This resume is made with CVwizard.com.changes, patch management, and architectural growth• Specialist in cyber security for healthcare and public sectorJuly 2014 - December 2015Senior ManagerCisco Security ServicesLeads Managed Threat Defense (MTD) advanced cyber threat detection for Cisco Security Services• 24x7 advanced cyber threat detection across 4 global Security Operations Centers (SOC) in USA, APAC, and EMEARResponsible for rapidly growing $5.5M service portfolioManages team of senior security investigators to hunt threats using advanced threat intelligence, security telemetry, and advanced analyticsDelivers and cultivates rapid threat detection using Cisco Sourcefire IPS with AMP, ThreatGrid sandboxing, advanced threat intelligence using the CIF, and OpenSOC, including Hadoop for consuming, parsing and analyzing 6 Gbps per PoP, with all forms of system telemetryCurates hot threats to rapidly respond and monitor for IOCs gleaned from emerging attacks, conceptual attacks, and urgent vulnerabilities such as Heartbleed and Shellshock2011 - 2014Senior ManagerCisco CSIRTBuilt and led global engineering staff of 17 security architects andengineers; delivering innovative solutions against growing threats,including APT.• Developed and coordinated broad InfoSec strategy to detect and contain advanced threats• Coordinated all CSIRT operations to ensure investigations, analysis, and engineering functions execute consistently• Architected, budgeted and delivered new $1M portfolio for CSIRT,enabling global cyber security solutions and growing investigationsstaff of 60.• Managed successful delivery of massive security response portfolioincluding Splunk, Cisco WSA, Cisco IPS, Sourcefire FirePower and AMP,Cisco ESA, FireEye, Passive DNS collection, DNS-RPZ, Cisco ISE, LancopeStealthWatch, and Mandiant, collecting over 20 billion events per dayinto 1TB of growing events per day.2009 - 2011ManagerCisco CSIRTManaged security operations team, 19-person global staff conducting 24x7 security monitoring, operations, and routine investigations for Cisco's network.• Developed scheduling and workload distribution to provide 24x7 monitoring• Negotiated, developed, and managed $500,000 portfolio of monitoring engagements for internal clients• Coached staff to new areas of responsibility and aptitude, enabling senior engineers to take on larger projects• Motivated team with creative rewards and growth, maintaining 0% attrition over 2 years• Drove improvements using Capability Maturity Model (CMM) by improving quality assurance, engagement clarity• Assured security in Cisco cloud services initiatives (TelePresence as a service) by providing risk-based monitoring and response (team recognized with "Collaboration Across Cisco" award)• Continuously operationalized detection and response infrastructure for new acquisitions, data centers, and PoPs
This resume is made with CVwizard.com.2005 - 2009Information Security Investigations ManagerCisco CSIRTInvestigated, mitigated, and provided subject-matter expertise for dozens of security incidents• Lead and drove improvements to information security monitoring and incident response• Developed strategy for broader team, ensuring project portfolio alignment with strategic objectives Conducted global threat summit with diverse IT staff, drove projects to mitigate identified threats Tested and drove improvements to Cisco products (CS-MARS, CS-IPS, others) by regularly engaging engineering/marketing based on deployment experience• Developed standardized incident response handbook for global investigative staff, coordinated input and approval across HR, Legal, and internal auditors• Selected to attend Cisco Global Technical Leader Program, 20082002 - 2005Security ArchitectCisco InfoSecProvidesecurity direction for Cisco projects. Specializing in web security, consult with IT project teams to providesecure architecture for large projects. Write policy and standards documents to address secure programming anddeployment.• Developed web auditing/remediation team to address web security vulnerabilities.• Served as architect for web services security Developed database security strategyDelivered a series of "Nerd Lunch" presentations to security staff on database, web services, and web securityAuthored for O'Reilly Media - SQL Injection DefensesDeveloped and delivered Secure Web Programming in Java course for global development staff Provided on-call incident response support: troubleshot high impact incidents, deployed firewall changes, investigated security incidents2000 - 2002IT EngineerCisco ITProvided technical direction to team of engineers. Acted as consultant to business clients in exploring concepts for new applications. Provided architectural guidance to Sales IT Architecture Team. Sized and delivered tool enhancements and integration efforts. Develop ed and articulated technical vision. Mentored engineers through coaching, training, and guiding through technical challenges. Delivered series of presentations to e-commerce staff on internationalization, queuing, and b2b data exchange via XML.Developed Partner Business Central - a portal into e-channels applications that allow Cisco partners to select, compare, and configure Cisco products, then interact with Cisco distributors for pricing, availability, and ordering. Product built in Java, using XML/XSL, CORBA, and Oracle, allows data exchange with business partners using XML over HTTP. Enabled RosettaNet integration for standardized message exchange with Cisco business partners.Publications and PresentationsSeven Most Damaging Attacks: 2015’s Lessons Learned in Intrusion DetectionCisco Live Management Sessions, 2015Real World Threat Hunting
This resume is made with CVwizard.com.Keynote, CONFidence Conference, Krakow, Poland, 2015Deconstructing Incident ResponseRSA Conference, 2015Security Monitoring: Proven Methods for Incident Detection on Enterprise Networks(co-author), O'Reilly Media, 2009Required reading for Network Forensic Analysis course at Boston University (2010)SQL Injection DefensesO'Reilly Media, 2007EducationMaster of EngineeringNorth Carolina State UniversityMaster of Engineering in Computer ScienceBachelor of ArtsIowa State UniversityBA, Business Administration in Management Information Systems (MIS)CertificationsCertified Information Systems Security Professional (CISSP)specialization: Information Systems Security Architecture Professional(ISSAP)Cisco Certified Network Associate (CCNA)Awards and HonorsManager of the Year (Cisco IT), 2012Collaboration Across Cisco Award, 2010for teamwork in securing infrastructure for Cisco's TelePresence during COP15