*

Brian Michael Thomas

ISC* Certified in Cybersecurity. ISSE. Vulnerability Management and Risk Compliance. Six Sigma Yellow Belt (6σ). Alumnus: Industrial Light & Magic.

https://linkedin.com/in/brianmichaelthomas adypu6@r.postjobfree.com PROFESSIONAL

Marin Health San Rafael, CA March 2023 – June 2023 Security Engineer – Contract Position

• Architect and manage daily operations of Taegis VDR to scan for, compile, and submit Enterprise vulnerability reports.

• Architect and manage daily operations of Cynerio to scan for, compile, and submit medical device vulnerability reports.

• Architect and manage daily operations of Taegis XDR SIEM solution for endpoint EDR and SOAR operations. Create custom rulesets as required for monitoring and the escalation of suspected endpoint risks.

• Manage Cisco Umbrella for outbound proxy operations and defense against malicious software and threats.

• Manage Carbon Black for Endpoint and Malware Protection. Perform upgrade of the remote agent.

• Manage MaaS360 MDM for the administration and protection of mobile and tablet endpoints.

• Manage Symantec DLP for the protection of HIPAA, PHI, and PII on email and user traffic.

• Daily management and operation of Azure services including AD, IAM, and Defender as required for business.

MUFG Bank San Francisco, CA February 2022 – March 2023 Network Security Engineer (L2) – Contract Position

• Proxy SME: Proxy engineering Subject Matter Expert focusing on the User proxy, Application proxy, and proxy architecture duties for the global enterprise.

• Audit, review, approve, and work with the engineering team to implement web access request proxy changes, that are submitted by users, as required for business deliverables and projects.

• Troubleshoot proxy connectivity issues for internal customers as required to ensure fast turnaround of problem and customer satisfaction.

2

• Audit existing proxy changes and file change audit paperwork detailing approved web proxy changes for the business.

• Document weekly and monthly proxy ticket requests/metrics and correlate to BOTH average and median time spent per proxy access request ticket (these reports go up to Senior V.P.’s)

• Review, approve, and engineer changes as required for the enterprise Netskope CASB (Cloud Access Security Broker) configuration.

• Leverage Splunk SIEM as required for security operations and enterprise troubleshooting

• Document weekly email security Proofpoint metrics report for upper management.

• Daily management and operation of Azure services including AD, IAM, and VM’s as required for business. Provide O365 email support for internal customers.

• Create documentation using Confluence and SharePoint for various internal systems, processes, and hardware operations.

2K Games Novato, CA July 2019 – February 2022

Sr. Enterprise Security Engineer

• Under the direction of new Executive leadership, lead projects for fostering business relationships and performing regular meetings with global studio IT teams.

• Manage, configure, and operate Tenable.io. Submit weekly vulnerability reports for all production and enterprise endpoints and assets. Work with Site Reliability Engineers to mitigate vulnerabilities.

• Manage, configure, and operate Palo Alto Prisma. Submit weekly vulnerability reports for all cloud objects and resources. Work with Site Reliability Engineers to mitigate vulnerabilities.

• Submit weekly vulnerability reports for all production and enterprise endpoints and assets. Work with Site Reliability Engineers to mitigate vulnerabilities.

• Configuration, modification, and daily support of edge & internal Palo Alto firewalls providing access services for all local and remote locations.

• Deploy, configure, and manage nine global Security Onion nodes, in Forward configuration, across multiple international sites and data centers.

• Perform a 'Rip-n-Replace' from Sophos to Sentinel One EDR. Deploy, configure, and manage Sentinel One EDR solution across multiple global sites.

3

• Support daily operations and configuration of the enterprise Okta MFA platform

• Create documentation using Confluence for various internal systems, processes, and hardware operations.

• Leverage Splunk SIEM as required for security operations and enterprise troubleshooting

• Write and publish corporate security and data policies.

• Perform IP/PII risk assessments for 3rd party vendor architecture and B2B onboarding.

• Perform risk assessments on 3rd party software for enterprise use.

