Senior Information Security Engineer with CEH Certification

Location:

Glendale, AZ

Posted:

January 30, 2026

Contact this candidate

Resume:

Charles McCray C EH

*************@*******.***

602-***-****

The Information Security Engineer assists with the day-to-day information security operations and helps with the implementation of the Information Security Strategic Plan to enforce HIPAA and PCI compliance. Responsibilities include the managing, monitoring, and maintenance of information security devices such as Intrusion Prevention System (IPS), Threat Response tools and web content filtering technology. Analyzes and creates reports based on information gathered from security technology and reports to CISO on daily basis. Performs detailed information security assessments on information systems to ensure compliance with federal and state regulations. Assists with e-discovery, forensic and internal penetration testing. These information security assessments would include but are not limited to application reviews, access controls, network reviews, and regulatory and other compliance reviews. Other information security duties as assigned.

I have experience implementing & configuring RedSeal in a complex customer environment, I can identify new techniques and methodologies, as well as potential usability enhancements to the RedSeal product. I have led an effort to deploy, manage and operate RedSeal. RedSeal is a Cyber Analytics platform to automatically analyze a network, model it with a view to understanding and continuously monitoring the whole network and discover unintended paths through it. RedSeal also assists in determining threats and risks to the environment.

Certifications:

EC-Council C EH Certified Ethical Hacker

EC-Council Cloud Computing

EC-Council Network Defense Essentials (NDE)

FedVTE Cloud Computing Security

NetSkope Security Cloud (CASB)

CrowdStrike Falcon Platform Architecture & Administrator

Qualys Cloud Security Assessment & Response

Cisco FTD 4145 & FMC 4600; SecureX, Threat Response, Threat Grid, Umbrella.

Experience:

01/2024 to Present Arizona Department of Child Safety (Sr. Information Security Engineer)

Review security monitor logs from all systems (Cisco Firewall, IDS/IPS, LEMs, SIEM Tools, Email, etc...), propose and mitigate any threats based on findings.

Experience working with (Tanium, Tenable Nessus, CrowdStrike Falcon, Cisco Umbrella, Cloudflare for external web facing applications and NIST CSF).

Experience analyzing, and consulting on availability, access control & security monitoring for a wide breadth of platforms.

Experience with security protection systems such as SIEM, Antivirus, GRC, DLP and Encryption enterprise-class suites and UTM and NextGen firewall deployment.

Lead the mitigation of cyber security risks through system implementations and modifications, ensuring all applications and data comply with cyber security policies and controls.

Identify, propose, schedule, budget, align resources, execute, and report on cyber security projects.

Assess and modify procedures to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access, modification, or destruction.

Identify, develop, and implement Enterprise-wide Security Policies/Standards/Procedures to detect security incidents/events to enhance compliance with and support security standards and procedures in place.

Maintain awareness of changes in security risks, security measures, and computer systems assessing new requirements for current and emerging compliance regulations.

Communicate technical and business problems clearly, quickly and in a concise manner to a variety of audiences.

Provides technical direction and guidance to other Cyber Security Engineers, Information Technology, and the business to align with regulatory and security requirements.

Monitor CrowdStrike detection activities & incidents, prevention policies, investigations, endpoint security.

Monitoring servers added to prevention policy that blocks malicious activity.

Continue to review current policies configuration in Cisco Umbrella

Reviewing Cisco FMC configuration, Monitoring - Indication of Compromise, Security Intelligence Traffic by Category and Source & Destination traffic flows.

Reviewing how various policies are configured: Malware, Intrusion & Geo-Blocking or malware events.

Review how DCS VPN traffic is monitored and how it traverses the network.

Work GRC initiatives including risk assessments, control gap analysis, and policy development aligned with ISO 27001 and NIST frameworks.

Collaborated with cross-functional teams to implement security controls and monitor compliance across cloud and on-prem environments.

Conducted third-party vendor risk assessments and managed remediation plans.

Developed and maintained security documentation including policies, standards, and procedures.

Supported internal and external audits and coordinated evidence collection.

Performed risk assessments and control evaluations across business units.

Assisted in the rollout of enterprise-wide security awareness programs.

Maintained compliance dashboards and reported key risk indicators to leadership.

I participated in incident response and post-mortem analysis to improve controls.

01/2020 to 02/23/24 Harris Health Systems (Sr. Information Security Engineer)

Projects: Execute projects that are consistent with defined deliverables, schedule, and budgetary requirements. Projects such as a. User Provisioning b. Access control c. Risk Management d. Continuous monitoring of security environment e. Other Security Related Projects as Assigned.

