Information Security Engineer

Sean Grady

*** ****** ****, **** ******* PA ***80

E-mail: *************@*****.***

Phone: 610-***-****

LinkedIn: www.linkedin.com/in/seangrady1707

Indeed: https://profile.indeed.com/p/seang-srjbnqq

Authorized to work in the US for any employer

Objective

Information security engineer seeking to provide professional grade strategic proactive security solutions, advisement, support, risk analysis, incident response, malware handling, and threat landscape research

Professional Experience

Senior Information Security Engineer

Comcast

West Chester, PA - April 2020 to December 2024

Lead Security Engineer serving a Custom Threat Reporting Portal for Comcast Business based on UTM Device events (Layer 3-7)

Designed, Developed and implemented a custom Threat Report page that allowed clients to easily drill down into security threats presented that were classified as High Risk between all of the UTM Modules

Administration and engineering of Snowflake Database as a Service

Tableau workbook development for service metrics and client facing workbooks

Remediation of vulnerabilities identified on the Threat Reporting portal and technologies driving service

Documentation of service in internal wiki including items such as topology, dataflow, service flow and past incident details

Senior level support to clients who are having issues seeing their data or wish to know how to use the portal better

Development and repair of Threat Reporting pages for the Threat Reporting portal

Administration and repair of Databricks workflows, compute and run issues

Design and implemented Monthly Business reviews on how the Threat Reporting Portal has been running for the past month, our accomplishments and future state goal setting

Lead SOC 2 Audits against the Threat Reporting portal and the technologies supporting it

Performed User Access Reviews for our Snowflake and Tableau environments

Performed status review of clients and appliances reporting in as well as threats clients are experiencing and pages customers visited most often

Performed threat event reviews based on client need and service needs to discover threats and load as well as events that may be overloading customers implementations

Implemented custom concourse configuration and jobs based off of GitHub repos in order to manage code changes

Worked with AWS s3 buckets, security policies for AWS objects and ran SNS topics to notify run team of any latency issues within the Threat Reporting portal

Partnered with run team in order to validate UTM assets are in place for each customer order

Designed, developed and implemented reports on threats that have impacted our customers’ UTM devices globally based on threat module, top talkers, and points of interest based off of common and unique threat characteristics

Senior Information Security Engineer

Comcast

West Chester, PA - September 2017 to April 2020

Worked as a Contract Employee through Brooksource in Sept 2017 to Sept 2018 then hired on as an FTE

• ArcSight SIEM Solution Management

• Part of a team that prospected, architected, implemented and continuously improved a new SIEM technology into the business: Splunk ES SIEM Solution

• Use Case development and implementation in ArcSight ESM, ArcSight Logger, and Splunk for malicious and/or unauthorized behaviors

• Designed and implemented Cyber defense strategy modeling utilizing attack and threat vector implications

• SIRT/CIRT Strategy and program development

• Design and implementation of Log and Event Management of enterprise systems

• Threat Hunting and Discovery

• PCI Compliance Initiatives

• Event review for malicious, and unauthorized behaviors with tools such as...

Host-based malware and forensic solutions

Layer 3-7 network security devices

Windows, Linux, and Unix Platform logs

Lead Information Security Engineer (Contract Employee)

AT&T / Dupont

Wilmington, DE - March 2017 to April 2017

• Configuration Improvement of Juniper, and Cisco configurations

• Network Security Policy Management through utilization of Firemon to reduce risk, improve compliance, and assess pathway changes

• Chemical-terrorism Vulnerability Information (CVI) Authorized User Certification

Information Security Engineer

Five Below

Philadelphia, PA - November 2015 to November 2016

• Performed as sole information security resource for national retailer

• Information Security Strategy development driven by Risk and Threat Mitigation

techniques utilizing industry guidelines such as CIS, NIST, SANS, and ISO 27001/2 combined with driver

indicators from data breach investigation reports as well as Third Party Risk Assessment feedback

• Information Security Solution prospecting, design and continuous improvement in the

following areas: host-based anti-malware detection/prevention, network-based anti-malware prevention/

detection, vulnerability management, threat intelligence integration, Layer 7 Firewalls, Malicious/Unauthorized Behavior Analytics, Automated Malicious/Unauthorized Incident Detection, malware sandboxing, Forensic response kits as well as several other areas

