Nicholas Lanham

Experience

• 

  Speedway

  Aug 2018 - Nov 2021

  ● Led QRadar SIEM, which included training users on the platform, delegating and tracking tasks, as well as acting as a point of escalation for analysts.● Managed more than 40,000 log sources on the LAN, in the cloud, and at stores.● Integrated over 30 different types of platforms and applications to work with our SIEM.● Created DSMs (Device Support Modules), which allow the SIEM to understand various custom or non-well-known device logs through Regular Expressions, JSON, LEEF, and CEF.● Assisted Security Operations with rule creation and tuning, identifying critical assets and systems, as well as tuning false positives.● Analyzed and filtered out logs with no security relevance to reduce platform costs and false positive alerts.● Developed and implemented Standard Operating Procedure documents to ensure timely and reliable completion of tasks on the SIEM and all supporting platforms.● Created a valuable firewall log report used by MPC and Speedway infrastructure teams to prepare and verify the network cut-over during sale to 7-Eleven.● Used C# to develop programs which updated security software at our stores.● Used Python on a daily basis to automate processing tasks such as manipulating spreadsheets, sorting large amounts of security data, converting lists of one data type into another, etc.● Integrated Azure & AWS into our SIEM for alerting and reporting.● Acted as a point of contact for any IT related troubleshooting, as our SIEM pulled events from nearly every device in the organization.● Maintained an application (QRadar) which included more than 30 Linux servers requiring initial setup, software upgrades, hardware replacement, and general administration.● Responsible for providing and maintaining all PCI DSS evidence regarding logging. Show less ● Created, analyzed, investigated, and remediated IDS alerts & reports using QRadar SIEM.● Acted as the first point of alert analysis to either escalate or identify & remediate false positives.● Discovered an out of place control through log analysis which, if not discovered, would have resulted in a critical PCI DSS finding due to store users having admin privileges.● Used Python and C# to develop an application to parse vulnerability scan data and distribute it to teams responsible for remediation, cutting weeks of manual labor out of the vulnerability remediation process and saving the company from having to purchase a tool.● Created presentations to teach members of the organization about Cyber Security annually during Cyber Security Awareness Month. Show less

  • IT Security Analyst

    Dec 2019 - Nov 2021

  • IT Security Intern

    Aug 2018 - Dec 2019
• 

  7-Eleven

  Oct 2021 - Aug 2022

  Security Engineer

  ● Title changed to Security Engineer post 7-Eleven acquisition of Speedway.

• 

  Fortified Health Security

  Aug 2022 - now

  • Security Implementation Engineer

    May 2024 - now

  • Security Implementation Specialist

    Aug 2022 - May 2024