• Provide end-user support for tickets assigned to the security team.

• Provided Site Reliability Engineering troubleshooting/services for various on-prem and SaaS solutions for the Security Team and global enterprise users.

Bed Bath & Beyond Union, NJ March 2015 – May 2019

Security Engineer

• Architect, configure, and manage RSA NetWitness clusters and optimize for network traffic ingestion.

• Manage IPAM platform for management of store DNS/DHCP; Configure and manage PCI payment systems across national stores.

• Architect, design and build-out GRC on-prem clusters. Wrote PowerShell and PowerShell scripts to automate various GRC back-end tasks.

• Configuration, modification, and daily support of edge & internal Palo Alto firewalls providing access services for all local and remote locations.

• Perform weekly scans, research, and track known bugs and patch servers and applications to mitigate vulnerabilities.

• Architect and manage TACACS+/Radius for AAA of all corporate and store devices. Perform weekly security audits of all corporate and store network devices.

• Pulse Secure SME: Architect, engineer, and management of Pulse Secure VPN for 5k+ telecommuter and

~22 3rd party B2B user access. Architect endpoint security host checking for all Pulse Secure VPN endpoints. Configuration duties included building out new Pulse appliances for delivery into the production pipeline, allocating DHCP lease addresses, integrating the Pulse ecosystem with SecurID/TOTP and configuring the Pulse appliances to meet all internal security policies. 4

• Architected, built, and managed a successful global RSA MFA platform

• Work cross-functionally with risk/compliance teams to ensure on-time delivery of security compliance requirements

• Manage IPS and investigate file integrity/change monitoring. Perform log management and event monitoring

• Audit end-user and application access and compile weekly reports for management review

• Configure and manage DLP appliance for PCI/PII zone compliance and reporting

• Manage Antivirus Endpoint Protection solution

• Provided Site Reliability Engineering troubleshooting/services for various on-prem and SaaS solutions for the Security Team and global enterprise users.

• Daily management and operation of Azure services including AD, IAM, and VM’s as required for business.

• Deploy, configure, manage, and operate on-prem Archer GRC. Hoag Hospital Newport Beach, CA March 2014 - March 2015 Information Security Analyst

• Perform weekly vulnerability scans of all external and internal corporate assets and work with IT engineers to mitigate vulnerabilities on sites containing HIPAA-protected data

• Designed, built, configured, and documented the MDM solution to manage all company-owned mobile devices.

• Configure and manage DLP gateways for protection of HIPAA, PHI, and PII on outbound email messages and user traffic.

• Leveraged EDR to identify rogue actors within the corporate network. Perform analysis of rogue actors and mitigate as needed.

• Conducted security audits of 3rd party vendor configurations. This resulted in stronger SSL and cipher suites on 3rd party sites containing PHI.

5

Sony Pictures Entertainment Culver City, CA September 2013 - March 2014 AWS Security Consultant – Contract Position

• Brought in as Release Security Consultant to assist in hardening and securing the AWS-hosted product www.sonymcs.com (Media Cloud Services) for public release.

• Worked within a Scrum development methodology and conducted regular vulnerability audits to evaluate attack vectors and software/configuration vulnerabilities on cloud storage platform.

• Monitor CVE databases and identify open vulnerabilities on affected software.

• Document threat defense strategies for event escalation, triage, and remediation. Write and publish SOC frameworks. Conduct ongoing assessments of the service infrastructure and application logic. Produce clear and concise documentation related to application and end-user security. United HealthCare Cypress, CA March 2005 – March 2013 Network Engineer

• Built, configured, and managed 21 International public VPN gateways and provided lead Project Management for secure connectivity of 30k telecommuters and contractors. I managed 24/7 Cisco AnyConnect VPN global access. Worked with the desktop imaging team to perform compatibility testing, configure, test & deploy beta versions for internal testing.

• Manage 50+ B2B hardware VPN connections using Cisco 7200’s to build and maintain secure B2B connections.

