Profiles search

Adam Zamora

Lead Incident Response Manager @ TIAA | Incident Response, Penetration Testing
Naperville, IL, United States

Details

Education: BS

Information Assurance and Security Engineering

DePaul University
Experience: - Deployed Cybersecurity Deception and Automated Penetration Capabilities

- Review identified security vulnerabilities and potential risks, taking effective measures to prevent and reduce cyber security incidents

- Coordinate with teams to test and remediate gaps

- Coordinate Internal Penetration Testing Scenarios

- SIEM use case creation and tuning

2021 : Present

TIAA

Lead Information Security Incident Response Manager (Purple Team)

- Architect for Incident Response Solution in AWS

- Identify and provide remediation guidance on security risks; leading project on cloud incident response capabilities

- Perform incident response on security threats

2017 : 2021

TIAA

Senior Incident Response Specialist

- Identify and provide remediation guidance on security risks

- Perform incident response on security threats

- Deploy security mitigation tools

- Lead project to deploy Carbon Black Incident Response and Endpoint Protection (formally Bit9/Carbon Black)

- Lead project to build Checkpoint Multi-Domain and Threat Emulation environment

2015 : 2016

Nuveen Investments (Acquired by TIAA)

IT Security Engineer

- Perform both internal and external network penetration tests, including technical reviews of hosted services and social engineering tests

- Security review of LAN and WAN network topologies and implementations

- Security review of Windows operating systems, Active Directory environments, and networking devices

- Developed custom HID badge capture device

- Published three client-facing IT Security articles

2012 : 2015

Crowe Horwath LLP

Senior Information Security Consultant

Worked closely with a global team of security professionals focused on providing managed security services to a global customer base.

Management and configuration of multiple security appliances, including UTM/FW, IDS/IPS and IVS appliances across thousands of production networks. Modified existing and implemented new rules, filters, signatures, proxy settings, VPN tunnels, etc. Coordinateed business infrastructure needs with customers and deliver solutions based on a strong security posture.

Involved with internal and customer incident response.

2011 : 2012

Trustwave

Security Analyst
Company: TIAA
Years of Experience: 12

Skills

Computer Forensics, Computer Security, Disaster Recovery, Incident Management, Incident Response, Information Security, Information Security Management, Networking, Network Security, Penetration Testing, Pentesting, Security, Security Operations, Servers, Software Documentation, Technical Support, Troubleshooting, VPN, Vulnerability Assessment

About

As a Lead Security Incident Response Manager (Purple Team) at TIAA, I oversee the deployment of cybersecurity deception and automated penetration capabilities, as well as the coordination of internal penetration testing scenarios. I have more than six years of experience in information security, incident response, and cloud security, working for leading financial services and consulting firms.



My core competencies include identifying and remediating security vulnerabilities and risks, performing incident response on security threats, and deploying security mitigation tools. I have also led several projects to build and enhance the incident response solutions and environments for TIAA and its subsidiaries. I am a holder of the prestigious SANS Lethal Forensicator Coin, and a speaker at DerbyCon 4.0 Security Conference. My mission is to protect and strengthen the security posture of TIAA and its clients, using my expertise in penetration testing, information security, and disaster recovery.