Experience

• 

  Cytech services

  May 2016 - Aug 2018

  Performed a wide variety of roles including being the primary PoC for our MSSP service, deployment engineering, sales engineering, systems administration, cloud administration, and incident response. In late 2017 I began development of an Elasticsearch security analytics platform to provide greatly increased capabilities to our MSSP service which was experiencing declining revenues. In late 2018 the company was reincorporated as CyFIR LLC and received substantial investment; The ELK platform subsequently became an integral piece of our software and sales strategy.Key responsibilities in role were:• Lead engineer on the development of our custom Elasticsearch security analytics platform.Normalizing big data SQL and enriching endpoint telemetry data with cyber threat intelligencethrough custom plugins and scripts. Designed custom dashboards, visualizations, and alerts to provide in depth details about customer environments ranging from the hundreds to thousands of endpoints.• Administration of all cloud including AWS, Azure, and Elastic Cloud. Duties include deployment,imaging, configuration, security administration, and working directly with clients to tailor instances to match customer requirements.• Responsible for developing, configuring, and deploying our proprietary servers to clientenvironments.• Managing the configuration and security for all internal IT assets. Including Active Directory, Firewall, and virtual assets.• Implementing new security measures company wide and training company personnel in their use.• Engineering and management of our training program utilizing AWS infrastructure to demonstrate the capabilities of our proprietary digital forensics software.• Perform remote and on-site incident response engagements utilizing digital forensics tools toinvestigate and remedy client security breaches. Show less Lead the managed security services team working with directly with clients to provide increased insight into their environment and discover potential security threats. As the initial employee in this department I established the foundational guidelines, procedures, and reports to meet business goals and client requirements. Created and implemented hardware requirements to improve software performance and compatibility. Performed deployment and implementation of hardware and software to client environments.Key responsibilities in role were:• Communicating with clients on security threats in their infrastructure and working with their teams in developing resolutions.• Performing endpoint monitoring, basic analysis, reporting, and incident escalation covering a widerange of environments; working with clients to provide increased understanding and visibility of their networks.• Performing real time threat mitigation on client networks using our proprietary digital forensics software to provide clients with detailed information of ongoing threats and vulnerabilities.• Engineering server hardware and evaluating new software to increase software performance andstability for use in client networks.• Maintaining and improving the companies critical IT infrastructure to provide increased capabilities and improve overall security posture.• Creating detailed monitoring reports based on telemetry received from our software to increase client satisfaction and retention.• Establishing new protocols to increase department performance and improve the capabilities of the managed services team. Show less

  • Security Operations Center Lead

    Sept 2016 - Aug 2018

  • Incident Response Analyst

    May 2016 - Sept 2016
• 

  Cyfir

  Aug 2018 - Oct 2019

  Delivery and deployment engineer

  Lead engineer for an ELK based security analytics platform performing design, delivery, andimplementation to meet evolving critical business and client requirements. Provided internal and external support clients and sales engineers across numerous engagements. Leading a team of engineers in the end to end development and growth of the product to drive increased revenue.Major responsibilities include: • Managing technical oversight on multiple engagements for enterprise client deployment, delivery, and implementation. • Determining requirements and goals to meet deadlines and continuously develop new features. • Development and implementation of roadmap strategies and workflows for improving systemscalability, reliability, supportability, security, and performance. • Evaluating the performance and applicability of new tools to grow the product and meet currentindustry trends. • Creating detailed documentation and procedures to continuously improve the quality and speed of deliverables. • Communicating with business leadership on progress and outcomes of ongoing engagements and development. • Integrating new tools and plugins with other components of the data ingestion pipeline, ensuring the data is cataloged and search indexes are well maintained and always up to date. • Identifying market opportunities and the effective implementation of strategies for improved financial performance for the short-term and long-term. • Creating solution architectures and estimates to support the software features required to meetdifferent data and analytics use cases. • Lead ongoing development with a team of engineers following an agile development cycle to drive growth based on business and client feedback. Show less

• 

  Infinitive

  Nov 2019 - now

  Senior consultant

  Consultant for industry leading clients delivering engineering, development, and architectural expertise. Project focuses include development and management of AWS environments, architectural support for a big data cyber datalake, and development of advanced ETL solutions for cyber oriented data. ● Work with DevOps engineering team to provide platformstabilization, feature enhancement, automation, and systemintegration efforts. • Deliver end-to-end data engineering architectural solutions that align with client's existing infrastructure and tools. Projects have involved complex multi-cloud environments and market specific software across the financial, entertainment, and health industries. • Perform analysis of existing architecture to provide and implementrecommendations and deliver substantial cost savings whilemaintaining scalability. • Initialize AWS environments using automation and security controlsfor User, Data, and Networking regulations and requirements. • Provide executive team with routine updates on security controlmilestones and risk analysis. • Lead and contribute to internal initiatives including project proposals, business intelligence, PoCs, and internship programs. • Spearhead data migration effort to Logstash based ETL solution.Developed over 100 data transformation pipelines for Cyberoriented log sources. Show less