Information Security Engineer
Resume:
GREGORY L. MACHLER
Falcon Heights, Minnesota 55113
Cell: 651-***-****
Email: *******.*******@*****.***
Mr. Machler desires a position where he can take advantage of his cybersecurity, architecture, writing, and communication skills. His latest experience was focused on application cybersecurity engineering for Wells Fargo, a global bank.
He likes large complex technologies and applications that support critical industries or the internet. He also has strong analyst skills with the ability to make complex ideas simple.
He has thought leadership within various cyber security domains. He has a website at focusoncyberdesigns.com where he blogs. He has also written many information security articles for CSO Online magazine.
PROFESSIONAL EXPERIENCE
Client: Wells Fargo, Minneapolis
Application Security Engineer (February 2024 – August 2024)
Worked on addressing application security via use of Checkmarx’s SAST tool.
Focused on addressing false positives.
Began preparing for CxOne application deployment into the global clouds.
Writing intermediately complex application in Python.
Company: Daikin Applied, Minneapolis
Information Security Engineer (March 2020 – November 2023)
Completed Security Incident Response Plan and performed tabletop exercises following it.
Planned corporate application risk analysis with SCA and SAST security tools. Checkmarx was the main SAST vendor.
Developed processes to analyze certain Arctic Wolf cybersecurity tickets.
Performed quarterly corporate phishing testing via use of KnowBe4 tool.
Provided oversight and planning of outsourced penetration testing of critical applications.
Performed eDiscovery work with Microsoft’s Standard eDiscovery tool.
Performed vendor risk analysis of purchased SaaS applications.
Performed risk analysis of 120 IT and IoT applications and defined mitigations to address risk
Wrote some administrative applications in Python.
Client: Thrivent Financial (Brightpeak), Minneapolis
Cloud Security Architect (August 2018 – May 2019)
Performed NIST CSF assessment of Thrivent Financial subsidiary, BrightPeak Financial. Determined gaps from results, created artifacts.
Evaluated OWASP security conformance of devops environment.
Wrote some administrative applications in Python.
Updated portions of Disaster Recovery, Incident Management, and Patch Management policies.
Client: Xcel Energy, Minneapolis
Security Architect (August 2017 – June 2018)
Improve the reliability of the distribution power grid thru selection of NISTIR 7628 and ISA 62443-3-3 controls. Implementation that meets the selected controls improves the reliability of the grid (substation to homes/businesses).
Created a more resilient electrical power grid. Separated IT operations equipment from distribution electrical grid operations due to following the NISTIR 7628 Boundary control.
Focused on security of IP-based Advanced Metering Interface application that will interact with millions of meters. This IoT architecture operates over an RF mesh fabric and uses digital certificates to protect the meters and the meter monitoring application from compromise.
Client: Sammons Financial Group, Sioux Falls
Technical Lead (June 2016 - Dec 2016)
●Directed technical work that leads to success in the following InfoSec projects
oIdentity and Access Management (SailPoint)
oThird-Party Application Workstation Patch Management
oSecure Configuration of Servers
oVaulting of Privileged Credentials (CyberArk)
oPhishing
Company: Optum (Jan 2013 – Feb 2016), Minneapolis
TISA - Technical Information Security Advisor
●Addressed HIPAA, HITECH, and NIST requirements for healthcare companies.
●Brought greater IT vision to purchased clinics so that their IT infrastructure can be conformed to corporate IT standard.
●Acted as security architect for applications that made 1 billion dollars in revenue in 2015.
●Develop some of the critical questions related to new 30 domain security risk assessment of purchased merger and acquisitions.
Company: Accenture (2004 – 2008)
Clients: Dynegy, Cardinal Health, Best Buy
Security and Technical Architect
●Improved sales via creation of in-store sales reporting tool at Best Buy.
●Developed authentication for sales employee access to in-store applications.
●Improve in-store intranet application performance.
●Architected security design for Sales Hub that processed all business transactions.
●Enabled translation of business documents from English to Spanish.
●Developed information security policies for Dynegy, a natural gas firm
●Created architecture design for SOX work within Cardinal Health.
Company: Seagate (2000 – 2002), Minneapolis
Product Marketing for NAS Product and Encrypted Drives.
Software Development and Architecture (1987 – 2024), Minneapolis/St Paul
Languages:
2018 to 2024 - Python
1990s - C, C++, SQL
Roles: Systems Architect, Communications Software Developer (C, C++)
Northwest Airlines – Software, Passenger Revenue Accounting application upgrade
Five-million dollar software upgrade to 70 million dollar electronic ticket handling application. Upgraded GUI and created Year 2000 translation library.
Siemens Energy and Automation – Software for Power Pool (PJM) and Distribution Power Grid applications.
Wrote communications software that glued together eight power companies to PJM (Pennsylvania, New Jersey, Maryland) power pool. Wrote Distribution Power Grid software for Hydro Quebec.
ADC Telecommunications – Broadband Delivery, Systems Engineer
Created Hybrid Fibre Coax broadband product. Targeted fiber solutions for cable companies.
NCR – Data Communications Software Software
Switching, Token Ring, asynchronous communications, and kernel driver development.
EDUCATION
UW-Stout: Bachelor Degree in Applied Mathematics in 1987
Concentrations: Computer Science and Physics
AUTHOR, SPEAKER
CSO Online Magazine. Over 25 cybersecurity articles. Search for them, ‘Machler CSO Online’
Cloud Security Alliance Conference Speaker - Seattle, 2021
CERTIFICATION AND MEMBERSHIP
IEEE 802 Standards Member
CISSP – 2003
MILITARY SERVICE
UNITED STATES ARMY RESERVE
Sergeant E5, 882nd 75C, Personnel Specialist, Fort Snelling, Minnesota (1983 - 1989) Certificate of Achievement, Department of Military Affairs-State of Wisconsin
Contact this candidate