San Diego, California, United States
Thomas is self-motivated security professional with diverse technical experience and business sense who specializes in cloud security controls and GRC with agile software development experiences, a team player who brings positive energy and value to the business.
♦ Hands-on skills with CrowdStrike, Qualys, Splunk, CyberArk, Cisco/IDS, DUO, OpenDNS, Syslog, NXLog, OSSEC, Trend. ♦ Monitor and respond to CrowdStrike detected incidents on Indicators of Attack (IOA) using MITRE ATT&CK framework. ♦ Deployed CyberArk (IAM) solution, enabled privileged access management (PAM) for the organization. ♦ Architected and deployed Splunk SIEM security control, supporting SecOps functions. ♦ Implemented Cisco FirePower IDS solution at each data center, populating intrusion events into Splunk. ♦ MSFT Azure platform migration Architecture Review Board member for the InfoSec team. ♦ Developed Python scripts via REST API/OAuth 2.0, pulling data from various controls, such as Qualys and CrowdStrike. ♦ Developed MySQL/Python-based Webservices provisioning analytical metrics published via REST API. ♦ Lead products and network vulnerabilities penetration tests based on industry best practices, including OWASP guidelines. ♦ Address vulnerabilities by collaborating with cross-functional teams through software development Agile sprints. ♦ Cross-team collaboration on Network, VMWare, Storage, Applications, and Kubernetes containers platforms.
♦ Perform risk and gap analysis on laws, regulations and standards, such as, NIST 800-53, ISO27001/27002/27018, GDPR, PCI, HIPAA, CFR Part 11, against cloud and IT controls. ♦ Lead SSAE 16 SOC 1 and SOC 2 audits, including testing controls effectiveness, remediating deficiencies and reviewing final reports. ♦ Develop and implement ISO27001/MTCS based controls within Information Security Management System (ISMS) framework. ♦ Perform ISMS audits and compile results and recommendations for C-staffs review and approval. ♦ Drive remediations of gaps from internal/external/customer audits and cloud scans by directly engaging IT, Legal, Finance, HR, Security, Network and Development. ♦ Review vulnerability and OWASP penetration test reports prior to distributing to customers. ♦ Led data confidentiality enhancement projects through role-based access controls LDAP and IAM solutions. ♦ Lead IT GRC enhancement effort, encompassing JavaScript and mapping authoritative sources to unified control framework. ♦ Produce monthly operations KPI cadences, covering, GRC, FedRAMP, vulnerabilities and training. ♦ Led SQL database access monitoring project, leveraging cross-functional team resources. ♦ Led PCI Level 2 SAQ-D and SAQ-A assessment and remediation projects.
♦ Responsible for protecting company's intellectual properties and assets by designing and implementing security controls from corporate to operations levels ♦ Provide leadership and hands-on vulnerabilities management, cyber attack/defense (APT), incident responses management; Governance, Risk Management, and Compliance (GRC), and internal & external ISO27001/27002/SOX/SSAE16/PCI audits.
♦ Managed Information Security operation for main business units at Headquarter campus to ensure minimal network vulnerability risks and disaster impacts to IT and business operations.
♦ Managed computing environments projects from systems specification, resources planning to deployment.