• Audit Management and Compliance Advisement for PCI DSS 3.1 and SOX

Information Security Engineer

CVS Health

Woonsocket, RI - September 2011 to November 2015

• Accomplished prospecting, design, implementation, continuous improvement and senior level support of security solutions such as ArcSight SIEM, Firemon NSPM, McAfee Email Gateway, Log Distribution services, Qualys Web Application Vulnerability Scanning, Veracode Static Code Analysis, Cisco ASA Firewalls, and more

• Accomplished prospecting, design, implementation and continuous improvement of a new Security Operations Center

• Accomplished design, implementation and continuous improvement of Cisco ASA technical controls for the CVSHealth RxConnect application

• Firewall Configuration and Control Risk Review, Firewall Complexity and Control Redundancy Reduction Services, Firewall Control Migration and Control Analysis

• Proactive and security incident driven system examination with platform utilities, SIEM systems, intrusion detection/prevention systems (IDS/IPS), packet analyzers, traffic analyzers, Advanced Threat Detection Engines, logging platforms, File Integrity Monitoring, Data Loss Prevention Systems, vulnerability scanners and network security policy management engines to discover and remediate malfunctions, malicious activity, unauthorized activity, vulnerabilities or risks

• Custom middleware development through bash scripting and reverse engineering python for indicator of compromise utilization and management as well as event normalization.

Systems Engineer

Phoenixville Hospital / Community Health Systems

Phoenixville, PA - October 2009 to September 2011

• Design, implementation and senior level support of Clinical/Non-Clinical information systems utilizing various versions of Windows, Linux, Unix, and specialty Linux/Unix operating systems

• Design, implementation and senior support of Clinical and Non-Clinical data networks

• Lead On-Call System support for on-going Surgical Procedures

• Implemented Surgical Centers, Doctor’s offices, Endoscopy suites, Hospital Pharmacies, Cancer Centers, Specialty clinics, nurse stations and administrative offices

• Migrated, standardized and organized Hospital Main Data Frame as well as configured MDF to utilize up to date internetworking technologies and cabling

• Data reconnaissance, restoration, and migration of server and end user systems utilizing Windows, and Linux Tools

Pre-Graduation Information Technology Experience

Information Technology Specialist

Pottsgrove School District

Pottstown, PA - August 2002 to August 2005, Summer(s) (2006, 2007)

• Lead Support, Administrative and design specialist for networks and systems for a team of 3

• Design, Implementation, and continuous improvement of data networks and information systems

• Accomplished design, installation, continuous improvement and uptime of Cisco IP Telephony/VOIP services

• Custom Server and desktop hardware design and implementation running Windows 2003 series and custom Linux/Unix distributions

• Accomplished building and implementing over 50+ custom client computers for the school district based on Intel Architecture

Education

Pennsylvania College of Technology

Williamsport, PA

2005 - 2009

Bachelor’s of Science Majoring in Information Technology Security Specialist Concentration with Honors

Minor in Business Administration

GPA - 3.7

Certification

Currently working toward my CompTIA Security+

Volunteer Work

I volunteered at the East Goshen Fire Department as an Exterior Firefighter for about 4 years from June 2020 to May 2024. I am looking to get back into the Fire Service soon but it has been a great way to learn, engage and give back.

Competencies

• Information Security Strategy Development, Portfolio Management, and Implementation

• Prospecting, Design, Implementation, and continuous improvement of Technical as well as Procedural

Security Controls

• Design, implementation, administration, and service of information systems and data networks for companies in several sectors: Clinical, Healthcare, Insurance, Retail, Construction, Legal, Venture Capital and Education

• Prospecting, design, implementation, continuous improvement as well as senior level support for Security Solutions such as Firemon Network Security Policy Management Suite, McAfee Email Gateway Email Protection Suite, ArcSight SIEM, Access Data's Forensic Toolkit for Digital Investigations, Cisco ASA Firewalls, F5 Load Balancers for Log Distribution services, Veracode Static Code Analysis, and QualysGuard Web Application Scanning Services and more

• Networking concepts such as physical and logical design, service debugging, Layer 1 - 7 troubleshooting, packet analysis, netflow, switching, routing, subnetting, access control lists, and network address translation

• Data reconnaissance, migration, forensics, and restoration on server and client systems

