Cyber Security Engineer

Michael Halm

************@*****.*** • 702-***-****

LinkedIn • Las Vegas, NV

Cyber Security Engineer

For over twenty years, clients have trusted me with the safety of their critical data.

I have worked diligently to remain worthy of this trust.

Career Experience

Stations Casinos, Las Vegas, Nv, Cyber Security Engineer

Cyber Security Engineer 2022 - 2025

For the past few years, it has been my privilege to work with and learn from an amazing team of talented engineers and analysts at Station Casinos. When APT actors started aggressively attacking Las Vegas Casino corporations, we just as aggressively examined and tuned our defenses, averting the ransomware attacks.

• I installed Proofpoint Spotlight giving the Identity management team a blueprint for attacking Critical and high vulnerabilities. These are down 99%

• I installed and configured Crowdstrike sensors on the domain controllers, giving security analysts real time alerts of identity threats

• When the corporate risk score increased 30% in two months, I analyzed the risk statistics and came up with a plan to reduce the score by 35% with minimal disruption to the business

• I enforced Whitelisting on hundreds of End of Life servers to protect them while the teams worked to replace the systems.

Mosaic 451 contractor to the Clark County School District, Las Vegas, Nv

Senior Cyber Security Analyst 2018 - 2022

Mosaic 451 is responsible for edge security on the network of one of the largest school districts in the US, with over 300,000 students and 40,000 employees.

• In 2019 I identified a download of Cobalt Strike in progress to a department in the school district. I quickly researched the product’s capabilities, and realized it was beyond the skillset in that department. I had them take the systems offline within minutes and created an incident ticket to alert the School District. At the time, Cobalt strike had not yet been identified as a preferred tool for malicious actors.

• The Forti SIEM was not working correctly. It identified all alerts as the same threat. I identified the problem as the log parser, isolated the lines of code that were the cause and reported the issue to Fortinet. They wrote a new parser, I tested it for them and they made it the standard parser for the product.

National Nuclear Security Administration-Raytheon/Onpoint, Inc. North Las Vegas, NV

Intrusion Analyst Long Term Cyber Intrusion Analysis 2008 – 2018

• My first month, I was assigned to write the monthly report for one of our customer National Laboratories. I created a new report from scratch. Next month, our director instructed all the analysts to follow that template

• Even though I was the new analyst, I showed the seasoned analysts how to get relevant information out of our new SIEM. For the next two SIEM migrations, I did the same

• I started trending malicious actor activity, even the “benign” activity. When I started to predict which protocols would be getting new attacks and the targets and subjects of some new phishing attacks days before they started, I was assigned to the new position of “Long Term Analyst.” As the analysis proved itself to management, a second position was added.

Additional Experience

IT Professional II Network Specialist Network Technician, UNLV

IT Manager, National Airlines

Education

Bachelor of Arts

University Of Nevada, Las Vegas, NV

Certifications

Early in my career, I found certifications crucial to establish my bona fides when actual cybersecurity jobs were rare. I earned the MCSE, the CISSP, the GIAC Certified Forensics Analyst and the CCNA.

Since then, I have earned and maintained many other certifications, but only those which my employers required for regulatory or marketing purposes.

Contact this candidate