Omaha, Nebraska, United States
From networking and help desk, to Cyber Security Engineer/Architect. ~ Elite, best of the best. ~ Iceman
We Protect Data 103% Quota year 1 160% Quota year 3 President's Club (top 5%) 125% Quota year 4 Only SE that is also inducted into our elite group of Threat Detection & Response SME Cover the entire state of NE ~25 Enterprise accounts From New Prospects, Presentations, Demos, Data Risk Assessments, Board Presentations all the way to Engineering and Architecture Plans, Providing Value, and Proving Value to Leadership. Data Protection Effective Permission Analysis Classification and Data Discovery Compliance and GRC Blast Radius Reduction & Least Privilege Automation UBA, Insider Threats, Threat Detection & Response Copilot Readiness AI Shield Remediations
TTI: • Senior Security Analyst for SoC Incident Response (IR) calls and investigations • Pentest reporting and engagement activities • Security Summits and round tables Sager: • Senior Security Analyst responsible for entire organizations security stack and security initiatives/projects/timelines • Incident Response coordinator and investigator • Deployment, Implementation, and Configuration of CrowdStrike EDR and MDR • Vulnerability management • Security awareness platform • NIST and CIS framework activities • SIEM configuration, Implementation, and custom detection rules
• Administration, Implementation, and Configuration of Orginzation wide end-to-end security • Incident Response, Root Cause Analysis/Forensics • Threat Hunting • Integration, Implementation, Creation of SIEM, Automation, and SOAR capabilities (Sentinel and SecureX) • Build processes, rules, and alerts for security products and incidents • KnowBe4 phishing campaigns and trainings for security awareness program - Phishing Automation • Review and triage Nessus vulnerability reports for timely patching and risk mitigation
• Analyze and determine threats vs false positives for security events • Deliver security monitoring and alerting services by investigating logs from Security Information & Event Management Systems (SIEM), Firewall (FW), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Antivirus (AV), Network Access Control (NAC) and other client data source devices. • Provide detailed potential impact and recommended action for clients on security events • Determine tuning opportunities for irrelevant, non-impacting, or expected traffic events to avoid over alerting clients • Write and deploy custom rules for individual client needs, including elevation of priority, suppression, and custom signature field examinations of payloads • Use strong TCP/IP networking skills to perform network analysis to isolate and diagnose connectivity issues. • Monitor security infrastructure system health states and coordinate with responsible teams for troubleshooting and resolution.