Thursday, September 14, 2017

A change of scenery for this security engineer


If you are looking for a seasoned infosec architect with red team skills, or know someone that is, take a few seconds to read on. I am currently in Austin, Texas, but could be talked into relocating for the right opportunity.

Who am I? An incident responder, a log correlation junkie, a malware analyst, a forensic investigator, a threat intelligence handler (real intelligence, not the threat data often thrown under that label), a network engineer, and a security architect. I break and fix things, so I can stop others from breaking or detect them when they do.

Having recently found myself on the wrong side of a "reduction in force," I now have a chance to build security for you.

I'm a dyed-in-the-wool defender. I have some red team skills (and a few CVEs to my credit), but those skills just make me a better defender and detector. My ideal job is building systems and automation to detect and triage incidents, and to find and address risks before they become incidents. It's what I've done for the better part of 20 years.

I've built security from the ground up for a mid-sized company you may not even know works for you. I ran vulnerability scans and assisted SMEs with prioritizing patching versus business priorities, and with coming up with mitigating options when patching was not immediately advisable. I built the company’s incident response program, then drilled it with a simulated data breach. I designed a log management strategy, enriched logs with open-source and company-specific context, and built a SIEM with open-source software to correlate events and highlight potential incidents.

Prior to that, I spent 20 years with a Fortune 50 enterprise. The early years were Windows and *nix system administration, along with switch, router and firewall administration, while from 2001 on it was a variety of direct security roles - primarily network defense; intrusion detection, triage and incident handling; risk assessment and threat intelligence. 

I won't list the products I have used because honestly, the right tool for the job depends on large part on what you have in place today, and what problem needs to be solved. That, and I'm an OSINT junkie - I know exactly how useful a list of tools used by my previous employers would be. Suffice to say I know commercial tools and have built custom solutions with open source tools as well. If I don't know a tool vital to your operation, I'll be competent at it shortly.

I'm an MBA and a CISSP with all the requisite letters after my name, if those matter to your business. More importantly, I have the rare ability to bridge the gap between technology, risk management, and business objectives.

Separate from my professional job, I launched securityforrealpeople.com in 2011 as an outlet for coordinated vulnerability disclosure and to present cyber topics in a way that the lay person can understand and follow practical steps to improve their own security.

Outside of work, I am a member of Civil Air Patrol, the auxiliary to the US Air Force. CAP's mission is emergency services along with aerospace education and youth leadership development. I plan and conduct training for, and participate in search & rescue and disaster relief missions with, approximately 45 cadets and adult members in the Austin-based Pegasus Squadron.

If that sounds like the sort of person you want for your team, hit me up via LinkedIn, or at david (at) securityforrealpeople.com and let's talk. And if you don't have an opening yourself right now, would you consider sharing this post with your connections?

Do you have something to add? A question you'd like answered? Think I'm out of my mind? Join the conversation below, reach out by email at david (at) securityforrealpeople.com, or hit me up on Twitter at @dnlongen

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Whois David?

My photo

I have spent the better part of two decades in information technology and security, with roots in application developer support, system administration, and network security. My specialty is cyber threat intelligence - software vulnerabilities and patching, malware, social networking risks, etc. In particular, I strive to write about complex cyber topics in a way that can be understood by those outside the infosec industry.

Why do I do this? A common comment I get from friends and family is that complex security topics give them headaches. They want to know in simple terms how to stay safe in a connected world. Folks like me and my peers have chosen to make a profession out of hacking and defending. I've been doing this for the better part of two decades, and so have a high degree of knowledge in the field. Others have chosen different paths - paths where I would be lost. This is my effort to share my knowledge with those that are experts in something else.

When not in front of a digital screen, I spend my time raising five rambunctious teens and pre-teens - including two sets of twins. Our family enjoys archery, raising show and meat rabbits, and simply enjoying life in the Texas hill country.

For a decade I served as either Commander or a division leader for the Awana Club in Dripping Springs, Texas; while I have retired from that role I continue to have a passion for children's ministry. At the moment I teach 1st through 3rd grade Sunday School. Follow FBC Dripping Springs Kids to see what is going on in our children's ministries.