Mike Miller

720-308-079510146 Amethyst Way, Parker, Co 80134

mike@millertwinracing.com

ProfessionalProfile

As a 20 year veteran in IT, 10 in varying security roles, I have been instrumental in detecting, advising, and protecting the data of my Employer, and their customers. In this capacity, I have:

Responded to security incidents, Built infrastructures to protect data, Detected when assets are under attack, Analyzed the extent of an incident, Halted enemy action, and Recovered when security events occur.

As a leader and mentor, I have often

Explained technical concepts to leadership, staff and customers,

Provided multiple solutions with cost benefit ratios for each,

Created occupational processes and procedures for incident responders and Colleagues

Created automated processes so that the network is self-defending

Reported on the status of attacks and provided recommendations on preventing further attack.

I am fluent with the following technologies:

NetworkingPalo Alto: Panorama/PanOS

Wildfire AutoFocus MindMeld

Security Onion Snort Barnyard Pulledpork pfring Salt Bro

CISCO (CCNP/CCSP - expired)

Threat and Vulnerability Management

Nessus/Security Center

Qualys OpenVAS

Network Intelligence/mapping

Nmap/Zenmap Wireshark Tcpdump netcat

SIEM RSA Security

Analytics/Archer CS-Mars (Cisco,

defunct) Splunk Elsa Qradar Awk/Sed/Grep -

flat/archival log file analysis

Forensics: Encase

Enterprise using Digital Intelligence FREDDIE hardware

Digital Intelligence UTK

Access Management/VPN

Symantec VIPS Authentication

Secure Computing (defunct - now McAfeee)

Endpoint Protection Symantec

Endpoint Protection

Symantec Critical System Protection

Damballa RSA ECAT Palo Alto

Networks - TRAPS

Tanium

Application Level Protections

Apache/Apache Modsecurity

(apache) Nginx

OS and OS management

RHEL Ubuntu 12.04-

16. All Windows

Sever and Workstation versions

Microsoft SCCM

ProfessionalAccomplishments

Migrate IHSMarkit to Two Factor authentication (2fa) to reduce risk of external attack.

Migrate IHSMarkit Security detection to one of Active and Automated threat protection Migrated perimeter security from Snort IDS to Palo Alto IDP Created and productionized profiles of attackers to allow RSA and first level

support to recognize and react. Created effective responses to skilled Spear-phishing Campaigns to recover

compromised accounts as they were used. Assisted in training First tier responders to self-help when anomalies were

detected (DDOS, Data leakage, Download thresholds exceeded)

Example compromise: Application exploited. Severity of attack measured, I then headed up the rapid response team that included: Credential resets Forensically examining servers to determine loss Recommend applications to development including automated password reset

processes and storage of passkeys as PBKDF2 Implemented and tuned WAF to protect application while it was rewritten.

Provide Forensic services to Legal, HR, and Security response Three labs in Englewood, UK and Penang Remote 'instant on' temporary examiners when bandwidth was limited Formal Fireproof, Waterproof, Evidence retention with full chain of custody.

Work History July 2013-Aug 2016Principal CSIRT Engineer, IHS Markit, Englewood Co

March 2008- Jun 2013Agency ISO – Colorado Department of Labor and Employment, Denver Co

Senior Security Engineer – OIT, Office of the CISO

April 1996 - March 2008 -

Senior Security Engineer – Colorado Department of Labor and Employment, Denver, Co

February 1993 – April 1996Webmaster, Colorado Department of Transportation, Denver, Co

Page 2

Education Trustwave Spyderlabs Incident Response and Readiness (Dec 2015)

Palo Alto Network Administration (Feb 2015),

Cisco Certified Security Professional, Formal training in Ethical Hacking methods from EC-Council (CEH) and SANS, Forensic techniques and tools training from Access Data, Snort/IDS certification from SANS (twice), Ultimate Hacking - Foundstone

BS – Civil EngineeringColorado State UniversityFt. Collins Colorado 1992

Page 3