Nathan John Lux

Fairfax Virgina • 810-***-**** • ac72v6@r.postjobfree.com

SUMMARY

Security professional who is tenacious, flexible and willing to relocate; looking to improve my professional growth.

CORE TECHNICAL SKILLS

Operating Systems:

Unix/Linux

Windows

Centos/Redhat

ESXi/KVM

Tools:

Splunk/Elkstack

Wireshark/Nmap

Snort/Suricata

Scripting (Bash/Python/Yara)

IDA Pro/Radare2

Burp/ZAP

Competencies:

Data Analysis

Network Troubleshooting

Network Deployment

Firewall Deployment

Reverse Engineering

EXPERIENCE

Temporary Splunk Administrator

Chantilly, VA

Pentagon Federal Credit Union Nov 2017 – Feb 2018

Responsibilities: Act as a stand in engineer until a Senior Engineer could take over. Duties included ensuring that the existing installations data streams were maintained, troubleshoot various system issues. Culminating with the creation of two heavy forwarders for the new Data Center environment.

• Determining a standard Linux configuration policy for current instances.

• Write bash jobs to handle syslog-ng rotation

• Assist with troubleshooting Splunk DB connect

• Hard setting routing for listening interfaces off of forwarders

• Determining data types appropriately ingesting them via syslog-ng

• Assistance use case creation, such as with Encase with REST API

• Design and creation of heavy forwarders out of new DC1 Environment

• Onboard the new Splunk Engineer to ensure a smooth hand off CIRT Analyst Chantilly, VA

Pentagon Federal Credit Union April 2017 - Present Responsibilities: Respond to alerting and tune signatures based on if they’re false positives or not depending on incident resolution. Also facilitate ease of interpretation for others via Splunk dashboards and correlating searches.

• Assisted in remediating issues on security devices and their respective APIs

• Determine if IDS alerts are false positive or not and if they should be tuned out or not (Fidelis)

• Basic Malware Detection with Cuckoo and corresponding dirty VMs (Joe Sandbox/Fortisandbox/Assembly Line)

• Assist with Splunk administration and dashboard creation

• Assist in Firewall Rule creation/troubleshooting (Fortinet)

• Rogue System Detection, Endpoint malware detection (McAfee EPO and NSM)

• Determine emerging spam campaigns and impacted users (Proof Point)

• Assisted in assessing scope of 2 data leaks

• Importing Snort Signatures via Forti converter to build out IPS use case

• IOC collection validation to assist in threat hunting. Technical Support Engineer (Firewall/Web Filter): Tier 1B Ann Arbor, MI Barracuda Networks June 2014 - 2017

Responsibilities: Manage and troubleshoot deployments of the Barracuda firewall and web filter appliance. Assistance in initial Firewall/Web Filter setups, Routing setups, VPN (Site2Site and C2Site) and VLan questions and concerns.

• SSH into customer appliances to assist troubleshooting

• Rebuild Corrupt Mysql Databases to resolve GUI/Ruleset issues

• Scripting using Bash/Python to remove, rotate logs, restart services or add functionality

• Comprehensive understanding of TCP/IP and Networking Protocols

• Saved the business about $33 K by functioning at the same capacity as two support engineers ( ticket rate closures, and scope of products covered seven instead of two to three).

•

Library Network Technician Brighton, MI

Brighton District Library May 2011-June 2014

Responsibilities/Accomplishments: The the budgeting and deployment of 70+ machines in a windows environment and the acquisition and deployment of two 2008 R2 servers to replace the existing 2003. Deployed a VoIP service (asterisk) to replace the existing phone infrastructure.

• Basic Budgeting for Hardware and associated costs

• Basic Server Administration for Windows 2008 (Domain Management) and Ubuntu (Web Server)

EDUCATION

University of Advancing Technology Tempe, AZ

Bachelor of Science in Information Technology, Network Security Major September 2009 - August 2013 CERTIFICATIONS

CEH (Certified Ethical Hacker) March 2018

SSCP (Systems Security Certified Professional) July 2016 Security+ May 2017

GWAPT (Pending on test at end of December) (Pending) RELATED DEVELOPMENT

VPN access can be granted by request.

Designed and Built my own PFsense system (Firewall with snort, squid and other services running) integrated with Elkstack and Splunk,

Running a ProxMox Server which hosts the VM of my Plex server (luxhome.hopto.org:32400 if you wish to vist.)

• Just finished with integrating Sonarr with existing Plex Environment

• Currently adding and testing devices from Vulnhub with the intent to take the OSCP as well as examine OWASP top 10 Vulnerabilities.

Contact this candidate