• Proactive and incident driven system examination with platform utilities, SIEM systems, intrusion detection/prevention systems, packet analyzers, traffic analyzers, Advanced Threat Detection Engines, logging platforms, vulnerability scanners and compliance reporting systems to discover and remediate malfunctions, malicious activity, unauthorized activity, vulnerabilities or risks on different types of devices using different platforms

Skill Set

Computer Systems: Windows / Client-Server Families, Windows SBS 2003/2008, Windows 7/10/11, Window Server 2012, MAC OS X, Fedora, Ubuntu, Red Hat Enterprise, Linux Client-Server Families such as CentOS and RHEL as well as other Unix\Linux platforms

Roles: Mail, File, Proxy, Application, Web, DNS, DHCP, RAS, Print, Domain Controller, Backup and Recovery, Authentication, LDAP, Terminal Services, Digital Fax, Deployment services, Database, Key management, Update Services, Secure File Transfer

Networking: Routers, Firewalls, Load Balancers, Switches, Repeaters, Hubs, Wireless Access Points, Wireless Controllers, Wireless Security Protocols, UTM Devices, Hybrid Devices, VPN, NAS, SAN, TCP/IP, IPv4, ACLs, IPv6, TCP, UDP, DNS, VOIP, VLAN, DHCP, Static Routing, IPSec, SSL/TLS, 802.3, 802.11, 802.1x, ICMP and more

Vendor(s): Cisco, Sonicwall, 3COM, Netgear, HP, Custom Linux Distros

Malware Analytics Technologies and Skill Set: Crowdstrike, Carbon Black, Lastline, Anubis, Hybrid Analysis, Wepawet, Kali Linux, Parrot Linux, OpenVAS, GrayLog, Squid, OpenVPN, Onion Proxy Tor, Maltego, Cobalt Strike, REMnux, Helix, Wireshark, Metasploit, bash scripting, Command and Control Traffic analysis, packet analysis, Machine analysis, Log analysis, File analysis, Forensic Investigation Processes and Techniques, Reverse Engineering File Behaviors and Binaries, Verizon Data Breach Report and other data breach reports as well as other breach reports

Malware Experience and Research: Zeus, CryptoLocker, Locky, CTB-Locker, Flame, Duqu, Stuxnet, SpyEye, Dridex, ModPOS, VBS Downloaders as well as other blended malware families or attacks

Security / Forensics: Access Data Forensic Toolkit, Prodiscover Toolkit, Encase, FireEye, Firemon,

SNORT, SourceFire, IBM Proventia, ArcSight SIEM Platform, vulnerability scanners, vulnerability management, Qualys Web Application Vulnerability Scanning, Veracode Static Code Analysis, Nessus, Splunk, RSA DLP, Fidelis DLP, RSA Archer eGRC, Riverbed Cascade Profiler, Qualys, HIPPA, SOX, PCI DSS, iptables, threat intelligence integration, host-based anti-malware detection/prevention suites, network-based anti-malware prevention/detection solutions, Symantec Suite, ESET Suite, GFI Suite, McAfee Suite, Web Application Firewalls, ModSecurity, Imperva WAF, OCTAVE Risk Assessment Framework, CIS, SANs, NIST CSF, NIST RMF, ISO 27001/2, MITRE ATT&CK, Cyber Kill Chain, File Integrity Monitoring, Steganography, Group Policy, Cryptography, Encryption, Biometrics, Access Control, Patch management, Anti-malware solutions, McAfee Email Gateway, Proofpoint, HIDS/HIPS solutions, Malware Sandboxes, Cb Defense, LogRhythm, Palo Alto and OWASP

Database: MySQL, Oracle, MS SQL, Snowflake

Virtualization: VMWare, Parallels, Hyper-V, Citrix, VirtualBox

Web 2.0: Sharepoint, Drupal, Wordpress, Joomla, OpenAtrium, LogMeIn, Teamviewer, NoMachine NX, LAMP Stack Applications, WIMP Stack Applications

Disaster Recovery: Acronis, Symantec Ghost, Image Vault, Paragon, Symantec Backup Exec

Other: OpenOffice, MS Office, Drawio, Visio, MS Project, Adobe Acrobat, Adobe InDesign, Adobe Photoshop

Contact this candidate