms, including Censys, CyCognito, Assetnote, Tenable, and Palo Alto; and
Advanced Malware Detection solutions, such as Deep Instinct, ReversingLabs, CrowdStrike Sandbox, VirusTotal Private Cloud, and Threat Grid.
Shared insights on various technology solutions, including potential limitations and pitfalls as well as opportunities with asset managers.
Assisted employee relations and compliance by conducting multiple investigations utilizing diverse data sources to understand employee behavior and by designing Splunk dashboards.
Developed playbooks, which guided investigators on using SOAR solutions and directly accessing O365 mailboxes.
Carried out investigations into hundreds of third-party fraud cases involving scammers that exploited the GS name for fraudulent activities.
Partnered with the FBI and external vendors to dismantle dozens of fraudulent domains, MX records, and Facebook, Telegram, and WhatsApp profiles.
Highlight:
Successfully built enduring bi-directional relationships with technology vendors, leading to interactions with over 100 vendors across various spectrums on behalf of investment banking businesses.
VICE PRESIDENT ▪ SENIOR ENGINEER | DALLAS, TX Jul 2017–Apr 2022
Led a 40-member Security Incident Response Team, which comprised of the following cybersecurity teams:
Detection Engineering Team in charge of creating new detections and fine-tuning existing ones within SIEM by creatively maximizing the use of new and existing logs and building analytics within various vendor solutions; and
SOAR Team specializing in triaging cases, resolving incidents, conducting forensic investigations, preparing playbooks, and automating response actions through Phantom Cyber automation platform.
Established a dedicated Forensics Team from the ground up, which included the development of a training curriculum and the management of tool selection.
Created and implemented curriculum and training materials suitable for individuals with diverse backgrounds and varying education levels.
Highlights:
Successfully grew teams, from 12 to 40 employees in less than three years.
Devised and executed a real-time streaming detection and response platform in AWS for both cloud-native and third-party logs, which incorporated automated collection of disk and memory forensic artifacts.
Wrote multiple end-to-end fully automated incident response playbooks in Phantom Cyber, which aided in reducing analyst caseload, closing thousands of cases annually, and thus saving an equivalent headcount of 15.
Contributed to the development of a practical Security Operations Center (SOC) layout for our new building and constructed multiple dashboards for overhead TVs using Grafana and InfluxDB, which enhanced operational efficiency and decreased the average time to ownership for security cases by more than half.
VICE PRESIDENT | DALLAS, TX Oct 2015–Jul 2017
Spearheaded investigations into cybersecurity incidents for a Fortune 50 company.
Generated and modified various playbooks to guarantee consistent response and in-depth investigations among team members.
Facilitated numerous training sessions for fellow analysts on the Windows operating system, such as potential threat actor targets and key items to watch out for.
Highlights:
Programmed more than 100 advanced detections, which enabled the Threat Analysis Team or external sources to utilize new log sources or identify additional tactics, techniques, and procedures.
Guided the integration of the MITRE ATT&CK model into the internal cybersecurity model, while determining gaps in detection coverage and resolving those gaps through creation of detections using existing log sources.
VICE PRESIDENT | NEW YORK, NY Sep 2007–Oct 2015
Delivered third-level support for all Windows devices within the firm, with a primary emphasis on automation.
Engineered multiple solutions aimed at eliminating manual tasks, mitigating risks, and delivering critical management reporting and alerting functionalities.
Constructed a fully automated migration platform to aid in transferring users from Windows 2003 virtual desktop infrastructure (VDI) to Windows 7 VDI, along with all applications, profile settings, favorites, and cookies.
Oversaw VDI capacity throughout the firm-wide deployment, which involved procuring hardware, constructing hypervisors and virtual machines (VMs), as well as generating charts and low-capacity alerts.
Collaborated with the user support group to identify and address systemic issues to reduce call volume and enhance overall system efficiency.
Headed the testing and global deployment of Windows 7 thin client to all users within the firm.
Highlights:
Directed the construction of new data centers, which entailed building all infrastructure components and liaising between the Networking Team and the data center services to ensure timely project delivery.
Led the design and development of a global DFS-R infrastructure, facilitating the replication of network-based applications, Application Virtualization (App-V), and application content.
EARLIER POSITION HELD:
SENIOR SYSTEMS ANALYST | NEW YORK, NY Jul 2001–Sep 2007
Education:
Bachelor of Science in Finance and Information Systems, May 2001
New York University ▪ New York, NY
Skills:
Insider Threat Investigation
Application Integration Support
Network Security Protocol Implementation
Security Architecture and Engineering
ITIL Process Engineering
Quality Assurance and Control
Network Infrastructure Design and Deployment
Technical Problem Resolution
Additional Information:
Licenses and certifications
(ISC)˛ Certified Information Systems Security Professional (CISSP) | 2023
AWS Certified Security – Specialty | 2022
AWS Cloud Practitioner | 2019
GIAC Certified Incident Handler (GCIH) | 2018
GIAC Certified Forensic Analyst (GCFA) | 2017
Awards and achievements
Immersive Labs Score: 113,025
Candidate Contact Information:
JobSpider.com has chosen not to make contact information available on this page.
Click "Contact Candidate" to send this candidate a response. |
|
|
|
|
|