Communications/Interpersonal Skills: a. Demonstrate professional written, verbal and presentation communication skills in all aspects of the position. b. Ensure frequent and open communication with all customers. c. Work harmoniously with staff and communicate verbally in a pleasant manner. d. Maintain emotional control and diplomacy during interactions.

Career & Staff Development: a. Attend all Harris Health Mandatory in-services. b. Participate in staff development programs and attends meetings when expected. c. Seek additional training to keep skills consistent with tools used by department (internal/external) d. Attend Conferences and Professional Association Meetings.

Auditing: a. Monitor compliance with federal, state, and local laws. b. Identify Limitations with Existing Security Infrastructure. Conduct operational, compliance and investigative audits. d. Follow up on audit findings to ensure management has taken corrective action. e. Perform review of internal control procedures and security for systems under development or enhancements to existing systems. f. Evaluate Information System Malware, Security Exploitation Reports etc. g. Ensure frequent and effective communications with management and other Staff regarding security-related initiatives and incidents. g. Other Security Auditing Tasks as Assigned.

Security Operations:

1.Security Incident Response, Reporting and Investigations

2.Monitor Computing Resources for Evidence of Compromise

3.Assist with forensic investigations when necessary

4.Maintain and Update Security Documentation Including Diagrams and Standards

5.HR/Corporate Compliance Security Investigation Support

6.Ensure systems are properly protected from malware Monitoring for cyber threats

7.Check for unauthorized wireless devices h. Spam Review

8.Process Help Desk Tickets related to information security incidents j. Other security related tasks as assigned.

Design and deploy the following security tools: CrowdStrike Falcon Endpoint Protection, Cisco Firepower FMC 2500 & 4600 & FTD 4145 IPSs, Radware DDOS appliances, Radware Cloud WAF, Netskope, Checkpoint DLP, Rapid7 Nexpose, Metasploit, MobileIron MDM Solution, IBM Qradar SIEM, Forcepoint Web & DLP Gateway, Gigamon switches, RedSeal, SolarWinds.

Measures Enterprise-wide compliance with organizational security policies and standards using various tools.

Lead the mitigation of cyber security risks through system implementations and modifications, ensuring all applications and data comply with cyber security policies and controls.

Identify, propose, schedule, budget, align resources, execute, and report on cyber security projects.

Assess and modify procedures to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access, modification, or destruction.

Maintain awareness of changes in security risks, security measures, and computer systems assessing new requirements for current and emerging compliance regulations.

Communicate technical and business problems clearly, quickly and in a concise manner to a variety of audiences.

Provides technical direction and guidance to other Cyber Security Engineers, Information Technology, and the business to align with regulatory and security requirements.

Integrates comprehensive metrics into the security posture of the organization, identifies areas of weakness and vulnerability and recommends changes to meet security standards.

Review security monitor logs from all systems (Firewall, IDS/IPS, LEMs, SIEM Tools, Email, etc...), propose and mitigate any threats based on findings.

Experience analyzing, and consulting on availability, access control & security monitoring for a wide breadth of platforms.

Experience with security protection systems such as SIEM, Antivirus, GRC, DLP and Encryption enterprise-class suites and UTM and NextGen firewall deployment.

I am excited to announce that the Harris Health System Information Security team was voted as one of the Top Information Security team winners in the Inaugural on Con InfoSec Team Awards. The announcement was made in July that Harris Health System was running to place in the Top 50 but asked that we remain silent until the official announcement during the live ceremony on October 24th, 2023. During the official announcement the Harris Health System Information Security team was announced as a Top 10 winner.

07/18 to 10/19 Imagine Technology Group (Sr Security Engineer)

Qualys Certified, NIST Cyber Security Framework Practitioner Certified

Built Vulnerability Management Program that includes vulnerabilities assessment and remediation process.

Security Compliance Consulting - mapping CSC Top 20 to NIST SP 800-53 controls, ISO 27002 and others.

Security consultant for internal systems, often designing, comparing vendor products, developing business cases, implementing, deploying, and overseeing the transfer into production.

Assist with auditing information systems activities and systems to confirm information security policy compliance and provide management with security policy compliance assessments and system monitoring reports for HIPAA/PCI DSS/PII/ GDPR/ FISMA security audits.

Work with various clients to provide security solutions that support their business security requirements.

Cloud Solutions – worked with clients developing a migration plan and deploying various services in the cloud & On-Premises, providing options such as Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS).

Design and implement cyber security systems including Security Information & Event Monitoring (SIEM), Internet Content Filtering, Cloud security, Anti-malware as well as security controls in corporate applications.

Measures Enterprise-wide compliance with organizational security policies and standards using various tools.

