Anthony Sarabia
Fullerton, CA 92832
Cell 818-***-****
Email: ad1w90@r.postjobfree.com
Objective
Seeking a position in Cybersecurity utilizing my experience with Web/Middleware, Database, Networking and Operating systems
Professional History
NBC Universal - Universal City, CA
Jul 2006 - Dec 2022
Platform Data Loss Protection Manager for Middleware and Database: Managed International Middleware and Database Environments of NBC Universal Companies; TV Broadcast (NBC owned stations and Affiliates), Cable Networks (MSNBC, CNBC, E!, USA, SYFY, Bravo, etc.), Telemundo
(Spanish Network) and other companies (Fandango, GolfNow, Sky Group, DreamWorks Animation, Theme Parks, etc.)
- Managed Team (ranging from 20 to 50 engineers), mentored engineers on NBCU security and compliance requirements
- Over 400 supported applications (majority SSO enabled)
- Thousands of systems across data centers in US and International locations
- Zero Day Vulnerability & CVE Patch Management with Spacewalk/Linux and WSUS/Microsoft (also developed patching strategy for DB/WEB for vendor security and code updates), forensic due diligence
(following suspected security incidents)
- Maintained systems inventory using ServiceNow
- Obtained, tracked and updated SSL/TLS certificates for supported Websites
- Utilized ITIL v3 framework for Service Design, Service Transition and Service Operations
- Ensure Change Management, Event Management, Request Management, Incident and Problem Management SLAs are met, Service Improvement Plans (to meeting changing regulatory and compliance requirements)
- Secured public facing environments in demilitarized zones, DMZ & DB/Web server hardening
- Coordinated with networking teams for Network Firewall, Web Application Firewall and Load Balancers
- Built high availability, HA, and disaster recovery, DR, environments
- RPO/RTO data recovery using different methods, Always On and backups (w/ Rubrik and Veritas NetBackup)
- Conducted Business Continuity and Disaster Recovery testing
- Responsible for Identity Access Management for Middleware/DB environments
- Review IP scans, Web Application scans, Nessus, Qualys and Veracode scans with Application Owners to remediate common vulnerabilities and exposures
- Partner with Business Information Security Officers, BISO, to access and address security needs for the different business units
- Secure systems with CrowdStrike for Extended detection and response, EDR
- Protect, secure and rotate service account and privileged passwords using CyberArk
- Secure access to systems with Remediant (Just-in-time-access), Beyond Trust (AD Bridging) and Duo
(MFA)
- Conduct audits with Comcast Auditors to review access to SOX applications using SailPoint
- Conduct audits with Comcast Auditors for User Access Reviews (AD group access, AD Bridging, Application and Server access)
- Secure data identified as Personal Identifiable Information through Data at rest / in-transit through encryption techniques and also using Data Masking (tokenization)
- Secure systems with Payment Card Industry (PCI) Data
- Security information and event management with Splunk, Datadog, SolarWinds and AppDynamics for servers across the Enterprise
Fremont Investment & Loan - Anaheim, CA
Jul 2004 - Jun 2006
Configuration and Capacity Manager: Secured Loan and Banking systems for subprime market
- Review and implement vendor supported contracts to ensure business requirements, processes, scalability, business continuity, data recovery and security
- Role based access to systems and applications during migration to Microsoft Active Directory PacifiCare Health Systems - Cypress, CA
May 2003 - Jul 2004
IT Consultant: HIPPA compliance, review and secure access to systems for Health Care provider
- Successfully migrated Member, Provider and Employer Portals from IBM data center to in-house data center. System utilized Netegrity SiteMinder and IdentityMinder to authorize and authenticate system users ensuring HIPPA compliance
- Internet Email support using Tumbleweed Communications Secure Mail MMS product to detect viruses for incoming and outgoing mail
Education
University of California, Los Angeles - Information Systems Security 2017 California State University, Fullerton - MSEE (Optics and Communications) 1998 & BSCS (Scientific Programming, Minor Mathematics)
Skills
Leadership: Management of teams with 50+ engineers, GE Leadership courses, Project Management Security Engineering: DLP, EDR, SIEM, PCI Data Security Standard, ISO and NIST security frameworks, CVE and OWASP, Penetration Testing, Nmap, Analyze network traces (w/ Wireshark) Middleware/Database Security Management: IIS, Apache, Tomcat, JBoss, LAMP, Microsoft SQL, Oracle, Open-DB (MySQL, PostgresSQL, MongoDB)
Programming: Python, C/C++, Fortran, Pascal
Operating Systems & NOS Infrastructure: UNIX/Linux, Windows Server, MAC OS; DNS, DHCP, LDAP Cloud: AWS Certified: Cloud Practitioner