Profiles search

Benson Gitau, MBA

Information Security Engineer
Houston, TX, United States

Details

Education: Master of Business Administration - MBA

Information Technology

University of Maryland Global Campus

2018 : 2020

Bachelor’s Degree

Computer Networks and Cybersecurity

University of Maryland University College

2016 : 2018

Associate’s Degree

Art/Art Studies, General

Palomar College

2013 : 2015
Experience: As the Lead for Security Incident Response and Resolution, I spearheaded cross-functional efforts to ensure timely and effective resolution of security incidents. Collaborating closely with the security operations center (SOC), I facilitated follow-ups on potential security events and coordinated responses to emerging incidents.

A thorough analysis of security incidents was conducted under my supervision, allowing for the triaging of details and providing support to both the SOC and Business Managers. To bolster the organization's information asset protection, I maintained up-to-date knowledge of emerging threats, malware, phishing attacks, and external threats.

Log analysis was a key aspect of my role. I analyzed logs from various sources, including individual host logs and network traffic logs, to swiftly identify potential threats. Leveraging Security Information and Event Management (SIEM) tools and other feeds, I actively monitored security events and detected significant anomalies. Proactively, I employed Hunting operations within the SIEM and other relevant tools to identify security incidents before they escalated.

In the event of security incidents, I performed root cause analysis to identify underlying reasons, allowing for the development and implementation of effective containment and mitigation strategies. My role involved coordinating incident response activities and ensuring seamless communication with other IT groups and IT management. I actively engaged in continuous service improvement efforts, identifying opportunities for process enhancement.

Automation was a fundamental aspect of my approach to incident response and remediation. I demonstrated expertise in building automation solutions to streamline incident response processes, optimizing response times and evidence artifact gathering.

My approach to leading security incident response and resolution was proactive, empowering organization to handle incidents efficiently, minimize impact.

2019 : Present

HireRight

Cybersecurity Engineer

- Configured and installed firewalls, and scripted firewall rules for 48,000 endpoints.

- Conducted organization-wide training in security awareness, protocols, and procedures.

- Spearheaded vulnerability audits, forensic investigations, and mitigation procedures

- Prepared reports that document security breaches and the extent of the damage caused by the breaches.

- Installed and used software, such as firewalls and data encryption programs, to protect sensitive information

- Interpreted and implemented customer change requests on managed security device platforms, with a focus on firewalls and IDS/IDP devices.

- Troubleshot and resolved security-related issues, such as firewalls, IPS, and common security protocols (DNS, SSL, TLS, HTTP(s), FTP, etc.).

- Resolved routing and switching problems, WAN/LAN failures, and performance issues across a distributed segmented network infrastructure with multiple security zones.

- Administered and maintained perimeter security systems, including firewalls and intrusion detection systems.

- Demonstrated expertise in VPN technologies and security protocols (IPsec, ISAKMP, SSL, PKI, RADIUS, TACACS, EAP, LDAP, etc.).

- Implemented vendor firewalls, including Cisco ASA firewalls (2100 and 4100 series).

- Assisted in customer migrations from legacy security appliances to new platforms.

- Developed security standards and best practices for the organization.

- Performed regular analysis of internal log data to better understand and identify common threats and exploits realized by the organization.

- Proactively researched emerging cyber threats; applied analysis techniques to better understand the adversary's capabilities and intent.

- Deployed Tanium software solution Enterprise-wide to over 10,000 Servers and 25,000 endpoints.

- Erected a Security Operations Center that solved attack vector problems resulting in a 23% increase in Security Operations efficiency.

2018 : 2019

First American

Senior Information Security Analyst

-Erected a Security Operations Center that solved attack vector problems resulting to a 23% increase in Security Operations efficiency.

-Deployment Tanium Enterprise wide to over 10,000 Servers and 25,000 endpoints.

-Proactively researched emerging cyber threats; apply analysis techniques to better understand the adversary's capabilities and intent.

-Developed security standards and best practices for their organization.

