Experience

• 

  Reading hospital

  May 2015 - Aug 2016

  Information security intern

  - Ran reports in an enterprise class SEIM to identify IP addresses not routing through Infoblox and contacted appropriate personnel to route device through the correct DNS server- Investigated use of the fingerprint sensor as a viable security measure for iOS devices using Citrix Worx Mobile Apps- Used professional development time to prepare for the CompTIA Security+ certification exam- Actively participated in conversations with Network Administrators to better understand where information security and the network link- Used Metasploit to launch attacks at a non-production server to test Darktrace's abilities- Attended meetings with senior hospital personnel including VPs, Directors, and Managers to understand how large organizations operate with direct perspective to IT- Shadowed employees in different sub-sections of IT such as Security, PC Support, Networking, Network Administration, and Epic Systems Analysts Show less

• 

  Tower health

  Jan 2018 - Jun 2021

  - Served on team that deployed a new SIEM to replace the previous build- Served as SIEM Administrator and Engineer- Deployed an endpoint logging solution and centrally collected the logs for ingesting into the SIEM- Monitored an enterprise class SIEM daily and performed maintenance of the SIEM including forwarding device errors to appropriate departments for remediation- Configured new security products to send syslog to the SIEM- Wrote and tuned new SIEM alarms to sooner detect threats occurring in the environment- Created auto-response to SIEM alarms to change color of Philips Hue lights to add a visual indication for high priority alarm- Worked with MSSP to improve security posture and SIEM capabilities- Wrote PowerShell scripts to perform data manipulation to use collected data across multiple platforms- Performed Incident Response; identified infected machines, determined the remediation plan, and recommended controls to prevent re-infection- Handled operational tasks to ensure users experienced little to no delay after submitting tickets- Performed analysis on files flagged by enterprise A/V and whitelisted/blacklisted files as necessary- Used a next-gen firewall management console to investigate intrusion events in coordination with SIEM event logs- Used a vulnerability scanner to build and run scans on servers and endpoints, then coordinated with appropriate personnel to remediate exploitable vulnerabilities- Used an enterprise class email security product to further investigate suspicious emails and create rules to benefit employees- Ran reports in the proxy management console to monitor Internet traffic and watch for malicious activity- Monitored forums and feeds for new ways expand the department’s security posture- Investigated all phishing/spam emails reported by employees- Performed troubleshooting for 2FA and administered changes to global policy- First line for all tickets related to Information Security issues or approvals Show less

  • Information Security Analyst

    Mar 2019 - Jun 2021

  • Security Systems Administrator (Contractor)

    Jan 2018 - Mar 2019
• 

  Zions bancorporation

  Jun 2021 - now

  Cyber incident response engineer