Eric Cicci

Senior Security Engineer @ Verisk Catastrophe and Risk Solutions | Cloud Security, AWS

Washington, Michigan, United States

About

Senior Cybersecurity Engineer with 8+ years driving vulnerability assessment & risk management, cloud & on-prem hardening, security architecture and compliance frameworks (SOC 2, ISO 27001, NIST). Owned and matured security programs in large enterprises of 5000-10000+ professionals, leading efforts across engineering, development and business teams.

Experience

  • Senior Security Engineer at Verisk Catastrophe and Risk Solutions
    Jan 2022 - Present · 4 yrs 7 mos

    • Ran enterprise vulnerability management across 20,000+ endpoints, built remediation standards, coordinated teams across the org and cut overall risk by 50% while doubling weekly remediations and consistently hitting SLA targets. •Overhauled the SIEM and log infrastructure from the ground up, redesigning architecture to be more lean and effective, cutting annual infrastructure costs by 15% and doubling SIEM utilization. •Built SAST/DAST scanning directly into CI/CD pipelines, cutting false positives by 75% and speeding up code vulnerability remediation by 60%. •Audited and cleaned up 8,000+ overly permissive Security Group and network ACL rules across 30+ AWS accounts, reducing external threat surface by 90% and setting consistent security standards in cloud environments. •Deployed Wiz CNAPP across a multi-cloud environment, identifying and remediating 75% of critical vulnerabilities within 60 days. •Tightened web application and cloud security with Palo Alto NGFW & Imperva WAF, automating alerting and reporting reducing MTTR by 70% significantly reducing manual overhead.

  • Information Security Engineer at Amrock
    Jan 2020 - Jan 2022 · 2 yrs 1 mo

    *Received promotion to Information Security Engineer. *Authored and evangelized threat vulnerability program utilizing Qualys tooling as a main strategy for high-certainty threat landscape mapping. Leading to over 6000 vulnerabilities remediated in a 7 month window, with 20% rated as Critical vulnerabilities. *Engineered organizational wide solution to fix Vulnerability scanner technical flaws in previous design, not only fixing the accuracy and depth of reporting, but evolving the reporting into an official program that is now supported in Lean Portfolio Reviews; Driving business risk decisions intelligently. *Developed and implemented threat vulnerability program for external web applications and APIs; working with developers in remediating the OWASP top ten vulnerabilities such as Injection attacks, Security Misconfigurations and Vulnerable and Outdated Components, increasing external vulnerability remediation by 33%. *Routinely utilizes RBAC, AD and Powershell scripting. *Educates and briefs all of IT Operations on Network and Cyber Attack Chains; Disseminating knowledge and education to increase adherence, understanding and compliance to organizational policy. *Created Splunk dashboards for single pane of glass metric reporting that resulted in increased bandwidth, team coordination, and focus of efforts.

  • Security Operations Center Analyst at Domino's
    Oct 2018 - Jan 2020 · 1 yr 4 mos

    *Create and tune correlation searches for SplunkES to ensure the most relevant alerts are gathered *Utilize Splunk queries in investigations, gathering evidence, timelines and bad actor events *Construct timely and detailed initial Incident Response reports from various investigations *Administer and troubleshoot Active Directory, Multi-Factor Authentication and IAM solutions *Monitor, evaluate and perform maintenance of assigned security systems in accordance with industry best practices

  • Information Security Analyst at TEKsystems
    Mar 2018 - Oct 2018 · 8 mos

    *Analyze applications for whitelisting and file integrity monitoring via Bit9 and CbR *Provide threat mitigation to DDOS attacks, coordinate resources and create initial IR reports *Monitor and analyze company emails for threats including phishing, malware, spam, and mitigate risk. *Provide daily monitoring and alerting of events that occur within the real time environment. *Provide daily reports to executives and engineers of suspicious activity *Escalate incidents to appropriate specialists *Provide support for patching and firewall health reports after business hours

  • Network Engineer at ManTech International Corporation
    Jun 2017 - Mar 2018 · 10 mos

    *Deployed and configured Wave Relay Mobile Ad hoc Network (MANET) devices for use in highly demanding & fast-paced use cases. *Supported, troubleshot and managed MANET devices with 100% uptime to various emergency response groups *Designed IP schemes, interconnects, hardware/software MEL’s & network architecture diagrams. *Navigate, configure and manage Cisco routers and switches via CLI. *Work through the Risk Management Framework process to facilitate system accreditation.