• Responsible for 24/7 troubleshooting of networking equipment across multiple global datacenters

• Proactively perform HIPAA compliant security best practice assessments to mitigate potential threats and risks to company data using IDS/IPS tools

• Support network connectivity, security monitoring and support for forward-facing customer PHI websites.

• Build and document B2B VPN tunnels, using HIPAA compliant best practices, for global 3rd party vendors

• Write and maintain end-user documentation for VPN Telecommuters and 3rd party B2B Business Managers. Manage external vendor connectivity to meet required Business SLA & Security agreements

• Document daily internal network security audits and work with engineers to mitigate risk and protect CIA of company data.

• Manage and inventory hardware and software physical assets across multiple datacenters 6

• Configuration, modification, and support of edge & internal Checkpoint firewalls providing access services for all local and remote locations. Configuration and support of Core & Edge switches, Routers and SAN’s; including identifying and upgrading software as required for tightening security.

• Daily management and operation of Azure services including AD, IAM, and VM’s as required for business. Industrial Light and Magic San Rafael, CA February 2000 – May 2002 Manager, Desktop Business Systems

• Managed department of 13 Windows and Mac engineers providing 24/7 deployment and triage to 1500 users in 3 locations. Duties included hiring, daily supervision, setting performance standards and meeting business requirements and SLAs on time.

• Perform daily Desktop/Server network security assessments and best practice evaluations to ensure strict CIA of all company data; Managed daily operations of two repair / R&D labs.

• Budgeted, licensed, and managed successful company-wide deployment of Windows 2000 / Office XP migration

• Identify configuration-level threats and risk exposure to specific attacks

• Identified IT goals and drafted capital budgets. Managed the accounting and controlling of IT assets

• Continuously connected with customers for systems and support evaluations. Acted as liaison between users, programmers, and external vendors for support services

• Identified and budgeted company-wide Microsoft SLA and ELA re-licensing plan for forecasted business needs

• Created contingency & disaster recovery plan, loss mitigation solutions and standards of due care

• Audited quarterly department budget including operating, overhead and capital expenditures

• Continually measured procedures and benchmarks to evaluate individual and team performance. CERTIFICATIONS

1. (ISC) Certified in Cybersecurity (CC)

2. Cisco Certified Network Associate Routing and Switching (CCNA Routing and Switching) 3. Six Sigma Yellow Belt Certification (6σ)

7

4. Cloud Basics - (ISC) Cloud Security Certificate Program 5. Conducting Practical Risk Analysis - (ISC) Risk Management Practitioner Certificate Program 6. Crowdsourced Security Certificate - (ISC) Security Administration & Operations Certificate Program 7. Cryptography Certificate - (ISC) Security Administration & Operations Certificate Program 8. Exploring Risk Standards - (ISC) Risk Management Practitioner Certificate Program 9. Healthcare Essentials: Information Security in Healthcare Settings - (ISC) Healthcare Certificate Program

10. Introduction to NIST Cybersecurity Framework - (ISC) CISO Leadership Certificate Program 11. Malware Analysis Certificate - (ISC) Security Administration & Operations Certificate Program 12. Moving to the Cloud - (ISC) Cloud Security Certificate Program 13. Practical Risk Methods - (ISC) Risk Management Practitioner Certificate Program 14. Privacy and Security for Healthcare Organizations - (ISC) Healthcare Certificate Program 15. Responding to a Breach Certificate - (ISC) Security Administration & Operations Certificate Program 16. Risk Management and Risk Assessment in a Healthcare Setting - (ISC) Healthcare Certificate Program 17. System Security Engineering Foundations Certificate - (ISC) Security Engineering Certificate Program 18. System Security Engineering Operations Certificate - (ISC) Security Engineering Certificate Program 19. System Security Engineering Planning & Design Certificate - (ISC) Security Engineering Certificate Program

20. Working in the Cloud - (ISC) Cloud Security Certificate Program 21. Purple Team Playbook - (ISC) CISO Leadership Certificate Program 22. NIST Cybersecurity Risk Management Framework

23. Certified Wireless Network Administrator (CWNA)

Contact this candidate