Mountain View, California, United States
At LinkedIn, I lead our Detection Engineering team and am responsible for protecting LinkedIn's global infrastructure by developing actionable security detections over consistent and reliable processes and infrastructure.
As a member of the LinkedIn Detection/Incident Response team, I respond to security incidents and detect anomalies across different platforms and in the cloud. My role involves a proactive approach to identifying potential threats and addressing them promptly to minimize impact. I develop and enhance monitoring tools and automation that empower LinkedIn teams to identify and address potential security issues efficiently and reduce toil. These tools are designed to provide comprehensive visibility into our network and systems, allowing for quick detection and remediation of vulnerabilities and threats.
- Conduct information security incident response, reporting, and remediation efforts. - Manage information security infrastructure, including firewall, email/web security, IDS/IPS, sandbox, flow analysis, and endpoint protection suites. - Lead multiple security projects and implemented process and technologies to improve AER’s defense against new security threats and tactics; specifically, NGFW with threat prevention and sandbox, email security, and SIEM systems. - Advise senior management on emerging threats and risks; coordinate remediation efforts between different teams. - Develop standard operations procedures to continuously ensure security operation consistency and improve efficiency. - Supervise and mentor junior information security staff.
- Investigated computer security incidents, including, but not limited to data breach and employee misconduct, using Encase and open source tools. - Executed electronic evidence preservation and collection using industry standard tools and processes. - Performed eDiscovery requests for corporate and legal clients. - Conducted vulnerability assessments with SAINT and Nexpose, and recommended mitigating and compensating controls. - Prepared detailed written report for corporate and legal clients of varying technical background. - Researched and deployed new security software for consulting engagements. - Installed and maintained forensic lab infrastructure that improved efficiency and reliability in evidence handling, examination, and storage. - Executed IT audit and application control testing and data analytics. - Developed custom scripts using Python for evidence processing.
• Implemented privilege password management project for PeopleSoft, Windows and Linux environments, which resulted in improved controls around super user credentials. • Developed business case for user validation and attestation to address “privilege creep” issue with existing PeopleSoft roles and IT system privileges. • Developed business case for centralized user provisioning service to simplify user account management process.
• Managed over 160 Linux servers, hosting vital University of Calgary IT services, such as Email, Webmail, NFS file services, Blackboard, MyUofC portal and main website. • Developed in-house tools and scripts using different programming languages, such as PERL or Python, to streamline system administration processes. • Authored Linux system hardening guide, to ensure new systems conform to security baseline. Continuously perform audit on systems to ensure compliance to security standards. • Conducted vulnerability assessment with Nessus and Rapid7 NeXpose. • Evaluated and integrated new vulnerability assessment (NeXpose) and SIEM (Intellitactics) solutions for UCIT to meet security objectives. • Lead project that evaluated and deployed Red Hat Network Satellite, which resulted in enhanced patching, system standardization and configuration management. • Managed critical infrastructure services, running on HP ProLiant and DELL PowerEdge hardware. Maintained load-balancing and high-availability infrastructure for key services using Linux Virtual Server and F5 Big-IP LTM. • Represented Linux team in weekly Security Advisory Review meeting, report and discuss emerging threats and ongoing remediation efforts. • Solid understanding of ITIL processes. • Supervised and mentored junior staff.
• Managed domain user and computer accounts under Active Directory. • Resolved client IT service issues such as Webmail, Webdisk and website publishing under Linux environment. • Assisted client on troubleshooting on network issues, such as LAN, DNS, VPN and AirUC (wireless). • Planned, deployed and administrated System Management Server 2003 for managing 1600 supported desktops under IT Support Centre. • Participate in IT Support Centre Knowledge Base deployment and implementation. • Contributed to general process improvement for IT Support Centre.