My IR Sec Career Story

Of all places my Cyber Security story started in a Creamery. Through high school I worked part time doing back breaking manual work “whooping vats” of cheese.  Whooping consisted of taking a stainless steal bucket and moving 35lbs of cheese per scoop out of a 2,000lb vat in to forms to create 40lb blocks of cheese.  Sounds about as awesome as it actually was.  As grueling as the work consisted, it showed me what I didn’t want to be doing the rest of my life.

Continued working full time nights at the creamery while I went back to school for Auto Body Collision and Painting.  I’ve always been mechanical minded and definitely consider myself a classic car guy so it seemed like a natural choice. Shortly before Graduation from Technical College in 2004 I started part time at a Chevrolet Dealership in the Body Shop doing collision repair.  We were a combination body shop, so the same technician took the job from start to finish doing all the mechanical, frame work, body panel replacement or repair, paint prep and painting.  No two repairs were the same and it was always a new challenge, which is why I loved it.  In the long run though I got thinking about my health, paint and body filler dust, paint fumes, cleaning solvents, it wasn’t what I wanted to put my body through for the rest of my professional career.

May of 2009 I decided it was time for a change, I was 25 and had always wanted to join the military, so it was time to pull the trigger or forget about it for good.  Signed my life over to Uncle Sam and Army Reserve Bootcamp was in Fort Sill OK in July, followed by 88-U AIT at Fort Eustis VA in September.  The 88-U MOS is one that you probably have never heard of, and may be one of the best Army jobs there is to offer, Railway Operations.  To present day I’ve been in the Army Reserves now for going on 12 years, done Army Rail missions from Coast to Coast as well as over seas. Its offered me opportunities that I would have never had the chance otherwise, 12 down and 8 to go to hit that magic number.

Back to late in 2009, after finishing bootcamp it was time to go back to school for …. IT ?  Nope,  initially I went back for Criminal Justice.  After the first semester complete of Criminal Justice I ended up in a class, talkign with a guy who had finished an Information Technology degree and he was now in the middle of going through a secondary Criminal Justice degree.  The more I thought about it the more sense it made and from that point on I never looked back.  Degree changed over to Information Technology and graduated with an Associates in 2011. 

Later in 2011 after applying for multiple Network Admin positions with no luck I finally got an interview for a Helpdesk position I applied for. That was my foot in the door to officially start my IT career.  Eight months on helpdesk and moved to a IT Client Support position.  This was more along the lines of workstation building, remote site support, remote sales team support and print server managing.  Another eight months or so down the road and I finally got my chance to step in to a security role.  An Account Administration position opened up on the security team (“team” which consisted of one guy at the time, and now me).   The original job scope of the Account Admin role was basically an Active Directory Admin, everything AD related,  User account creation and termination, group, Service Account and privileged admin account management.  That scope quickly expanded to include Application Security, Antivirus solution management among others.

Security Administrator, Security Analyst II and Security Analyst III are all titles I’ve held, current role is IR Security Manager for a billion dollar company, not the largest company out there, but far from a Ma and Pop shop.  Within those titles are a pretty wide area of responsibilities to include:

  • Privileged Access Management
  • Identity Management
  • Anti Virus
  • Firewalls
  • Intrusion Prevention Systems
  • Integrity Monitoring Systems
  • SIRT (Security Incidents Response Team) Operations
  • Data Leak Prevention
  • PKI / Certificate Authority Administration
  • Azure AD / Active Directory / SAML authentication
  • Annual Security Audits
  • DNS
  • Powershell Automation
  • Web Application Proxies
  • Web Application Firewalls
  • Email Security Appliances
  • Device Identity – Network Access Control
  • MFA Administration
  • Load Balancers
  • Malware Analysis
  • Vulnerability Management
  • Patch Management
  • Security Training
  • Windows / Linux Server Administration
  • Web / URL Filter Management
  • SIEM Configuration and Tuning
  • Deception Technology
  • Network Monitoring Solutions
  • Budget Management
  • Project Management
  • Security Team Management
  • Risk Management
  • Policy Creation

Cyber Security is an area where if you are not constantly learning and staying on top of current events you will miss something important and it will bite you and your organization.

Do I know everything when it comes to Cyber Sec? Not even close, but what I lack in knowledge I make up for in passion to improve, learn and grow.

Let me know if I can help

Let me know if you’d like to talk Security, Army, Cars

Let me know if you’re looking for a mentor

Let me know if you see something in my background or a blog on this site you’d like to discuss further

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: