Incident Response Information Security

Contact

** ******* **** **-*** silva missouri

**964

573-***-**** (Mobile)

***********@***.***

www.linkedin.com/in/brian-

waala-77299113 (LinkedIn)

www.tentmaker.org (Other)

Top Skills

Auditing

Incident response playbook creation

and integration and automation

Analytical Skills

Languages

Japanese (Professional Working)

English (Native or Bilingual)

Certifications

Certified Ethical Hacker

Splunk Fundamentals User

Certification

CompTIA Advanced Security

Practitioner

Agile SCRUM Product Owner

Server+

Brian Waala

have one foot in architecture and strategic insight, and one foot in security response,

Silva, Missouri, United States

Summary

• A strong pioneer spirit, successful in implementing new directions, projects, technologies and ways of looking at problem solving Strong technical security and IT skills in the tools and technologies supporting all 10 domains of security, equally versitile in leadership and mastery of the supporting technologies in information security

• Enjoy working with strong leadership and providing strong leadership

• Involved, visionary and hard working

• Instead of micromanaging a problem, I look at the problem from all angles, then set a desired outcome and work my way backwards. I set benchmarks and steps to reach the smart objectives (in other words, work backwards to reach the goal).

• My motto is to “plan my dive and dive my plan”

Experienced and Effective Cyber Security Professional, Mastery Level

CISSP and 15 others certifications, gained after real experience and effective directing of security organizations in all 10 security domains Certified Ethical Hacker

Comptia Advanced Security Practioner

Cloud Professional+

Security+ Server+ Project Professional

Microsoft Certified Systems Administrator

Security+ Certified CompTIA

Apple Professional

Experience

Self-employed

Virtual CISO

May 2022 - Present (2 years)

Page 1 of 9

silva mo

Providing advice, reviewing security plans and architecture. Acting in the role of strategic planner for medium size and large enterprise solutions, Then, in my free time: Architecting,Engineering and Building trades and designing a complete off grid agricultural and living environment.as a hobby. Have traveled to 5 continents as part of my wanderlust and planning on rounding this out with South America and Antartica in November of 2024 as my side interests. In the last 3 years, have been exploring and snorkeling or swimming in Africa, Europe, Japan, Australia (including Tazmania) with an interest in all things Antarctic involving journeys on the seas

Contract to OnDemandGroup

Senior Security Engineer. Contractor

June 2021 - August 2023 (2 years 3 months)

remote

Was able to work myself out of a job and delivered all work in the statement of work six weeks ahead of schedule. I worked in creating playbooks integrated with automated ITIL and service management tools. This fun included Linux, EDMR and Apache log ingestion and parsing, deploying deceptive and active security measures, incident response use casing with Cyderes and improving with and owrking with Chronicle on a daily basis. All led as subject matter expert in mitigating PEN test findings and provided guidance to the executive suite on security.

Contract to Medical System in Minnesota

Senior Security Architect

November 2020 - February 2021 (4 months)

Remote

Provided leadership in engineering and architecting security solutions, incident response, compliance and governance. Performed vendor and incident response team managemetn and served as the incident commander during significant security incidents including successful mitigation of ransomware nad helped the company I contracted to save their business reputation and millions of dollars or riskmitigation. Contributed in these areas

* Created 8 SOAR style security playbooks integrated and with key automations in ServiceNow

*. Tested existing manual security processes, unearthed gaps and updated playbooks with swim lanes, tested with IT teams and business, performed lessons learned events, then applied these to the incident response plan and then automated these into tools like and including ServiceNow Page 2 of 9

• Phish testing

• Penetration testing

• Vulnerability scanning and management (including OWASP)

• Network, firewall, IDS/IPS, server (Windows, Linux), and endpoint administration

• EPP, EDR, XDR solutions

• SIEM solutions

• Certificate management

Zebra Technologies

Global Information Security Senior Managing Director August 2018 - August 2020 (2 years 1 month)

Lincolnshire Illinois

Eliminated many high and creitical vulnerability during my leadership Improved Visibility into assets and sensitive data Performed Incident Commander role for information security incidents for 2 years without negative company impact

Led, Managed and/or performed Security Assessments for Zebra with growth in effectiveness with cost reductions.

Led in bringing our Network assets to full visibility Developed, implemented and utilized 18 playbooks for information security incident response

Integrated these 18 playbooks and automated key points and labor intensive processes into JirA and ServiceNow.

Designed, implemented and socialized DLP, Data Classification, Encryption and PAM and Asset management standards and processes. Contributed in these areas: • Phish testing

• Penetration testing

• Vulnerability scanning and management (including OWASP)

• Network, firewall, IDS/IPS, server (Windows, Linux), and endpoint administration

Page 3 of 9

• EPP, EDR, XDR solutions

• SIEM solutions

• Certificate management

All State Insurane

SOC Engineer Level 3

March 2018 - August 2018 (6 months)

Headquarters

This was a contract position working in All State's global Security Operations Center. it was a blast working working with great people. Totally incident response, threat hunting and investigation geeking out. Was a level 3 Senior SOC analyst and led in process improvements, liasonships with IT and business. I enjoyed providing SME work in CrowdStrike and other industry leading toolsets and environments for information security event triage and analysis including averting and mitigating large scale expoits and attacks. Anixter

Information Security Senior Manager

March 2017 - December 2017 (10 months)

2301 Patriot Boulevard Glenview IL

Executed in 3 major areas: people enrichment, process improvements and technology tool implementations.

Moved the whole organization one notch up on the Computer Maturity Model for security in less than one year

o Carbon Black, Nexpose, Metasploit/Meterpreter, Encase, Fortify, CheckPoint, Splunk queries, dash-boarding and incident response, IDS/IPS and centralized logging and analysis, Daily log monitoring, Event and Incident correlation, coordination, digital forensics, PEN testing red team, blue team, tick-et management and acceleration, process improvements, design and architecture for Bill Trust, SWIFT, TLS, Secure VPN, File Sharing, Firewall rule creation and reviews, Leading Global Information Security Team Basically 50% Management, 50% hands on for this engagement and my past 3-4 engagements.

o Formulating Security Incident Response Plan, Procedures and Playbooks o Leading in Tenable, TopSpin (for network and host decoys) Rapid7 Page 4 of 9

o Leading in Firewall Replacements in Disaster Recovery Center and Production Environments

o Leading in iOS management, Mac OS X and MDM management solution architecting

o Leading in Process improvements and morale improvements for Security Team

o Leading in architecting Security Essentials, Privacy Shield, PCI 3.2 and NIST standard policies, com-pliance and procedural implementations o Training and development and architecture of Data Classification, DLP and Incident Response Prac-tice,

o Designing and Training on both technical and executive Table Top drills company wide

o Performing as a Thought Leader with reports, laterals, project managers, IT heads, Business de-partment leaders and executives.Contributed and led in these areas:

Phish testing

Penetration testing

Vulnerability scanning and management (including OWASP) Network, firewall, IDS/IPS, server (Windows, Linux), and endpoint administration

EPP, EDR, XDR solutions

SIEM solutions

Certificate management

Tenneco

Information Security Incident Response Directing Manager August 2015 - March 2017 (1 year 8 months)

Directed the DLP program, Sec Run State and Vendor Management o Developed the incident response frame work using modified CERT, developed playbooks, work in-structions and led in implementation and training on global information incident response program.

o Developed partnerships with other business and IT functions involved in security and privacy mat-ters

o Developed relationships with security vendors and external security experts o Creation of company security standards, procedures, processes and work instructions and training and implementation of such o Developed and implemented recommendations to enhance performance and improve security and protection measures

Page 5 of 9

o Troubleshot complex issues with existing security and privacy protection protocols

o Performed Root cause analysis, make and implement recommendations on improvements

o Manage analysis and report of operational security and performance metrics, driving program im-provements

o Led the operations of Tenneco IT security infrastructure, services, and programs

o Provided in-depth technical direction and support to managed security service providers to proactively identify, track, and mitigate risk to IT systems and operations

o Managed response to global security incidents including coordination and leadership during security incident and malware outbreaks o Developed and maintained security related monitoring and logging requirements and procedures across infrastructure, applications and databases globally for the company.

o Monitored and documented indicators of compromise (IOCs) related to advanced, targeted attack-ers

o Provided strategic and logistic direction for global security operations

*. Created 12 playbooks and incorporated these into ServiceNow and with cross IT and business lines globally

Digi-Key Corporation

6 years 1 month

Info Security & Compliance Managing Officer

August 2011 - August 2015 (4 years 1 month)

Thief River Falls, Minnesota, United States

Responsibilities:

• Design, develop, and document security and compliance-related processes and tools

• Support periodic security risk assessments by internal and external auditors, and assist in the resolution of security-related audit items to ensure compliance

• Ensure that security requirements are embedded into systems and projects

* Led with cross functional IT, DEVSEC, Business and security team on compliance and day to day side in created 12 security use cases that were partially automated and fully practiced and documented to support the identify, protect, detect, respond and improvement process in all 10 security domains. Use ServiceNow as one of our response and vulnerability management tools

• Ensure that new developments incorporate security requirements Page 6 of 9

• Perform periodic reviews of documentation and processes to ensure proper audit evidence is being collected and procedures are being followed

• Ensure company compliance with legal requirements and best practices. Collaborate with company attorneys periodically.

• Maintain general awareness of evolving changes in security and compliance within information technology

• Investigate actual and potential security incidents and lead the incident Response Team

• Prepare and facilitate various security and training events

• Collaborate with other departments over sharing of security and compliance documentation

Execute and manage vulnerability testing

security and information asset risk management

Resident Advisor and Product and Progam Owner/Manager for all domains of security

Internal Secuirty Assessor

Internal Auditor

Information Security Officer and PCI ISA

August 2009 - July 2015 (6 years)

Hiring and forming the team. Incident response internal security base lining, auditing, PCI ISA, pen testing, vulnerability scanning and assessment, migration to TLS 1.2, replacement of technology to transformational methods and processes, overcoming narrow old school thinking, moving from a compliance checkbox approach to a real security world class approach, providing real leadership

Contributed, led and performed inmplentationsin these areas:

• Phish testing

• Penetration testing

• Vulnerability scanning and management (including OWASP)

• Network, firewall, IDS/IPS, server (Windows, Linux), and endpoint administration

• EPP, EDR, XDR solutions

• SIEM solutions

Page 7 of 9

• Certificate management

Senior Business Analyst

August 2009 - August 2011 (2 years 1 month)

The Information Security and Compliance Analyst initiates, supports, and assures implementation of information security standards at Digi-Key. The Analyst ensures ongoing compliance and functions as a resource for security and compliance information.

State of North Dakota

Project Manager II

November 2007 - July 2009 (1 year 9 months)

Provide Project Initiation, Planning, Execution and Control and Closing Services

Provide Business Analyst and Business Intelligence Services Provide Quality Assurance and Quality Control Services Provide Product Support and Management Services

Computers Etc. Learning Centers

CEO

August 2006 - March 2008 (1 year 8 months)

• Enterprise level DNS, DHCP, IT, LAN, WAN and clusters

• Data Center Advanced, Enterprise Server, Server 2000, 2003

• Setup up complete marketing plan, planned, developed and put commercial website in place

• Developed, marketed and put business plan into effect successfully

• Provided leadership, vision and management of new business

• Saved businesses, schools and agencies approximately $600K yearly on their IT budgets by planning technology purchases, getting licenses FREE

(legally) or changing to unlimited versions of Server and end user licenses as opposed to the typical overly expensive and inefficient Microsoft way of licensing.

Shannon County School District 65-1

District Systems Administrator

June 2006 - August 2007 (1 year 3 months)

Page 8 of 9

• Managing 300 users, desktops and portable computers, all using Open Directory, Work Group Manager, Server 2003, Active Directory

• Managing 5 Servers, 1 Dell Server and 4 Mac Servers and Raid and SANS

• Enterprise Level DNS, DHCP, IT, LAN, WAN Server clusters engineering, design and support

• Data Center, Advanced Server, Enterprise Server, Database design, support and implementations

• Developed, presented, “sold” leadership) at Rocky Ford School in the Shannon County School District) on a solution for computer, network, and internet monitoring. (This arose out of a tremendous problem of Internet abuse). Solution was a 200% improvement.

Education

University of Minnesota-Twin Cities

Japanese Studies, through advanced Japanese · (1988 - 1990) Central Baptist Theological Seminary

Master of Divinity - MDiv, Pastoral Studies/Missiology · (1985 - 1989) Pillsbury Baptist Bible College in Owatonna MN

Associate of Arts and Sciences (A.A.S.), Fine and Studio Arts and Cross Cultural Studies · (1981 - 1984)

Page 9 of 9

Contact this candidate