Security Engineer Zero Trust
Resume:
LLOYD M. BROOKS
Atlanta, GA 267-***-**** ************@*****.*** LinkedIn: Lloyd Brooks
Endpoint Security Engineering Threat Detection & Response Infrastructure Architecture & Design
PROFILE
Lead Security Engineer with over a decade of experience designing and executing cybersecurity initiatives across financial, federal, and commercial sectors. Certified in CISSP, CHFI, and Security+, with hands-on expertise in endpoint protection, threat remediation, and compliance using CrowdStrike, Tanium, Forescout, and Splunk. Demonstrated success aligning security architecture and risk strategies with NIST, ISO 27001, and SOC 2 frameworks. Proven leader in cross-functional project delivery, integrating advanced security controls and automation in highly regulated enterprise environments.
Core Skills & Competencies
CrowdStrike Deployment Tanium Decommissioning Endpoint Protection Threat Remediation Security Compliance Forescout Integration Splunk Monitoring Enterprise Architecture Risk Management NIST Frameworks ISO 27001 Standards SOC 2 Compliance Incident Response Zero Trust Implementation Regulatory Alignment PowerShell Scripting osquery Development CIS Benchmarks Toolset Integration Vulnerability Assessment Team Leadership
KEY VALUE OFFERINGS
Enterprise Security Leadership: Led end-to-end cybersecurity initiatives during high-impact mergers, seamlessly integrating endpoint security tools across enterprise networks without operational disruption.
Endpoint Protection Expertise: Deployed and optimized CrowdStrike Falcon, Tanium, and Symantec endpoint solutions across 70,000+ devices, strengthening threat detection and response capabilities across diverse environments.
Zero Trust Integration: Built a custom Zero Trust model by integrating Forescout NAC with CrowdStrike, Splunk, and Qualys, expanding real-time visibility and strengthening access control across managed assets.
Compliance and Risk: Drove alignment with NIST, ISO 27001, SOC 2, and data privacy frameworks across enterprise systems, ensuring readiness for audits and reducing compliance risk exposure.
Threat Response Acceleration: Lead CISO-directed zero-day remediation efforts by deploying rapid behavioral signatures, significantly reducing threat dwell time and improving containment speed.
Automation and Reporting: Create PowerShell and osquery scripts to fully automate Tanium report replication in CrowdStrike, reducing manual workload and enabling real-time compliance insights.
WORK EXPERIENCE
Otis Elevator Company Atlanta, GA Jun 2025 – Present
Lead Security Engineer (CrowdStrike Project)
Overhaul legacy endpoint monitoring by decommissioning Tanium and deploying CrowdStrike Falcon across enterprise IT infrastructure, streamlining telemetry and eliminating agent redundancy.
Design automation scripts using PowerShell and osquery to recreate and enhance legacy compliance reports from Tanium within Falcon, restoring real-time visibility post-transition.
Activate CrowdStrike’s AI assistant “Charlotte” to generate dynamic threat-hunting reports, reducing manual analysis workloads and accelerating SOC insight delivery.
Mentor internal Otis security staff through structured enablement sessions, improving adoption of Falcon dashboards, Charlotte workflows, and custom detection rules.
Implement CIS Benchmarks manually for Windows and RHEL servers within Falcon, establishing hardened baselines ahead of import capability rollout.
Truist Atlanta, GA Jan 2020 – Jun 2025
Sr. Security Engineer, Lead
Direct merger-driven expansion of Endpoint Detection & Response (EDR) controls by aligning policies and tooling across converging banking infrastructures, enabling unified protection without production downtime.
Orchestrate zero-day remediation initiative that deployed real-time behavioral signatures, reducing vulnerable asset identification time from days to hours during active threat events.
Engineer NIST-compliant workstation and ATM gold images that became the enterprise baseline, balancing hardened security configurations with performance and business usability.
Consolidate disparate host-based firewall solutions into a unified endpoint security suite, maintaining application functionality across lines of business while optimizing license utilization.
Integrate CrowdStrike, Qualys, Splunk, and ServiceNow with Forescout NAC to construct a custom Zero Trust enforcement model, expanding real-time control and visibility across all managed devices.
SunTrust / Infosys Atlanta, GA Mar 2019 – Dec 2019
Security Engineer, Lead
Spearheaded Symantec DLP, SEP, and SPE operations across 70,000+ endpoints in multiple enterprise data centers, significantly improving data loss prevention coverage and operational reliability.
Established customized data-classification profiles for public-facing systems across the enterprise, enhancing data governance controls and accelerating response to sensitive data incidents.
Collaborated closely with offshore endpoint security teams to fine-tune DLP and SEP policies, ensuring policy accuracy and maintaining 24/7 threat protection across diverse environments.
Submitted and managed ServiceNow change requests to maintain architecture compliance with SOX, PCI DSS, and global data privacy regulations, supporting enterprise audit readiness.
Supported integrated endpoint defense through direct administration of Tanium, CrowdStrike, Proofpoint, and Forescout, ensuring seamless coordination across the security stack.
Jimmy Carter Presidential Library / Attain Atlanta, GA Jul 2017 – Jan 2019
Security Engineer & System Administrator
Monitored hybrid Windows and Linux infrastructure daily, responding rapidly to security events and system alerts to maintain continuous protection and operational uptime for museum systems.
Executed backups, asset inventories, and OS upgrades, preserving data integrity and system availability.
Engaged departmental stakeholders to capture technical and policy requirements, implementing compliance-tracking measures that improved organization-wide adherence to security standards.
Installed Symantec Protection and Encryption, safeguarding presidential archives from malware and data leakage.
Developed and enforced Active Directory access controls, strengthening identity integrity and streamlining provisioning.
U.S. Court of Appeals, 11th Circuit Atlanta, GA Nov 2014 – Jul 2017
IT Technician II / Technical Lead
Redesigned Active Directory group-permission model, aligning access governance with judicial workflows.
Furnished tier-2/3 support to judges and staff, resolving complex issues and sustaining court operations.
Provisioned laptops, desktops, and mobile devices with standardized Windows and Office 365 images, enabling secure deployments and accelerating hardware rollouts across all court units.
Assisted deployment of SolarWinds and Dell KACE platforms, enhancing proactive performance management.
Conducted enterprise performance tests and intrusion-detection reviews, fortifying the court’s security posture.
EDUCATION & CERTIFICATIONS
Oakwood College, Major – Computer Science (95 – 97)
CISSP – Certified Information Systems Security Professional (ISC ), 2017
CHFI – Computer Hacking Forensic Investigator (EC-Council), 2016
CCENT – Cisco Certified Entry Networking Technician (Cisco), 2016
Security+ – CompTIA Security+, 2013
ITIL Foundation v3, 2016
Microsoft Certified Professional – ID: 1381445
Contact this candidate