Security Support

Ronald G. Miller, CISSP

**** ********* ***** *******, #***, TX 76051

214-***-****, actjhl@r.postjobfree.com

Experience:

Dell Services Plano, TX 6/15/2015-Present

Incident Response Analyst

Responsible in assisting the creation of an Incident Response program for a premier Dell Services customer. Create policies, procedure documentation to be used to respond to identified security related incidents.

Created automation tools to automatically create tickets (parent and child tickets) to address low level incidents such as Spam / Phishing attacks. The customer sends an email in a template, which would be added to the ticketing application. Based on key words / up to 6 child tickets would be created-assigned to appropriate teams for resolution.

Created scripts to be ran on suspected systems to capture minimum information to determine if and what kind of breach has occurred.

Developed after action plans for two security incidents to address security gaps that were identified in the investigation.

Dealertrack technologies Dallas, TX 8/3/2014- 6/15/2015

Lead Information Security Analyst

● Provide operational support of security tasks for the Dealertrack Inventory and Interactive systems for three Dallas area facilities.

● Track, report on, and resolve issues related to the progress of security projects and initiatives

● Documents, updates and provides operational support of security procedures for the DT Dallas locations (e.g. malware procedures, VPN access procedures, separation procedures, firewall review procedures, physical or application access procedures, patching procedures).

●Coordinates and maintains business continuity and disaster recovery plans and procedures for the Dallas based operations.

●Identifies implements and coordinates risk mitigation efforts for operational, physical, network and application security.

●Is responsible for ensuring that audit findings from Dealertrack internal and external auditors are tracked and remediated

●Provides security guidance for new business and technical projects to ensure compliance with corporate security standards, contractual obligations and best practices

●Provides updates and information on security issues and responds to requests for information to support compliance initiatives

●Perform security monitoring to identify and resolve issues uncovered by various internal application and network security monitoring tools, escalating if appropriate

●Performed an investigation for a physical security breach in which Dealertrack facility was burglarized resulting in the theft of over $35,000 in property loss. My investigation allowed the police to identify the subject arrested and property retrieved.

●Performed an investigation where customer proprietary information was accessed. I identified the subject verified the information was destroyed and no copies made. Instituted new security controls to prevent future security breaches.

Verizon Terremark (6/2012 – 7/19/2014)

Security Event Engineer (SIEM)

●Established, maintained, and enforced security regulations and procedures for the organization to comply with HIPAA, FedRamp High Medium and Low, PCI (PCI/DSS). Monitors and audits the organization to ensure compliance with security policies and procedures. Investigate security issues.

●Support of Information Assurance program including development, collection, assessment, and reporting of metrics Identify opportunities for process improvement; develop and execute project plans to enhance operational effectiveness, including deployment of new controls or configuration changes. Support business development activities by providing technical expertise on information security related efforts. Establish and maintain effective relationships with management, external auditors and other control partners to analyze business risks and controls

●The lead on providing situational awareness to appropriate personnel through clear and concise communications, and promotes a proactive response to possible threats by staying current with, analyzing and identifying mitigations for emerging threats. Provide Malware Analysis using a defined set of analytical tools, Participate in approved technical audits and compliance activities, Communicate effectively with peers and other key stakeholders, Increase organizational threat awareness by providing briefings as required.

●Knowledge of Hackers methodologies allowed me to identify a Terremark customer who was a known hacker / botnet owner.

Verizon GSOC (Global Security Operations Center)

Security Systems Analyst (3/2004 – 6/2012) Managed (25 Analysts)

●Directly managed 25 people on the information security team.

●Monitor and evaluate events using ArcSight SIEM from Content Inspection collectors protecting Verizon and its subsidiaries from both internal as well as external threats.

●From 2008 to present I have identified 22 zero day exploits and malware that had penetrated Verizon’s systems

●Monitor and administer managed IDS detectors and security events on operation consoles. Evaluate the type and severity of incoming events and take the appropriate corrective action or evaluation procedure. Understand customer network traffic patterns and characteristics to better evaluate security events for false positives & suspicious events. Work with the research team to evaluate tickets and determine the appropriate corrective actions. Providing both email and phone support to customers, including opening trouble tickets for all incoming questions.

● Streamline ArcSight console configuration so as to be able to identify suspicious traffic in a glance

Network Associates (McAfee) 3/1999 – 1/2004

Security Support Representative

● Manage major enterprise customers in deploying and configuring, their antivirus and security solutions. Assist in identifying, correcting and preventing the effect of malicious code.

●From 2001 until 2003, I was the only Support Representative for 2 years for the ASaP partners as Well as the OEM partners world-wide.

● Authored policies and procedures documentation outlining responsibilities of 5 departments as well as setting service level agreements for handling new ASaP partners

● Supported over 70 Enterprise level customers, these customers were responsible for 35 million annually for the Support department

● Tier 2 support responsible in assisting Tier 1 support reps with any and all Microsoft related issues and operating systems.

● Received commendations from both NAI CEO and Western Digital (Customer), for the support that I was able to provided WDC during an outbreak involving the first ever polymorphic virus.

●Provided the Virus team an in-depth analysis on the changes that the NIMDA virus performed on systems were infected. This information assisted in creating a working solution to clean infected systems. This solution was used not only by McAfee but all other Anti-Virus vendors.

● In Q2 of 2001, three of the customers I supported renewed their support contracts. Reason given was due to the support I provided. The support money was the most paid in NAI history.

Education

School: SMU Course: CCNA, CCSP, CISSP

School: NAI Academy Course: NAI Security (McAfee Risk Advisor, Total Protection for Compliance)

McAfee Anti-virus Software

School: InfoMart Course: MCSE+I, A+

References

Donald E. Saunders Director 972-***-**** actjhl@r.postjobfree.com

Archie Carnes Manager 469-***-**** actjhl@r.postjobfree.com

James M. Myers Manager 972-***-**** actjhl@r.postjobfree.com

Danny Bicknell Analyst 971-***-**** actjhl@r.postjobfree.com

Contact this candidate