-Performed regular analysis of internal log data to better understand and identify common threats and exploits realized by the organization.

-Monitored SIEM for advanced threats through correlation leveraging heuristics and threat intelligence.

-Provided technical support in client facing meeting to discuss threats and SOC detections.

-Installed and used software, such as firewalls and data encryption programs, to protect sensitive information.

-Prepared reports that document security breaches and the extent of the damage caused by the breaches.

-Recommended new security products and procedures to computer users when they need to install or learn about

-Installed and used software, such as firewalls and data encryption programs, to protect sensitive information

2017 : 2018

First American Financial Corporation

Information Security Analyst

-Monitored and responded to potentially malicious emails.

-Monitored and analyzed logs and alerts from Exchange Server, IDS/IPS, and Firewalls

-Leveraged fundamental understanding of Operating Systems : Windows, Unix/Linux, and OSX Operating Systems.

-Utilized and adhered to defined workflow and processes driving the Threat Monitoring and escalation/hand-off actions.

-Provided escalation and hand-off procedures to team members and leadership based on defined threat and priority determination.

-Processed tactical mitigations, such as requesting updates to filtering capabilities for exchange server and inline IPS/IDS email appliances, based on results of analysis and determination of threat validity.

-Documented results of cyber threat analysis effectively and prepared comprehensive hand-off and/or escalation for CIRT/Intelligence Function teams.

-Managed multiple priorities in a high-pressure environment.

-Provided user awareness tips/best practices to end users.

-Analyzed email traffic that was quarantined and withheld from the user’s inbox for malicious attributes.

-Leveraged network security tools and capabilities to support Cyber Threat Monitoring activities.

-Assessed IT infrastructure on a regular basis to ensure it continued to meet the necessary demands

-Managed daily operations of the IT department

-Developed new strategies and IT procedures to increase efficiency, enhance workflow and improve customer satisfaction

-Protected in-house and customer data from outside infiltration encryption, secure data storage, and other necessary means

-Conducted the installation of new hardware and software

2017 : 2017

San Diego Va Health Care Syst

IT Specialist, InfoSec

Full time student.

2015 : 2016

California State University San Marcos

Full time student
Company: HireRight
Years of Experience: 15
Spoken Language: English, Swahili

Skills

Active Directory, active directory experience, Application Security, Automation Development, Blockchain, Cloud Security, Communication, Cross-Functional Leadership, Cryptography, Customer Service, Cybersecurity, data analysis, Digital Forensics, employee relations, Fair Credit Reporting Act, Forensic Analysis, incident response, Information Security, Information Security Policy, Information Technology, Intrusion Detection, it service management, Leadership, linux, Log Analysis, Management, Microsoft Office, network administration, Networking Equipment Security, network security, organizational development, Penetration Testing, Problem Solving, Public Speaking, Risk Assessment, Root Cause Analysis, Security Architecture Design, Security Engineering, security information and event management (siem), Security Management, Security Operations, Security Operations Center, Server Security, System Administration, Tanium, Team Leadership, Time Management, Vulnerability Assessment, Vulnerability Management, Vulnerability Scanning, Research, Strategic Planning, Social Media, PowerPoint, financial accounting, Managerial Economics, Project Management, Program Management, Public Relations, Project Planning, data entry, databases, c, grant writing, integration, it strategy, troubleshooting, technical support, software installation, networking, government, windows, hyper-v, remote desktop, management information systems (mis), Microsoft Excel, Microsoft Word, Team Building, Security Clearance, training, military operations, Physical Security, Surveillance, Executive Protection, Personal Security, Access Control, Personal Protection, Private Investigations, Firearms, Weapons, Security Training, Automotive Repair

About

Results-driven Information Security Engineer with 10+ years of experience in planning, designing, and implementing robust security measures for electronic information and devices. Seeking a challenging position as an Information Security Officer to utilize my expertise in managing cloud security, network and architecture design, and incident response, while ensuring compliance with industry regulations and implementing comprehensive security strategies.