It's not a matter of IF you will get attacked, it's a matter of how you will respond when it happens.
April 2018 - Sept 2018
Cyber Security Architect/Engineer - EOG Resources - Houston, TX
Managed the full lifecycle of over 800 incidents, including preparation, detection & analysis, containment, eradication, recovery, and post-event activities.
Led the vendor selection and evaluation process for multiple projects, including application security, Managed Detection and Response, and Data Loss Prevention.
Designed and deployed Palo Alto firewalls at the network perimeter to secure EOG's north/south traffic. Collaborated with cross-functional teams to define firewall rule requirements, then configured and tested all firewall rules.
Performed asset management for the company through SCCM and Network Access Controls (NAC) systems to ensure systems allowed on the network met specific security requirements.
Leveraged the OWASP Top 10 to harden web applications by reducing attack vectors, implementing controls, and baselining normal traffic.
Implemented Managed Detection and Response services, saving EOG approximately $320,000 in personnel costs while enhancing response capabilities and ensuring personnel remained trained in the latest threats and incident response techniques.
Conducted extensive proof of concepts for multiple security technologies, defining success criteria, setting up test environments, configuring security applications, and gathering evidence to evaluate success.
Utilized Data Loss Prevention technology to gather and report critical information for legal investigations.
Conducted application security assessments using multiple tools and managed a project to integrate vulnerability management into the SSDLC, securing applications early in development and throughout their lifecycle.
Led threat hunting exercises to detect ongoing attacks and map attack vectors, while defining and documenting a comprehensive diagram of EOG Resources’ threat landscape.
Optimized security technologies currently in place by increasing their performance as well as reducing the number of false positives reported for EOG Resources’ NGAV solution and multiple APT defense systems.