Michael Mitchell
Raleigh, North Carolina ***** ad2j3e@r.postjobfree.com
PROFESSIONAL SUMMARY
Insightful, results-driven IT Security professional with notable success directing a broad range of corporate IT security initiatives while leading in planning, analyzing, designing and implementing solutions in support of securing the confidentiality, integrity and availability of IT Resources. Excel at providing comprehensive secure network design, systems analysis, and full lifecycle project management. Over 21 years hands-on experience leading all stages of IT security efforts, including requirements definition, architecture design, testing, and support. Outstanding project and program leader, able to coordinate and direct all phases of project-based efforts while managing, motivating, and guiding teams. I have accumulated a vast array of IT security experience serving as a CISO, HIPAA/Hitech Security Officer and PCI Security SME. Hands-on experience directly managing security platforms from best in class IT security vendors. I love IT Security, and feel this is a worthy vocation combating the threats and maleficence seen in our world every day. I provide absolute loyalty and positive energy in all of my efforts.
SKILLS
Layered Network Security Architecture
Vulnerability and Risk Assessments
Regulatory Compliance
IT Security Cost Benefits Analysis
IT Security Policy Creation
Incident Response and Management
SME on Several IT Security Platforms
Security Awareness Program Design
Layered Intrusion Prevention Specialist
Years of Experience Working with Digital Forensics on Cybercrime Cases
Virtualization & Cloud Technologies
Data Integrity / Disaster Recovery
Risk Management and Remediation
Threat Intelligence Assessment
Security Team Management
Project Leadership
In-Depth use of NIST, ISO and COBIT Standard Based Methodologies
Penetration Testing
Encryption Design, Deployment and Management
F5 LTM
Cisco SourceFire with AVC
Cisco IDS
Akamai Kona WAF
IBM Realsecure Siteprotector IPS
Forescout NAC
Okta IDaaS
Rapid7 Nexpose
DeepSight Threat Intelligence
Threat Connect Threat intelligence
Threat Stream Threat intelligence
Reflex IPS
Symantec Endpoint Protection
Brightmail with Vontu DLP
VMware VSphere and Workstation
Hyper-V
Virtualbox
Avast Antivirus
Nod Antivirus
Kaspersky Antivirus
Trend Micro Antivirus
Synology Network Storage
Untangle Open Source UTM
HP Openview and Nagios Network Management
ServiceNow
Riskvision and Arcsight
MS PowerShell
Nmap
Wireshark
Tenable Nessus
Metasploit
Various Linux Security toolkits
RSA Security Analytics (NetWitness)
Splunk
Elasticsearch
Falcon
FRED
FireEye HX
Palo Alto
Redline
Encase Enterprise
Lancope Stealthwatch
Cuckoo Forensics
Organizational skills
Resource management
Process improvement
Decision-making
WORK HISTORY
SECURITY SUBJECT MATTER EXPERT 06/2021 to CURRENT
United Health Group Raleigh, NC
Manage the FireEye HX security platform for over 250,000 Windows 10 workstations and for 15,000 Macs
Support Windows Defender on Windows and Macs
Use Jamf Pro for Mac management and Microsoft Azure Intune for Windows management
Respond to trouble tickets and help resolve critical issues.
Enhance team performance by providing expert guidance on critical projects and strategic initiatives.
Streamline processes to increase efficiency, enabling teams to complete tasks ahead of schedule.
Collaborate with cross-functional teams to develop innovative solutions, leading to successful project outcomes.
Provide thought leadership on industry-specific topics, establishing a reputation as an authority within the field.
DIGITAL FORENSIC CYBER THREAT INCIDENT RESPONDER 01/2017 to 06/2021
United Health Group Raleigh, NC
Lead digital forensic cyber threat investigations
Designed and maintained the open source forensic sandbox platform
Conducted thorough incident response through investigations of security incidents and made recommendations for remediation steps
Wrote concise reports to senior management detailing security incidents and indicators of compromise.
Enhanced digital forensic investigation efficiency by implementing advanced analytical tools and techniques.
Streamlined processes for evidence collection, reducing case backlog and increasing successful case resolution.
INFORMATION SECURITY CONSULTANT 03/2016 to 05/2016
BB&T Bank Wilson, NC
Enhanced the enterprise-wide information-security program
Lead efforts to identify and evaluate IT Security risks
Provided management of ForeScout NAC and Akamai Kona Site Defender WAF
Investigated PCI firewall log data retention requirements and optimize storage space allocation.
