Andrew Sickel, CISSP-ISSEP/ISSAP, CISM
Details
Computer and Information Systems Security/Information Assurance
Boston University
2013 : 2015
Bachelor of Science (B.S.)
Cyber Security
University of Maryland University College
2010 : 2012
Associate of Applied Sciences
Electronic Systems Technology
Community College of the Air Force
2007 : 2010
• Mentor and train SIEM engineers, content developers, and 24x7 SOC analysts to provide support to commercial and federal clients on triaging and responding to external and internal threats
• Facilitate technical integration of managed customers into multiple SOC models
• Create and maintain SOC KPI metrics reports for SOAR-integrated customers.
2022 : Present
Verizon
Distinguished Information Security Architect
• Senior SIEM Engineer supporting Advanced Security Operations Center (ASOC) and Managed-SIEM (MSIEM) business clients, providing security expertise in SIEM applications such as Splunk Enterprise and Splunk Enterprise Security products, Security Orchestration Automation Response (SOAR) products, User and Identity Behavior Analytics (UEBA), and developing/maintaining content such as security use cases to uphold and improve business security posture
• Provide support, guidance, and mentor-ship to tier I, II, III analysts on incident response actions and investigations, and SIEM / UEBA / SOAR products
• Utilize cyber threat intelligence reporting from multiple sources such as Verizon Threat Research Advisory Center (VTRAC) and third-party sources, to incorporate into SIEM threat frameworks
• Engineer Demisto / Palo Alto Cortex XSOAR Security, Orchestration, Automation, and Response (SOAR) playbooks, automations, dashboards, and reports
• Integrate SOAR with SIEM applications to provide single-pan of glass for SOC analysts to respond to incidents from multiple business clients
• Provide recommendations to business clients on information security best practices
• SME for Splunk, Splunk Enterprise Security, Splunk UBA, Cortex XSOAR, Sumo Logic, Cloud SIEM Enterprise, security automation using Python 3
2019 :
Verizon
Principal Information Security Engineer
Cyber Operations Manager within US Air Force Reserves.
2014 :
US Air Force Reserve
Cyber Operations Manager
• Manage security team responsible for implementing and monitoring security controls for Command, Control, Communications, Computers, and Intelligence (C4I) networks.
• Directly responsible for operation of security tools, to include, but not limited to : RSA SecurID, Splunk, McAfee Host Based Security System (HBSS), Cisco ASA firewalls, and multiple Intrusion Detection Systems (IDS).
• Perform duties as Security Control Assessor (SCA) through reviewing and assessing security controls; utilizing the Risk Management Framework (RMF), Xacta IA Manager, and further NIST, DoD, IC, and organization policies.
• Enforce security policies and procedures, perform ACAS/Nessus vulnerability scanning, and perform incident response responsibilities as Information System Security Officer (ISSO).
2015 : 2019
ARMA Global Corporation, A General Dynamics Company
Information Security Manager/Engineer
• Proactively utilize advanced host/network tools for monitoring and investigating incidents/event alerts as a Computer Network Defense (CND) Analyst.
• Directly responsible for detecting, analyzing, and mitigating system and user-based anomalies related to malicious, foreign, or insider threat activities targeting IC and DoD organizations.
• Analyze cyber intelligence data for malicious domains, IP addresses, and email addresses and implement them into the applicable security controls for mitigation.
• Facilitate cyber incident investigations through conducting digital/network forensics, inspecting logs and packet capture (PCAP) data, and interviewing individuals related to the incident.
• Ensure Security Technical Implementation Guide (STIG) compliance through performing system hardening, vulnerability scans, and patch updates.
2014 : 2015
Leidos
Information Security Engineer/Analyst
Skills
Cisco Routers, Computer Forensics, Computer Security, COMSEC, Cortex XSOAR / Demisto, Digital Forensics, Employee Training, Equipment Maintenance, Information Assurance, Military Experience, Military Operations, Personnel Supervision, Program Management, Quality Assurance, Radio Communication, Radio Network Design, Radio Networks, Radio Operations, Radio Programming, RF, Risk Management Framework, Risk Management Framework (RMF) , Satellite Communications, Satellite Communications (SATCOM), Satellite Ground Systems, Satellite Modems, Satellite Routers, Security Clearance, Security Information and Event Management (SIEM), Security Orchestration Automation Response (SOAR), SOAR, SOC Playbooks, Splunk, Splunk Enterprise Security, Supervising, Technical Training, Top Secret, Wireless Networking, Wireless Site Surveys
About
Currently a Distinguished Information Security Architect/Engineer with Verizon Managed Security Services (MSS), providing customer consulting to detect and defend against today’s threats. Experience in both managing and supporting multiple information security/ SOC teams in defending against external and internal threats, as well as designing/engineering/implementing SIEM, UEBA, and SOAR tools. Driver for security automation utilizing Python.
Additionally, total 12 years experience within the Department of Defense (DoD) and Intelligence Community (IC), working in multiple roles of Information Security Manager, Engineer, and Analyst supporting and securing joint military networks. Additional experience includes time as a Cyber Operations Manager, supporting tactical satellite communications (SATCOM), radios, and secure networks in the US Air Force.
Received a Master's Degree in Computer Information Systems with focus on Security, CISSP-ISSEP/ISSAP, CISM, SANS GMON, and CEH certifications, ITILv4 Foundations, Certified Splunk Architect and Splunk Enterprise Security Admin, Sumo Logic/Cloud SIEM, Certified Cortex XSOAR Consultant, AWS Cloud Certified, and hold an active TS/SCI DoD security clearance.
Profile Photo
