Information Security Incident Management

Michael J. Schutt

**** **** ***., ***** ****, MI 48101

313-***-**** *********@*****.***

Objective:

To leverage extensive expertise in designing, engineering, and maintaining secure network infrastructures and applications, ensuring robust operational efficiency and compliance.

Professional Summary:

Dedicated professional with a comprehensive background in network auditing and control, security analysis, and incident management. Proven ability in implementing and managing SIEM systems, vulnerability assessments, and risk compliance frameworks. Skilled in Linux server management and creating secure IT environments.

Education:

Goucher College, 1990-1991

Undergraduate Studies

Leelanau Schools H.S., 1988-1990

Student Council President, Varsity Soccer, Basketball, and Baseball

Formal Training / Certifications:

Certified Novell Administrator

Microsoft Product Specialist - NT 4.0

Certified Novell Engineer

CISSP (lapsed in 2012)

Project Management Course Completion

Various specialized trainings including ISS HIDS/NIDS, Encase Software, SANS SEC401, Arcsight SIEM, Vormetric Database Encryption, Proofpoint Email Security Engineering

Experience:

Unemployed / Recovery from Longterm COVID Issues

October 2022 - Current (June 2024)

Note: Took time off to focus on health and recovery from COVID-related illness.

Wipro Inc. – Infocrossing LTD. State of Missouri HealthCare Division

Sr. Information Security Analyst September 2019 – October 2022

Qualys Vulnerability Management System

Managed day to day responsibilities

Including regularly scheduled scans

Onboarding of new devices

Vulnerability Scans

Onboarding of 5 separate environments with separate requirements and reporting structures

Created scheduled reports for discovery, vulnerability, and special focus on compliance reporting

Completed quarterly and annual GRC (Risk Compliance) reports, and worked with other teams to create or update a Windows Active Directory policy (ies).

QRadar SIEM System

Eyes on glass responsibilities for incident management

Compliance reporting / evidence of actions

Rule management to lessen false positives

Microsoft Data Leakage Protection (DLP) and Symantec Endpoint DLP

Eyes on glass responsibilities for rule triggers

Open up DLP incidents – provide evidences for such

Rule management to lessen false positives

Delta Dental of Michigan

Information Security Engineer December 2017 – April 2018

Qualys Vulnerability Management System

Managed day to day responsibilities

Including regularly scheduled scans

Onboarding of new devices

Vulnerability Scans

Created new policy compliance scans

Hand created policy checks for E.L.K

ElasticSearch, Logstash, Kibana, Salt, Consul applications

Managed LogRhythm as needed day to day issues.

AF Group Inc.

Information Security Engineer May 2016 – April 2017

Engineered TrendMicro Office Scan / Deep Security / ScanMail Products

Re-Engineered all virus products for entire organization

Upgraded / refreshed all desktop / virtual desktop environments

Re-Engineered Office Scan products to auto upgrade clients

Re-Engineered product to allow off network communication for sales force employees

Re-Engineered all SMTP virus protection and SMTP policy at both ingress and egress.

Went from 70 active servers protected to over 500 active servers

Included all testing / policy / exceptions

Included Cisco ASA SMTP policy

Included TrendMicro Scan Mail on Exchange

Qualys Vulnerability Management

Created Vulnerability Management Scheduled Reports

Created Asset Management System

Included auto tagging of assets as they come on board

By both Operating System and class C subnets

Created Compliance Scans for Operating Systems

CIS Benchmark Standards

Cylance Desktop Protection

Engineered, tested and installed Cylance protection to over 2,100 endpoints

Included all business unit testing, exceptions, and activation

Cisco ASA Firewall Support

Daily Support / Project Support for ASA Firewall systems

Root cause analysis of level III support calls, including packet traces and application integration.

Corporate Microsoft Office 365 integration

BlueCoat HTTP Management

Corporate Microsoft Office 365 integration

Daily management of AF Groups HTTP security

Included project and daily support of HTTP group/individual exceptions, requests, and project requirements

Root cause analysis of level III support calls, including packet traces and application integration.

Maintained corporate .PAC files (multiple PAC files)

Comerica Incorporated

VP – Sr. System administrator Comerica Inc. September 2015 – March 2016

Directly responsible for all internet email security, policies, and day to day management. This includes complex SPAM and email firewall rules, fraud investigations, project implementation, SPAM mitigation, and email delivery.

Management of all data leakage policies for SMTP lane

Management of all TLS lines and implementations (supported and managed 170 TLS lines)

Management of 15-20 email middleware devices

Included day to day management - CLI based upgrades and queries.

Linux CENTOS operating system upgrade and management

Proofpoint and Zix systems hardware management

VP – Sr. Security engineer Comerica Inc 2006 – 2015

Directly responsible for day to day activities of the following products:

RSA token – Dual lead engineer.

I was directly responsible for all RSA token application integration. This mainly included large scale project implementations

Implementation base of over 14,000 tokens. Included both internal and external clients.

Testing of DR scenarios /readiness

Break fix

Arcsite SIEM – Integration and project engineer

Lead engineer of large scale implementation / integration of Arcsite. This included at project end, the integration of over 1,200 windows and Linux servers.

Configuration and implementation of real time rules / trap notifications

Zix and Proofpoint Email Security

Lead Engineer and implementer – Built and managed all middleware hardware (twenty devices) and all email policies for internet email.

CENTOS / Linux day to day management

Client base of over 10,000 users

Vormetric Database Encryption

Lead engineer and implementer. Implemented encryption product to large DB2 database built on Linux technology. Implemented access based on both Active Directory integration and application access.

IBM ISS (Internet Security Systems) Host Intrusion / Network Intrusion

Engineer – Directly responsible for all HIDS (host intrusion detection systems), and for all policies for NIDS (network intrusion detection systems).

This included all policies, licenses, rules (exported to Arcsite), break fix scenarios, and integration with hosts.

Approximately 55 NIDS devices in 4 environments, and over 600 HIDS client servers / middleware devices in 4 environments.

Checkpoint Removable Media and Hard Drive Encryption

Lead engineer and designer for corporate implementation to over 10,000 workstations.

First person in country to implement a Microsoft AD configuration into a Novell OS infrastructure.

Encase forensic (2006-2008)

Worked case loads for all fraud / information security investigations. Including:

After hour acquisitions of hardware / stealth copy

Evidence handling

Working with corporate, local, and federal police.

AVP – Project support center Comerica Inc 2002 – 2006

Level III support to help desk

Root cause analysis of large / critical issues

Training the level I and level II help desk employees

Large scale project implementations of new products / upgrades of existing NOS (Novell)

FLO (first level officer) – Technician Comerica Inc 1999 – 2002

Implemented AM Desktop Trust Software

Implemented to largest trust accounting holders.

Included on site implementations to largest trust holders (billion dollar holders)

technician First american title 1997-1999

Traveled throughout Midwest upgrading offices from Novell 2.2 to Novell 3.x and Windows 3.11.

Included ghost imaging workstations, building Novell Netware infrastructure and setting up Wide Area Networking to home office.

Phone support to office clientele.

technician omicron Electronics 1995- 1997

Sold and built handmade / custom AutoCad workstations.

Skills:

Network Security Engineering

SIEM Implementation (QRadar, Arcsight)

Vulnerability Assessment (Qualys)

Incident Management and Response

Linux Server Administration

Project Management

Compliance and Risk Management

Technical Support and Troubleshooting

References: Available upon request.

Contact this candidate