Long Beach, California, United States
I have a strong interest in cybersecurity, I wear a lot of hats, and I love what I do. Broad and deep understanding of IT and cybersecurity.
Duties: • Run a Long Beach-based MSP, IT Consulting, and Security Consulting Company • Serve as the ultimate point of escalation for security issues, IT issues, manage projects • Manage PSA, Ticketing System, RMM, KB, other tools • Enforce adherence to SLAs and manage work of employees • Mentor, train, and develop customers • Manage administration of business Company Core Competencies: • Managed onsite and remote desktop support and server support • Cloud services management • IT Project management • Migrations • IT Security hardening • Short term security engagements, regulatory compliance • Disaster response and incident management • Forensic IT response Achievements: • Managed Services success: Manage ~700 endpoints, including ~100 servers • Disaster Response and Incident Response success: Cyber kill chain response several security/wire fraud/phishing/ransomware incidents, various customers, Interfaced with FBI Cyber/banks/external organizations when necessary, as part of response, IC3 reports, Forensic IT work encompassed insider threat, data recovery, email eDiscovery (litigation archive work) • Migrated all managed customers from disparate technical solutions to single pane of glass solutions wherever possible; taking care to ensure the QoS didn’t suffer, and we were able to improve the delivery of services (i.e. migrated from Webroot/ProofPoint/Avanan/IDAgent/Blumira/Cisco Umbrella/Perimeter 81 to SOPHOS) • Instituted Hardware Lifecycle Management, constant upgrade schedule, all hardware, • Security Engagements: Several short term 90-day vCISO engagements, Initial VulScan/Pentest, Executive Report presentation, Vulnerability mitigation / internal IT staff augmentation, weekly meetings, Dark Web Monitoring, PhaaS engagements, Process and Policy review (AUP, IRP, DRP, BCP, WISP), Contract and employee packet reviews, Tabletop Exercises, Secondary VulScan/PenTest, final Executive Report presentation, continual vulnerability management
Near Shore IT Staffing (MX), IT Consulting (MX), Security Engagements (MX), Disaster Recovery (MX)
Duties: • Ensure the integrity, security, and resiliency of critical operations • Design and implement technical, procedural, and policy solutions that increase the security and resiliency of the network; decrease the attack surface of the organization; and better prepare the organization to respond to incidents and disasters; improve security stack • Develop Security Team and build out internal security competence • Conduct security event monitoring, advanced analytics and response activities; resolve security exposures, misuse of resources, and noncompliance situations; respond to and resolve or escalate security and networking incidents, as needed • Develop security offering for customers Technical achievements: • Implemented EDR, XDR SIEM/SOAR, application control, email protection services, DNS protection services, SASE and ZTNA solutions, MDM, drift configuration integration, IDS/IPS • Hardened the configuration of devices and networks utilizing best practice with minimal interruption • Identified and analyzed potential threat activity targeting networks via monitoring systems, alerts, vulnerabilities, SIEM tools and network traffic and oversaw remediation and mitigation • Developed the company security offering for customers Process achievements: • Integration of security to ops, security audit and review; • Documented and developed documentation process for all new technologies, policies, procedures; • Integrated MTR evening and weekend SOC; • Developed the company security engagement offering for customers (90-day, compliance focused, multi-disciplinary security engagement); • Developed the company ransomware response plan for customers; Policy achievements: • Aligned ops to secops • IRP, DRP, BCCP, WISP, Tabletop Exercises, Cybersecurity Awareness training; • Implemented change management in documentation process; • Brought company through NIST 800-53, CMMC/DFARS, and HIPAA compliance process in order to better comply with customer requirements;