Aug 2014 – Jan 2016 · 1 yr 5 mos · Greater Detroit Area

• As a member of the Cyber Response team, I am responsible for the day to day operations and maintenance of the RSA Security Analytics SIEM to allow expedient security incident investigations.
• Manage and maintain 19 server SIEM infrastructures health and availability.
• Integrate new log sources and verify logging functionality to meet regulatory requirements and troubleshoot any logging issues.
• Perform quarterly/yearly formal health check and administrative functions.
• Provide enhancements to the SIEM through various data enrichment methodologies including proper contextual information.
• Provide threat analysis to Incident Response team lead on current investigations analyzing various log sources.
• Implement various open and closed source threat intelligence feeds and analyze for proper alerting.
• Investigate and integrate various open source projects to better enhance Ally’s security posture.
• Create custom alerts, reports and other monitoring processes to ensure business continuity and various audit requirements.
• Develop streamlined processes for data analysis and SIEM management through Python scripts
• Perform mentoring and training of SIEM users

Jun 2013 – Jun 2018 · 5 yrs · http://sourceforge.net/projects/stratagem/

• Stratagem is a Linux distribution for honeypots, network forensics, malware analysis and other supporting tools. Stratagem is based on Linux Mint 14 XFCE.
• The following honeypots are setup and ready to go.
• Dionaea
• Kippo
• Glastopf
• HoneyD
• Amun
• labrea
• Tinyhoneypot
• Thug
• Conpot
• http://sourceforge.net/projects/stratagem/

Feb 2013 – Aug 2014 · 1 yr 6 mos

• As a member of the Information Security Operations Center (SOC) team, I am responsible for the day to day Information Security activities to protect the confidentiality, integrity, and availability of member, employee, and business information system resources. Primary responsibilities include monitoring and investigating security events on over 2000 Windows, Linux, and Unix servers and over 800 routers, switches, and 20,000 endpoints.
• Provide threat analysis to Incident Response team lead on current investigations
• Analyze network intrusion alerts indicating potential botnet activity using CheckPoint Anti-bot blade
• Perform memory analysis of infected systems to determine the scope and impact to the Blue Cross environment
• Perform weekly scanning of the Blue Cross Blue Shield infrastructure using QualysGuard
• Research new analysis techniques using Qradar SIEM to improve overall techniques and resolution times
• Monitor, detect, and block rogue wireless access points using Air Magnet Enterprise
• Coordinate cross-departmental meetings to address zero-day vulnerabilities, and Risk Management reporting.

Mar 2010 – Feb 2013 · 2 yrs 11 mos · Auburn Hills, Michigan

• Windows Client Engineer responsible for developing and supporting the Windows 7 and Windows XP Professional desktop images used in the Chrysler environment.
• Develop, maintain and support the Windows 7 and Windows XP Professional desktop images for Chrysler for distribution using Microsoft Deployment Toolkit 2010 and Microsoft Systems Center Configuration Manager.
• Develop and update various VBScript automated processes used during image creation as needed.
• Develop and maintain Group Policy objects to meet security standards as well as business needs.
• Test and implement monthly security patches for all affected systems.
• Current projects
• BitLocker compliance
• Develop process to ensure 100% BitLocker compliance per Chrysler corporate standards within 24 hours after user receives new laptop.
• User State Migration Tool - Windows 7 migration
• Customize settings of Microsoft tool to provide a smoother user-profile migration of all appropriate data and settings specific to the Chrysler user base.
• Created adaptable GUI front end for onsite technicians to initiate a backup and restore process quickly.
• Windows 7 migration - Application Compatibility Toolkit
• Lead engineer responsible for using the Microsoft Application Compatibility Toolkit to create customized "shims" to remediate some applications that have issues running on Windows 7.
• Windows XP Office Automation image development
• Develop and maintain standardized Windows XP operating system image to cover many platforms across 30,000 systems through Chrysler.

Jan 2007 – Sep 2009 · 2 yrs 8 mos

• Lead engineer responsible for operating system, applications, and critical security patch distribution projects to more than 20,000 computer systems globally in support of General Motors.
• Lead Deployment Engineer, Software Distribution team
• Lead remote application and operating system deployment projects using HP OpenView Configuration Manager (Radia).
• Troubleshoot and remediate any deployment issues. Solve problems with the least amount of down time to the customer.
• Direct HP OpenView Configuration Manager best deployment practices.
• Streamline troubleshooting and remediation processes.
• Windows Desktop Engineer, Client Engineering team
• Design, engineer, build and configure new Windows XP Professional and x64 Edition standardized operating system image for global distribution.
• Design and implement Vbscript solutions for application installations, system driver updates, and community specific desktop settings.
• Design Altiris Rapid Install and Radia packages as required.
• Develop and document processes for Altiris Deployment Server and HP OpenView Configuration Manager.
• Professional Accomplishments
• Promoted to Lead Deployment Engineer from Windows Desktop Engineer for major global deployment project.
• Developed training programs and troubleshooting guides for technicians to be used during the global deployment of new Windows based operating system images using HP OpenView Configuration Management.
• Identified and developed global solution that saved General Motors $100,000, helped meet service level agreements and decreased the amount of lost user productivity during operating system deployments by 5%.
• Developed a standardized desktop image for the OnStar call centers where they previously used eight separate images. This has so far yielded a 20% increase in efficiency and an overall yearly savings of $75,000.

Mar 2002 – Jan 2007 · 4 yrs 10 mos

• Provided day to day first, second and third level desktop support to 1,000 clients at the General Motors Pontiac Structural Lab as well as the Warren Electrical and Structural Engineering labs.
• Installed, troubleshoot and repair hardware, software, and peripheral equipment, and data connectivity issues with desktops and laptops running Windows XP Professional in a Windows Server 2003 infrastructure.
• Installed and supported company standard software applications as needed. Designed and deployed standardized Windows XP Professional operating system images to multiple Compaq and Hewlett Packard desktops and laptops using Drive Image.
• Maintained and supported Window Server 2003 Active Directory organizational unit, computer and user accounts in an enterprise environment.
• Created MSI software packages using Radia and InstallShield AdminStudio for Active Directory distribution. Manage day to day data disaster recovery operations using Vertis BackupExec.
• Ensured daily McAfee VirusScan Enterprise anti-virus security updates were available to all clients. Educated team mates on more efficient processes to improve downtime for users.
• Professional Accomplishments
• Prevented an unneeded $50,000 expense to General Motors from an implemented solution and achieved an “Extra Mile” award from the Pontiac Structural Labs.
• A further annual savings of $55,000 was achieved by developing Windows Server 2003 Active Directory group policies for multiple site project involving client test equipment checkout kiosks.

Jul 2001 – Feb 2002 · 7 mos

• Provided onsite maintenance and support for various Intel based computers at University of Michigan Hospital.
• Provided onsite maintenance and support for various HP printers.
• Deploy new operating systems and application to mission critical computer systems.
• Vital role in hospital wide system refresh project which two months earlier than expected.
• Recognized for outstanding quality of customer service during first quarter in the position.