Reduced potential information security incidents by developing and enforcing company-wide security policies and procedures.
Streamlined incident response processes, leading to faster resolution times for information security breaches.
SECURITY SYSTEMS ENGINEER/BUSINESS DEVELOPMENT MANAGER 10/2015 to 02/2016
Cisco Security Services RTP, NC
Worked with customers and give presentations with network designs to ensure proper security controls
Made recommendations on furthering the overall security posture of large multinational corporations
Developed a process to convert data from Tableau to SalesForce, recovering lost sales revenue.
Enhanced security system efficiency by implementing and maintaining advanced technologies and software.
Developed custom security system designs tailored to client needs, ensuring full coverage of critical areas.
INDEPENDENT INFORMATION SECURITY CONSULTANT 08/2015 to 10/2015
InmotionNow RTP, NC
Performed a thorough security assessment and penetration tests of AWS infrastructure
Wrote a full set of security policies and procedures
Found and secured significant security issues with flagship AWS application
Enhanced overall network security by conducting comprehensive risk assessments and implementing recommended controls.
Reduced potential information security incidents by developing and enforcing company-wide security policies and procedures.
Identified critical vulnerabilities in systems through regular penetration testing, mitigating risks before exploitation could occur.
Performed a gap analysis and filled gaps with a custom security program.
CHIEF SECURITY OFFICER, PCI/HIPAA SECURITY OFFICER 09/2001 to 08/2015
Wake County Government Raleigh, NC
Built a top-class security team and managed the creation and evolution of the corporate IT Security program
Designed the IT security infrastructure to protect over 7000 Windows workstations and over 350 Windows and Linux servers
Implemented a wide variety of security platforms and controls
Managed disaster recovery tests
Worked with cloud vendors and managed hosted email encryption, IDaaS, and external vulnerability scanning
Served as both the PCI and HIPAA Security Officer.
Served as Senior IT Security Architect.
Improved overall company security by developing and implementing comprehensive security awareness training.
Wrote Security policies and procedures.
Reduced security incidents for increased safety with regular risk assessments and proactive mitigation strategies.
Increased employee awareness on cybersecurity, conducted regular training sessions on best practices and emerging threats.
INFORMATION SECURITY CONSULTANT, NETWORK MANAGER 09/1999 to 05/2001
Penn Life Insurance Company Raleigh, NC
Managed a small technical team and a 400 node network
Maintained Cisco Routers and manage international frame-relay trouble tickets
Responsibilities included WAN security, network management anddesign, antivirus software, disaster recovery procedures, and tape backup rotations.
SYSTEMS ENGINEER/Y2K PROJECT MANAGER 09/1998 to 06/1999
BB&T Bank Wilson, NC
Managed the BB&T Y2K project and design software distribution servers
Solved problems with NT servers and NT SNA gateways
Managed other IT contractors
Developed solutions for Y2K fixes and disaster recovery
Designed disaster recovery solutions for departments
Managed the backup/recovery of servers.
Enhanced network security by implementing encryption measures and conducting regular vulnerability assessments.
Improved system performance by identifying and resolving technical issues in a timely manner.
NETWORK LAB MANAGER 02/1998 to 09/1998
Nationsbank Charlotte, NC
Project Manager and Network Administrator
Designed and managed the buildout of a large test lab
Setup and maintained Windows and Netware servers
Certified Y2K compliance on all equipment
Managed backup/recovery of servers
Designed disaster recovery plans
Tracked service tickets with an Access database.
Improved lab efficiency by implementing automated processes and equipment upgrades.
Enhanced laboratory safety protocols, resulting in reduced workplace accidents and injuries.
Streamlined workflow by designing efficient standard operating procedures for all laboratory tasks.
EDUCATION
Wake Technical College – Associates in Electrical Engineering
Cisco IDS Specialist
Completed IT Security Officer 'Bootcamp'
Completed WAN Design Course
CERTIFICATIONS
Certificate in Symantec 5460 Intrusion Prevention Security Appliances
Currently studying for CISSP
OPERATING SYSTEMS
Windows 10,11
Windows Server 2019 and 2022
Linux (Red Hat, Ubuntu, Debian, etc.)
Mac OSX up to Sonoma
Android
IOS
.