Anthony C. Ruger Jr
*.*******@*****.***
Information Technology Management
Analytical and driven security analyst behind successful proactive monitoring, mitigation, and response to network and security incidents. Routinely ensures accuracy, quality, and compliance with industry standards. Skilled in all security management disciplines, with particular strengths in interpreting and prioritizing threats from vulnerability scanning, incident response, threat investigations, forensics and Security Incident/Event Management (SIEM). Strategic leader with a passion for analyzing packets using various security tools and recognizing intrusion attempts and compromises through analysis and review of security events, logs and network traffic.
Key Competencies
•Team Leader
•Accomplished Verbal and Written Communication Skills
•Willingness to Learn
•Ability to Work Independently
•Customer Service Oriented
SIEM Subject Matter Expert Skills
McAfee SIEM
•Utilizing custom search queries to correlate events across entire infrastructure then aggregate and analyze threat data
•Reporting results to management while learning from vulnerabilities and attack patterns
Professional Experience
Sungard Availability Services Inc., Philadelphia, PA (Full-time Remote) May 2018 – August 2022
SIEM Security Engineer
Responsible for all SIEM related configurations, administration and maintenance duties, monthly health checks, reduce false alarms, and build custom parsers for internal SIEM installation and multi-tenant (customers) managed services network environment.
•Integrated monthly maintenance and health check program for efficient 24/7 monitoring
•Developed and distributed custom device uptime auditing reports
•Created, implemented and maintained custom use case correlation rules
•Maintained department's virtual SIEM testing lab of McAfee security products
•Responsible for building custom parsers and rules (PCRE) for devices not supported by McAfee
•Implemented Capacity Planning & Projected Growth Analysis program
Key Achievements:
•Saved company million dollars in approved SIEM hardware PO’s by overhauling SIEM configurations reducing average peak resources by over 50%
NCR Inc., Atlanta, GA (6 Month Remote Contract) Sept 2017 – Mar 2018
Sr. SIEM Information Security Analyst
•Monitor and analyze security events and alerts from multiple sources including SIEM, firewall logs, and system logs
•Initiate tickets, document specifics, and escalate to responsible parties
•Inform IT personnel of security issues, oversee Incident Response efforts, help remediate and make technical suggestions to mitigate future incidents
•3rd party applications integration
•Configured use case correlation rules for suspicious activity with AD groups, accounts and objects
•Identify suspicious lateral network movement
•Configuration tuning of correlation rules, registry, service accounts changes
•Authored numerous KB articles and security policy updates
•Custom parser modifications for unsupported 3rd party applications
Key Achievements:
•Lead role in Capacity Planning & Projected Growth Analysis project
Intel Security Inc., Plano, TX, (4 Month Remote Contract) March 2017 – July 2017
Sr. SIEM Information Security Analyst
•Verified monitoring and logging controls were functioning correctly on all customer hosted data (CHD) network resources
•Collaborated with management teams to ensure full understanding of compliance responsibilities
•Facilitated changes of organization policies with internal auditors to align with PCI DSS
•Reviewed daily vulnerability scanning, exploit and asset management reports to provide appropriate actions and prioritizations in weekly gap analysis report to upper management.
•Configuration and tuning of correlation, parser, filtering, alerting and IOC use case rules
•Tuned custom correlation rules with specific text string matching and aggregation settings
•Custom regex filtering (discard) rules of erroneous network events
Temple University Health, Philadelphia, PA (6 Month Onsite Contract) Aug 2016 – Jan 2017
Sr. SIEM Information Security Analyst
•Researched new and evolving threats and vulnerabilities with potential impact to company business
•Provided SIEM integration administration during evaluation stage of project
•Investigated and diagnosed data integration issues of network devices
•Provided daily analysis of network event traffic
•Updated daily false-positive alerts of suspicious connection events
•Analyzed outbound web traffic patterns associated with protected assets
•Investigated suspicious movements of accounts traversing network segments
•Investigated connection events associated with known blacklisted threat groups
•Created IR Playbooks for Malware & IOCs
•Managed incident response investigations for Phishing and Ransomware attacks
•Utilized Redline, Volatility, FTK and additional memory and digital forensics tools for analysis investigating malware alarms and employee investigations.
Key Achievements:
•Implemented new SharePoint library for IT department KB articles and incident response reports
•Modified and implemented new Helpdesk ‘First Responders’ procedure for Malware-infected systems
•Provided SIEM training and literature to IT Staff
McAfee Inc. Plano, TX (Full-time Remote) June 2012 – April 2016
SIEM Security Support Engineer
•SIEM issue troubleshooting, diagnostics and resolution tracking
•Conducted internal SIEM training for lower-tier support teams
•Administered SIEM VMware test lab
•Data Source integrator of various third-party applications
NitroSecurity, Inc., Idaho Falls, ID (Full-time Remote) Mar 2009 – May 2012
SIEM Support Specialist
•Provided Tier 3 level support to SIEM customers
•Parser Integration of third-party logs and applications
•Post-sale installation and training customer engagements
•Integrated internal knowledge base for SIEM KB articles
Rippletech, Inc., Conshohocken, PA (Full-time Onsite) July 1999 – March 2009
Technical Sales Engineer
•Conducted product demonstrations for pre-sale evaluation customers
•Provided product support during pre-sale evaluation periods
•Conducted post-sale installation and training classes
•Represented company at technical trade shows
•Promoted to Manager of customer support (2006-2009)
Education & Certifications
Bucks County Community College, Newtown, PA - Sept 1985 – May 1985
•Associate Degree – Computer Science
Delaware County Community College, Media, PA - Jan 2017 – Dec 2017
•Cisco Security+ (210-260)
•CCNA (200-120)
References and recommendation letters available upon request.