Security Information
Resume:
Lawrenceville GA, *****
Bruce Nichols
*****.*******@*****.***
Phone: 404-***-****
Information Security Analyst
Security & Network Attributes
SecureWork SIEM, Cisco AMP; Cisco SourceFire (FirePower) URL Content filtering; Cisco IDS/IPS; McAfee ePO; McAfee DLP; ForcePoint DLP; McAfee Endpoint Protection; Cisco ASA Firewall; Damballa; SOX Compliance; PCI Compliance; Microsoft Outlook; MimeCast Spam Filter; Nessus; Vulnerability Scans; Risk Assessment; Issue triage; Threat response; Corporate Security Policy Creation; Security governance development; Production support; Change management; Production deployment; Server build; Script writing; Server Administrator; Active Directory, Identity and Access Management, Other SIEM tools (Spunk, & Qradar) in POC setting.
Professional Certifications
Certified Ethical Hacker (CEH)
Security + CE
Professional Experience
Security Engineer (Contract) Delta Air Lines – Atlanta 1/19 – 6/19
Tasked with the design, Implementation, and rollout of new ForcePoint DLP Application. Successfully deploying DLP agents across 10000 of the 80000 endpoints scheduled, in a 2 week span, dramatically reducing the anticipated project timeframe.
Built an intensive test lab environment ensuring comprehensive testing on critical business application throughout environment. These methods included Functional, Unit, and Integration testing, as well as hardware utilization testing.
Working with the business stakeholder to create effective policies to prevent data exfiltration, I developed processes for DLP Management, continual tuning, and quick new policy creation.
The DLP policies designed to protect the crucial and sensitive company data, these policies customized to include over 30 countries.
Ensured regulatory compliance around PII, PCI, including GDPR readiness, resulting in a high confidents in the project from Stakeholders
Analyzed, Reviewed, and Escalated events, also put together documentation for reporting weekly data trends; tracked process of rollout, monitored alerts and Incidents, also relied on custom tuning polices to reduce false positives down to 25%.
Cybersecurity Analyst (Contract) Co-op Financial Services – Atlanta 5/18 – 12/18
Acted as lead and SME for McAfee Endpoint protection and Data Loss Prevention
Advising Jr. Analyst on Threat identification, Incident Response, and Risk Mitigation, improving team’s security effectiveness.
Provided Senior level remediation support for SecureWorks SIEM incident alerts
Instructed Jr. Analyst and supervised their progress
Reviewing various logs in SIEMs from a variety of log collectors, all the while building repeatable incident response processes.
Created verifiable documents for future PCI DSS audits
Developed SOP documentation for Internal SOC IR Process flow
Proofpoint DLP email gateway administration
Worked on 0365 implementation project
Support day to day data security operations
Information Security Analyst Rollins Inc. – Atlanta 3/12 – 5/18
Responsible for ensuring the confidentiality, integrity and availability of the company’s information assets.
Serve as the primary advisor on all security matters relating to vulnerabilities, threats, and controls
Leveraging McAfee ePO I successfully ensured the complete planning, preparation, configuration, and rollout of over 15000 user endpoints for Security protection of client Firewall, Web Control, and Threat Prevention
Used McAfee DLP Agent for Endpoint to track, monitor, track block sensitive data from leaving company and monitoring data at rest.
Created alerts on specific set of rules around Personal Information identified
Created business policies Monitoring, Notifications, and Exceptions
Deployed McAfee Agent, DLP, and ENS across 7 brands acquired through acquisitions.
Configured Cisco Firepower for URL Content and Web Filtering for business internet connections
Setup and configured Cisco IPS/IDS to Monitor inspection for suspicious files
Configured and deployed Cisco AMP for Endpoints, for Advance Malware detection for tracking file trajectory and quarantine
Used McAfee Network Intrusion prevention using analysis tools to Monitor traffic in motion
Leveraged Damballa to Identify hidden infections in real time on live traffic and confirm device infection by APT or malware
Built process and programs around vulnerability management and scanning
Perform vulnerability scans; identify exposure and risks, and report findings to management.
Compliance scanning plugins for PCI, SOX, and other systems
Working knowledge of SIEM tools LogRythm, Spunk, & Qrader in a Proof of Concept setting
Provide security-consulting services to all departments and project teams requiring representatives from security
Perform detailed analysis of syslogs (firewall, IDS/IPS and Windows, VPN) for patterns and anomalies related to APT’s
Research new developments in IT security in order to recommend, develop and implement new security policies, standards, procedures and controls.
Define, establish and manage security risk metrics and track effectiveness.
Perform periodic reviews of process controls and technical controls to ensure continuous adherence to SOX compliance.
Network Administrator WorldPay - Atlanta 6/03 – 7/11
Responsible for ensuring that all company Network aspects remained operational and resolving any network or security related issues
Duties included operating as the point of contact for any Active Directory Exchange admin needs as well and production deployment and Change Management
Operated as a Unicenter (SIEM) Administrator, tasked with providing up to date performing monitoring of the Server environment.
Supported code and database changes
Assist in the ongoing development of the Company’s security architecture – identify areas of opportunity, research alternatives and recommend solutions
Responsible for implementing security controls, perform maintenance and prevent, detect, analyze and respond to security incidents
Monitor the security of critical systems (e.g., e-mail servers, database servers, web servers, etc.) and changes to highly sensitive computer security controls to ensure appropriate system administrative actions, investigate and report on noted irregularities
Developing project objectives with maintaining project schedules through the course of the project lifecycle
Professional Credentials
Clayton State University – MCSA Certification
AIU – Information Systems – Computer Systems Networking and Telecommunications
Contact this candidate