Lead the mitigation of cyber security risks through system implementations and modifications, ensuring all applications and data comply with cyber security policies and controls.

Identify, propose, schedule, budget, align resources, execute, and report on cyber security projects.

Assess and modify procedures to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access, modification, or destruction.

Maintain awareness of changes in security risks, security measures, and computer systems assessing new requirements for current and emerging compliance regulations.

Communicate technical and business problems clearly, quickly and in a concise manner to a variety of audiences.

Provides technical direction and guidance to other Cyber Security Engineers, Information Technology and the business to align with regulatory and security requirements.

Integrates comprehensive metrics into the security posture of the organization, identifies areas of weakness and vulnerability and recommends changes to meet security standards.

Review security monitor logs from all systems (Firewall, IDS/IPS, LEMs, SIEM Tools, Email, etc...), propose and mitigate any threats based on findings.

Experience analyzing, and consulting on availability, access control & security monitoring for a wide breadth of platforms.

Experience with security protection systems such as SIEM, Antivirus, GRC, DLP and Encryption enterprise-class suites and UTM and NextGen firewall deployment.

Working knowledge of cryptographic technologies, security protocols, security analysis and risk management

Vulnerability Management for Clients

Manage the security vulnerabilities and risks across WB including identifying, supporting application/system owners to manage risks and remediate vulnerabilities.

Perform technical (evaluation of technology) and non-technical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (i.e., local computing environment, network and infrastructure, enclave boundary, and supporting infrastructure)

Analyze site/enterprise Computer Network Defense policies and configurations and evaluate compliance with regulations and enterprise directives.

Assist with the selection of cost-effective security controls to mitigate risk (e.g., protection of information, systems, and processes)

Maintain knowledge of applicable policies, regulations, and compliance documents specifically related to Computer Network Defense auditing.

Provide leadership hands-on technical direction to deliver problems, solution, tactical, and break-fix capability.

Work closely with both business-oriented executives and technology-oriented personnel to ensure adequate processes are in place and actions are being taken to mitigate identified risks proactively.

Develop strategies to identify, manage, and mitigate identified threats and vulnerabilities to attain desired risk profile and communicate strategies to key stakeholders.

Maintain appropriate management reporting mechanisms to facility communication of the TVM program state across multiple levels within the organization.

07/17 to 07/18 NThrive (Sr Security Engineer)

Installing and configuring Cisco ASA Next-Gen firewalls with Firepower, Sophos UTM firewalls.

Installing and configuring Palo Alto Next-Gen Firewalls PA-800 series & PA-3000 series via Panorama.

Panorama ACC (Application Command Center) to view applications, URLs, threats and traffic across client’s entire Palo Alto Network deployment.

Install, configure SecureWorks IPS sensors and install and configure Cisco IOS 3560,3750,6500

Review security monitor logs from all systems (Firewall, IDS/IPS, LEMs, SIEM Tools, Email, etc...), propose and mitigate any threats based on findings.

Manage, maintain, design, configure, and document security schema, such as Encryption, Firewalls, IDS/IPS, Anti-Virus / Host based or End Point solutions.

Conduct Vulnerability Assessments as required. Conduct Risk Assessments as required.

Manage, configure Sourcefire IPS system (configure Policies, deploy sensor)

SolarWinds Log, Event Management (LEMs), SolarWinds Orion

Meraki Dashboard – manage all access points, configure policies.

Plan and implement solutions that meet best practice standards with focus on Security.

Vulnerability assessment and testing, security auditing.

Analyzing the logs of the various systems for suspicious activity

Established SOC/NOC security alerts in a timely manner, created rapid response to security threats.

Participate in security audits, risk analysis, vulnerability testing, penetration testing, and security reviews.

Vulnerability Management for Clients

Assist communications and partner engagements in communicating vulnerabilities to system owners.

Monitor various sources for identifying threats and vulnerabilities on a continuous basis - including commercial and Opensource tools.

Carry out business Engagement and partner communications on outstanding vulnerabilities, issues, and concerns.

Carry out business engagements and form positive relationships on information security issues relevant to the business such as how to securely implement customer-facing technologies and how to appropriately protect customer information.

Develop and maintain standard operating procedures, rules of engagement and status reporting of each assessment and task.

Monitor and assess responses from lines of business and efforts to remediate risks.

Effectively communicate metrics and other vulnerability reports with business partners.

Establish and maintain business relationships with individual contributors as well as management.

12/15 to 07/2017 Business Partner Solutions Onsite FedEx (RedSeal Networks Implementation)

Install and configure RedSeal Server Platforms - RedSeal G5 Appliances & VMs

Work with clients to develop collection strategy from their (CMDB)

Build network topology geographically, logically, and by access policy.

