Resume This resume is made with CVwizard . com . Basic information Name Martin G . Nystrom Email address martin . nystrom @ gmail . com Website xianshield . org , blogs . cisco . com/author/martinnystrom , linkedin . com/in/mnystrom Objective Build and operate cyber security programs to protect customers and enterprises Profile Proven cyber security executive with experience delivering $50M + portfolios , building and leading customer - facing security services , and corporate InfoSec Commands advanced experiential knowledge on security threats and responseAdvises executive customers of security threat and operational trends in quarterly briefings Compelling presenter with credibility to engage customers and win businessPublished author , representing rich cyber security experience in books , papers , and executive briefings Specialties incident response , detection , and investigations security operations cyber threat intelligence application , network , and system security designing , deploying and securing web applications Work experience December 2015 - Present Director Cisco Security Services Responsible for global delivery of rapidly growing $55M managed security portfolio , including advanced cyber threat detection and security device management . 24x7 delivery across 4 global Security Operations Centers ( SOC ) in USA , APAC , and EMEAR Directs global team of team of senior security investigators to hunt threats using advanced threat intelligence , security telemetry , and advanced analytics Delivers and cultivates rapid threat detection and mitigation using Cisco Sourcefire IPS with AMP , ThreatGrid sandboxing , advanced threat intelligence using CIF , Soltra , and OpenSOC , including Hadoop for consuming , parsing and analyzing 6 Gbps at each PoP , with all forms of system telemetry and syslog Delivers expert security device management including monitoring , planned
This resume is made with CVwizard . com . changes , patch management , and architectural growth Specialist in cyber security for healthcare and public sector July 2014 - December 2015 Senior Manager Cisco Security Services Leads Managed Threat Defense ( MTD ) advanced cyber threat detection for Cisco Security Services 24x7 advanced cyber threat detection across 4 global Security Operations Centers ( SOC ) in USA , APAC , and EMEARResponsible for rapidly growing $5.5M service portfolioManages team of senior security investigators to hunt threats using advanced threat intelligence , security telemetry , and advanced analyticsDelivers and cultivates rapid threat detection using Cisco Sourcefire IPS with AMP , ThreatGrid sandboxing , advanced threat intelligence using the CIF , and OpenSOC , including Hadoop for consuming , parsing and analyzing 6 Gbps per PoP , with all forms of system telemetryCurates hot threats to rapidly respond and monitor for IOCs gleaned from emerging attacks , conceptual attacks , and urgent vulnerabilities such as Heartbleed and Shellshock 2011 - 2014 Senior Manager Cisco CSIRT Built and led global engineering staff of 17 security architects and engineers ; delivering innovative solutions against growing threats , including APT . Developed and coordinated broad InfoSec strategy to detect and contain advanced threats Coordinated all CSIRT operations to ensure investigations , analysis , and engineering functions execute consistently Architected , budgeted and delivered new $1M portfolio for CSIRT , enabling global cyber security solutions and growing investigations staff of 60. Managed successful delivery of massive security response portfolio including Splunk , Cisco WSA , Cisco IPS , Sourcefire FirePower and AMP , Cisco ESA , FireEye , Passive DNS collection , DNS - RPZ , Cisco ISE , Lancope StealthWatch , and Mandiant , collecting over 20 billion events per day into 1TB of growing events per day . 2009 - 2011 Manager Cisco CSIRT Managed security operations team , 19 - person global staff conducting 24x7 security monitoring , operations , and routine investigations for Cisco's network . Developed scheduling and workload distribution to provide 24x7 monitoring Negotiated , developed , and managed $500 , 000 portfolio of monitoring engagements for internal clients Coached staff to new areas of responsibility and aptitude , enabling senior engineers to take on larger projects Motivated team with creative rewards and growth , maintaining 0% attrition over 2 years Drove improvements using Capability Maturity Model ( CMM ) by improving quality assurance , engagement clarity Assured security in Cisco cloud services initiatives ( TelePresence as a service ) by providing risk - based monitoring and response ( team recognized with " Collaboration Across Cisco " award ) Continuously operationalized detection and response infrastructure for new acquisitions , data centers , and PoPs
This resume is made with CVwizard . com . 2005 - 2009 Information Security Investigations Manager Cisco CSIRT Investigated , mitigated , and provided subject - matter expertise for dozens of security incidents Lead and drove improvements to information security monitoring and incident response Developed strategy for broader team , ensuring project portfolio alignment with strategic objectives Conducted global threat summit with diverse IT staff , drove projects to mitigate identified threats Tested and drove improvements to Cisco products ( CS - MARS , CS - IPS , others ) by regularly engaging engineering/marketing based on deployment experience Developed standardized incident response handbook for global investigative staff , coordinated input and approval across HR , Legal , and internal auditors Selected to attend Cisco Global Technical Leader Program , 2008 2002 - 2005 Security Architect Cisco InfoSec Provide security direction for Cisco projects . Specializing in web security , consult with IT project teams to provide secure architecture for large projects . Write policy and standards documents to address secure programming and deployment . Developed web auditing/remediation team to address web security vulnerabilities . Served as architect for web services security Developed database security strategy  Delivered a series of " Nerd Lunch " presentations to security staff on database , web services , and web securityAuthored for O'Reilly Media - SQL Injection DefensesDeveloped and delivered Secure Web Programming in Java course for global development staff Provided on - call incident response support : troubleshot high impact incidents , deployed firewall changes , investigated security incidents 2000 - 2002 IT Engineer Cisco IT Provided technical direction to team of engineers . Acted as consultant to business clients in exploring concepts for new applications . Provided architectural guidance to Sales IT Architecture Team . Sized and delivered tool enhancements and integration efforts . Develop ed and articulated technical vision . Mentored engineers through coaching , training , and guiding through technical challenges . Delivered series of presentations to e - commerce staff on internationalization , queuing , and b2b data exchange via XML . Developed Partner Business Central - a portal into e - channels applications that allow Cisco partners to select , compare , and configure Cisco products , then interact with Cisco distributors for pricing , availability , and ordering . Product built in Java , using XML/XSL , CORBA , and Oracle , allows data exchange with business partners using XML over HTTP . Enabled RosettaNet integration for standardized message exchange with Cisco business partners . Publications and Presentations Seven Most Damaging Attacks : 2015 s Lessons Learned in Intrusion Detection Cisco Live Management Sessions , 2015 Real World Threat Hunting
This resume is made with CVwizard . com . Keynote , CONFidence Conference , Krakow , Poland , 2015 Deconstructing Incident Response RSA Conference , 2015 Security Monitoring : Proven Methods for Incident Detection on Enterprise Networks ( co - author ) , O'Reilly Media , 2009 Required reading for Network Forensic Analysis course at Boston University ( 2010 ) SQL Injection Defenses O'Reilly Media , 2007 Education Master of Engineering North Carolina State University Master of Engineering in Computer Science Bachelor of Arts Iowa State University BA , Business Administration in Management Information Systems ( MIS ) Certifications Certified Information Systems Security Professional ( CISSP ) specialization : Information Systems Security Architecture Professional ( ISSAP ) Cisco Certified Network Associate ( CCNA ) Awards and Honors Manager of the Year ( Cisco IT ) , 2012 Collaboration Across Cisco Award , 2010 for teamwork in securing infrastructure for Cisco's TelePresence during COP15