Nathan John Lux
Fairfax Virgina • 810-***-**** • ac72v6@r.postjobfree.com
SUMMARY
Security professional who is tenacious, flexible and willing to relocate; looking to improve my professional growth.
CORE TECHNICAL SKILLS
Operating Systems:
Unix/Linux
Windows
Centos/Redhat
ESXi/KVM
Tools:
Splunk/Elkstack
Wireshark/Nmap
Snort/Suricata
Scripting (Bash/Python/Yara)
IDA Pro/Radare2
Burp/ZAP
Competencies:
Data Analysis
Network Troubleshooting
Network Deployment
Firewall Deployment
Reverse Engineering
EXPERIENCE
Temporary Splunk Administrator
Chantilly, VA
Pentagon Federal Credit Union Nov 2017 – Feb 2018
Responsibilities: Act as a stand in engineer until a Senior Engineer could take over. Duties included ensuring that the existing installations data streams were maintained, troubleshoot various system issues. Culminating with the creation of two heavy forwarders for the new Data Center environment.
• Determining a standard Linux configuration policy for current instances.
• Write bash jobs to handle syslog-ng rotation
• Assist with troubleshooting Splunk DB connect
• Hard setting routing for listening interfaces off of forwarders
• Determining data types appropriately ingesting them via syslog-ng
• Assistance use case creation, such as with Encase with REST API
• Design and creation of heavy forwarders out of new DC1 Environment
• Onboard the new Splunk Engineer to ensure a smooth hand off CIRT Analyst Chantilly, VA
Pentagon Federal Credit Union April 2017 - Present Responsibilities: Respond to alerting and tune signatures based on if they’re false positives or not depending on incident resolution. Also facilitate ease of interpretation for others via Splunk dashboards and correlating searches.
• Assisted in remediating issues on security devices and their respective APIs
• Determine if IDS alerts are false positive or not and if they should be tuned out or not (Fidelis)
• Basic Malware Detection with Cuckoo and corresponding dirty VMs (Joe Sandbox/Fortisandbox/Assembly Line)
• Assist with Splunk administration and dashboard creation
• Assist in Firewall Rule creation/troubleshooting (Fortinet)
• Rogue System Detection, Endpoint malware detection (McAfee EPO and NSM)
• Determine emerging spam campaigns and impacted users (Proof Point)
• Assisted in assessing scope of 2 data leaks
• Importing Snort Signatures via Forti converter to build out IPS use case
• IOC collection validation to assist in threat hunting. Technical Support Engineer (Firewall/Web Filter): Tier 1B Ann Arbor, MI Barracuda Networks June 2014 - 2017
Responsibilities: Manage and troubleshoot deployments of the Barracuda firewall and web filter appliance. Assistance in initial Firewall/Web Filter setups, Routing setups, VPN (Site2Site and C2Site) and VLan questions and concerns.
• SSH into customer appliances to assist troubleshooting
• Rebuild Corrupt Mysql Databases to resolve GUI/Ruleset issues
• Scripting using Bash/Python to remove, rotate logs, restart services or add functionality
• Comprehensive understanding of TCP/IP and Networking Protocols
• Saved the business about $33 K by functioning at the same capacity as two support engineers ( ticket rate closures, and scope of products covered seven instead of two to three).
•
Library Network Technician Brighton, MI
Brighton District Library May 2011-June 2014
Responsibilities/Accomplishments: The the budgeting and deployment of 70+ machines in a windows environment and the acquisition and deployment of two 2008 R2 servers to replace the existing 2003. Deployed a VoIP service (asterisk) to replace the existing phone infrastructure.
• Basic Budgeting for Hardware and associated costs
• Basic Server Administration for Windows 2008 (Domain Management) and Ubuntu (Web Server)
EDUCATION
University of Advancing Technology Tempe, AZ
Bachelor of Science in Information Technology, Network Security Major September 2009 - August 2013 CERTIFICATIONS
CEH (Certified Ethical Hacker) March 2018
SSCP (Systems Security Certified Professional) July 2016 Security+ May 2017
GWAPT (Pending on test at end of December) (Pending) RELATED DEVELOPMENT
VPN access can be granted by request.
Designed and Built my own PFsense system (Firewall with snort, squid and other services running) integrated with Elkstack and Splunk,
Running a ProxMox Server which hosts the VM of my Plex server (luxhome.hopto.org:32400 if you wish to vist.)
• Just finished with integrating Sonarr with existing Plex Environment
• Currently adding and testing devices from Vulnhub with the intent to take the OSCP as well as examine OWASP top 10 Vulnerabilities.