Installing and configuring Palo Alto Next-Gen Firewalls PA-800 series & PA-3000 series via Panorama.

Panorama ACC (Application Command Center) to view applications, URLs, threats, and traffic across clients entirely.

Palo Alto Network deployment.

Evaluate Threat sources, Evaluate Model Issues. Review Best Practice Checks

Configure Compliance Policies using policy zones, rules, and business decisions.

Risk & Vulnerability Analytics, work with clients to define untrusted connections.

Review Risk Map with client and valid host business value for various assets.

Assess Scan Coverage Gaps and Unmapped Hosts

Establish and maintain positive and constructive relationships with clients and coworkers.

Communicate with the customer to understand their network and security architecture, infrastructure, and operational environment.

Work with the customer to understand their network security objectives.

Map customer network security objectives to RedSeal capabilities.

Define practical plans for integrating RedSeal into the customer environment to meet their specific objectives.

Assist customers towards realization of the effectively integrated system.

Provide hands-on leadership in resolving technical/integration issues.

Effectively escalate critical technical and operations issues

Provide standard and customized training on the RedSeal platform.

Identify and propose additional integration and value opportunities.

Provide accurate, complete, and timely written documentation for all project phases.

6/15 to 12/15 Brookfield Global Relocation Services (Sr Security Engineer)

Implement Vulnerability Management process & tools.

Qualys Certified, NIST Cyber Security Framework Practitioner Certified

Vulnerability assessment and testing, security auditing.

Cloud Security – I’ve worked with various clients to build security for (Microsoft Azure Security Center, Amazon AWS CloudTrail for governance compliance).

Mapping CSC Top 20 to NIST SP 800-53 controls, ISO 27002 and others.

Implement Security Event Management & Security Standards & Principles

Security Incident Handling Processes & Security Patching Processes

Research regulatory guidance and prepare policy/standard gap assessments for management.

Identify process gaps and support process improvement.

Ability to evaluate and test new techniques and technologies.

Review security monitor logs from all systems (Firewall, IDS/IPS, LEMs, SIEM Tools, Email, etc...), propose and mitigate any threats based on findings.

Manage, maintain, design, configure, and document security schema, such as Encryption, Firewalls, IDS/IPS, Anti-Virus / Host based or End Point solutions.

Conduct Vulnerability Assessments as required. Conduct Risk Assessments as required.

Installing and configuring Palo Alto Next-Gen Firewalls PA-800 series & PA-3000 series via Panorama.

Panorama ACC (Application Command Center) to view applications, URLs, threats and traffic across clients entirely.

Palo Alto Network deployment. Installing and configuring Cisco ASA firewalls (ASA5516-X, ASA5545) with Firepower

Sophos UTM firewall & Red Routers,

SecureWorks IPS sensors

Install and configure Cisco IOS 3560,3750,6500

Review security monitor logs from all systems (Firewall, IDS/IPS, LEMs, SIEM Tools, Email, etc...), propose and mitigate any threats based on findings.

6/14 to 6/15 Cyracom International (Sr Security Engineer)

Experience with vulnerability assessment tools such as RedSeal Networks

Upgrade legacy Cisco ASA5505, ASA5510, ASA5520, ASA5525 to Cisco NGFWs

Migrate configurations from Cisco ASA IOS’s (8.2) to (9.2) IOS

Verify All Access & NAT Rules, cleanup configs. Best Practice Checks

Implement, configure rules and policies for Source Firepower NGIPS

Experience with Tripwire IP360 Scanners and Rapid 7 Nessus Scanners

Experience with Tenable Security Center, Nessus Scanners

Implement continuous monitoring for all network traffic.

Vulnerability scans, correlated data, report findings and tickets to owner for remediation

Vulnerability assessment and testing, security auditing.

Mapping CSC Top 20 to NIST SP 800-53 controls, ISO 27002 and others.

Develop security tabletop exercises for various clients.

Drive multiple drive projects as part of a Security or Security Risk Management team.

Working with outside consultants on HIPAA/PCI DSS/PII/ GDPR/ FISMA security audits

Analyzing the logs of the various systems for suspicious activity

Participate in security audits, risk analysis, vulnerability testing, penetration testing, and security reviews.

POC evaluation, selection and implementation of security products and technologies

Oversee implementation of hardening guidelines & best practice checks for all IT devices

Evaluate business, technical security and implementation requirements for proposed applications.

Perform security assessments for technical and non-technical business owners.

4/13 to 4/14 Eden Technologies/RedSeal Networks Implementation (Sr Security Engineer)