Aron Anderson

Experience

• 

  Plymouth Housing Group

  Aug 1997 - Jun 2000

  PC/Network Manager

  Network and computer support for administrative office and satellite locations. Includes all related planning and training on computer related services.

• 

  Adobe

  Jun 2000 - now

  Lead for security operations team focused on enterprise and cloud security. Key responsibilities include incident triage and response, SIEM development and tuning (QRadar and Splunk) based on threat analysis, review of new services for security efficacy and monitoring, MSS\vendor management, security project management, and updates to security related documentation and standards. Key Responsibilities: • Implementation of security auditing and monitoring goals for service changes, such as migration to cloud hosted active directory, rollout of privileged account controls, and initiatives tied to security automation and orchestration• Technical and project ownership of SIEM content migration from QRadar to Splunk, covering thousands of log sources, hundreds of rules for alerting, and sourcetypes. Examples include network security (FW/IDS), host logs, authentication events, and Web/DB activity • Updates to monitoring content and tools based changing security threats or techniques (TTPs), for example new attacks using powershell and alerts related to changes in AWS security group policies• Threat modeling generated from internal research or provided by a trusted 3rd party for review and analysis, including new alerts utilizing vetted IOC’s• Updates to published security documentation and standards, both for team consumption and as part of the Common Control Framework Show less Senior member of the enterprise security team focused on IR and triage escalation. Additional responsibilities included presentation of security trends and incident postmortems to internal groups, ownership of significant vulnerabilities and incidents for remediation, and monitoring of threat intel reports for inclusion as a formal IOC for tracking and alerting. Key Responsibilities: • Incident response and triage for enterprise security events covering network (FW/IDS/Flow), host(OS/AV/FW), authentication (AD/3rd party) and application specific alerts (Web/DB)• Support of security auditing and monitoring goals for compliance with PCI and SOX, including interpretation of control statement and the required activity • Security consulting with other IT groups and product teams including successful implementation of new processes for auditing and monitoring• Project planning and migration of all QRadar operational support to IBM MSS over 9 months, including tracking/reporting on progress, creation of new event triage and escalation procedures for the vendor, and establishment of tracking measurements for migration success • Review and response of significant security vulnerabilities requiring coordinated response across the enterprise (Heartbleed, Poodle, etc.)• Development and training of new team members in event triage, incident support and utilization of SIEM and other security tools• Review with security vendors proposed product enhancements and POC’s for evaluation Show less Member of the enterprise security team focused on security tool support, management of scanning solutions and triage, and initial triage and review of new security alerts. • Operational support and management of endpoint security solutions (McAfee ePO, HB Gary), including planned upgrades and coordination with key stakeholders • Operational support and management of vulnerability scanning solutions (Qualys, MVM), including triage with service owners directly• Planning and rollout of enterprise wide web proxy service• Review and escalation of endpoint security alerts Show less

  • Enterprise Security Manager

    Jan 2020 - now

  • Senior Security Engineer Lead

    Jan 2016 - Mar 2021

  • Senior Security Engineer

    Jan 2010 - Jan 2016

  • Security Administrator

    Jun 2002 - Jan 2010

  • NOC Engineer

    Jun 2000 - May 2002