mike miller resume 2016 - ver 2
TRANSCRIPT
Mike Miller
720-308-079510146 Amethyst Way, Parker, Co 80134
ProfessionalProfile
As a 20 year veteran in IT, 10 in varying security roles, I have been instrumental in detecting, advising, and protecting the data of my Employer, and their customers. In this capacity, I have:
Responded to security incidents, Built infrastructures to protect data, Detected when assets are under attack, Analyzed the extent of an incident, Halted enemy action, and Recovered when security events occur.
As a leader and mentor, I have often
Explained technical concepts to leadership, staff and customers,
Provided multiple solutions with cost benefit ratios for each,
Created occupational processes and procedures for incident responders and Colleagues
Created automated processes so that the network is self-defending
Reported on the status of attacks and provided recommendations on preventing further attack.
I am fluent with the following technologies:
NetworkingPalo Alto: Panorama/PanOS
Wildfire AutoFocus MindMeld
Security Onion Snort Barnyard Pulledpork pfring Salt Bro
CISCO (CCNP/CCSP - expired)
Threat and Vulnerability Management
Nessus/Security Center
Qualys OpenVAS
Network Intelligence/mapping
Nmap/Zenmap Wireshark Tcpdump netcat
SIEM RSA Security
Analytics/Archer CS-Mars (Cisco,
defunct) Splunk Elsa Qradar Awk/Sed/Grep -
flat/archival log file analysis
Forensics: Encase
Enterprise using Digital Intelligence FREDDIE hardware
Digital Intelligence UTK
Access Management/VPN
Symantec VIPS Authentication
Secure Computing (defunct - now McAfeee)
Endpoint Protection Symantec
Endpoint Protection
Symantec Critical System Protection
Damballa RSA ECAT Palo Alto
Networks - TRAPS
Tanium
Application Level Protections
Apache/Apache Modsecurity
(apache) Nginx
OS and OS management
RHEL Ubuntu 12.04-
16. All Windows
Sever and Workstation versions
Microsoft SCCM
ProfessionalAccomplishments
Migrate IHSMarkit to Two Factor authentication (2fa) to reduce risk of external attack.
Migrate IHSMarkit Security detection to one of Active and Automated threat protection Migrated perimeter security from Snort IDS to Palo Alto IDP Created and productionized profiles of attackers to allow RSA and first level
support to recognize and react. Created effective responses to skilled Spear-phishing Campaigns to recover
compromised accounts as they were used. Assisted in training First tier responders to self-help when anomalies were
detected (DDOS, Data leakage, Download thresholds exceeded)
Example compromise: Application exploited. Severity of attack measured, I then headed up the rapid response team that included: Credential resets Forensically examining servers to determine loss Recommend applications to development including automated password reset
processes and storage of passkeys as PBKDF2 Implemented and tuned WAF to protect application while it was rewritten.
Provide Forensic services to Legal, HR, and Security response Three labs in Englewood, UK and Penang Remote 'instant on' temporary examiners when bandwidth was limited Formal Fireproof, Waterproof, Evidence retention with full chain of custody.
Work History July 2013-Aug 2016Principal CSIRT Engineer, IHS Markit, Englewood Co
March 2008- Jun 2013Agency ISO – Colorado Department of Labor and Employment, Denver Co
Senior Security Engineer – OIT, Office of the CISO
April 1996 - March 2008 -
Senior Security Engineer – Colorado Department of Labor and Employment, Denver, Co
February 1993 – April 1996Webmaster, Colorado Department of Transportation, Denver, Co
Page 2
Education Trustwave Spyderlabs Incident Response and Readiness (Dec 2015)
Palo Alto Network Administration (Feb 2015),
Cisco Certified Security Professional, Formal training in Ethical Hacking methods from EC-Council (CEH) and SANS, Forensic techniques and tools training from Access Data, Snort/IDS certification from SANS (twice), Ultimate Hacking - Foundstone
BS – Civil EngineeringColorado State UniversityFt. Collins Colorado 1992
Page 3