Anthony Sarabia

*** *. ******* ******, #***

Fullerton, CA 92832

Cell 818-***-****

Email: ad1w90@r.postjobfree.com

Objective

Seeking a position in Cybersecurity utilizing my experience with Web/Middleware, Database, Networking and Operating systems

Professional History

NBC Universal - Universal City, CA

Jul 2006 - Dec 2022

Platform Data Loss Protection Manager for Middleware and Database: Managed International Middleware and Database Environments of NBC Universal Companies; TV Broadcast (NBC owned stations and Affiliates), Cable Networks (MSNBC, CNBC, E!, USA, SYFY, Bravo, etc.), Telemundo

(Spanish Network) and other companies (Fandango, GolfNow, Sky Group, DreamWorks Animation, Theme Parks, etc.)

- Managed Team (ranging from 20 to 50 engineers), mentored engineers on NBCU security and compliance requirements

- Over 400 supported applications (majority SSO enabled)

- Thousands of systems across data centers in US and International locations

- Zero Day Vulnerability & CVE Patch Management with Spacewalk/Linux and WSUS/Microsoft (also developed patching strategy for DB/WEB for vendor security and code updates), forensic due diligence

(following suspected security incidents)

- Maintained systems inventory using ServiceNow

- Obtained, tracked and updated SSL/TLS certificates for supported Websites

- Utilized ITIL v3 framework for Service Design, Service Transition and Service Operations

- Ensure Change Management, Event Management, Request Management, Incident and Problem Management SLAs are met, Service Improvement Plans (to meeting changing regulatory and compliance requirements)

- Secured public facing environments in demilitarized zones, DMZ & DB/Web server hardening

- Coordinated with networking teams for Network Firewall, Web Application Firewall and Load Balancers

- Built high availability, HA, and disaster recovery, DR, environments

- RPO/RTO data recovery using different methods, Always On and backups (w/ Rubrik and Veritas NetBackup)

- Conducted Business Continuity and Disaster Recovery testing

- Responsible for Identity Access Management for Middleware/DB environments

- Review IP scans, Web Application scans, Nessus, Qualys and Veracode scans with Application Owners to remediate common vulnerabilities and exposures

- Partner with Business Information Security Officers, BISO, to access and address security needs for the different business units

- Secure systems with CrowdStrike for Extended detection and response, EDR

- Protect, secure and rotate service account and privileged passwords using CyberArk

- Secure access to systems with Remediant (Just-in-time-access), Beyond Trust (AD Bridging) and Duo

(MFA)

- Conduct audits with Comcast Auditors to review access to SOX applications using SailPoint

- Conduct audits with Comcast Auditors for User Access Reviews (AD group access, AD Bridging, Application and Server access)

- Secure data identified as Personal Identifiable Information through Data at rest / in-transit through encryption techniques and also using Data Masking (tokenization)

- Secure systems with Payment Card Industry (PCI) Data

- Security information and event management with Splunk, Datadog, SolarWinds and AppDynamics for servers across the Enterprise

Fremont Investment & Loan - Anaheim, CA

Jul 2004 - Jun 2006

Configuration and Capacity Manager: Secured Loan and Banking systems for subprime market

- Review and implement vendor supported contracts to ensure business requirements, processes, scalability, business continuity, data recovery and security

- Role based access to systems and applications during migration to Microsoft Active Directory PacifiCare Health Systems - Cypress, CA

May 2003 - Jul 2004

IT Consultant: HIPPA compliance, review and secure access to systems for Health Care provider

- Successfully migrated Member, Provider and Employer Portals from IBM data center to in-house data center. System utilized Netegrity SiteMinder and IdentityMinder to authorize and authenticate system users ensuring HIPPA compliance

- Internet Email support using Tumbleweed Communications Secure Mail MMS product to detect viruses for incoming and outgoing mail

Education

University of California, Los Angeles - Information Systems Security 2017 California State University, Fullerton - MSEE (Optics and Communications) 1998 & BSCS (Scientific Programming, Minor Mathematics)

Skills

Leadership: Management of teams with 50+ engineers, GE Leadership courses, Project Management Security Engineering: DLP, EDR, SIEM, PCI Data Security Standard, ISO and NIST security frameworks, CVE and OWASP, Penetration Testing, Nmap, Analyze network traces (w/ Wireshark) Middleware/Database Security Management: IIS, Apache, Tomcat, JBoss, LAMP, Microsoft SQL, Oracle, Open-DB (MySQL, PostgresSQL, MongoDB)

Programming: Python, C/C++, Fortran, Pascal

Operating Systems & NOS Infrastructure: UNIX/Linux, Windows Server, MAC OS; DNS, DHCP, LDAP Cloud: AWS Certified: Cloud Practitioner

Contact this candidate