Profiles search
Derek Spampinato
Information Security Analyst at Triangle Credit Union
Salem, NH, United States
Details
Education:
Bachelor’s Degree
Information Assurance and Security
Capella University
2014 : 2017
Current Student
Information Technology
New Hampshire Technical Institute
2011 : 2013
High School Degree
General Studies
Salem High School
2007 : 2011
Information Assurance and Security
Capella University
2014 : 2017
Current Student
Information Technology
New Hampshire Technical Institute
2011 : 2013
High School Degree
General Studies
Salem High School
2007 : 2011
Experience:
2020 : Present
Triangle Credit Union
Information Security Analyst
2018 : 2020
Mainstay Technologies
Information Security Specialist
▪ Develop the Security Operations Center (SOC) group and collaborate with other Information Security (IS) groups to build and mature the CISO organization from the ground up.
▪ Collaborate with the counterpart SOC in Europe to develop, mature, and provide unified Security Operations actions on a global level.
▪ Information Security Incident Response, threat intelligence, IS systems engineering, and anomaly detection via network traffic and endpoint processes.
▪ Develop and implement use cases within Splunk to automate incident reporting using custom queries and dashboards. Create and use custom queries within Splunk to search through correlated logs throughout related incident investigations.
▪ Source appropriate IS systems and tools to be used by the SOC.
▪ Received training and utilized the following IS tools : Archer SecOps, Splunk Enterprise, HP ArcSight, CarbonBlack Endpoint Detection and Response (EDR), ZScaler Proxy, Cisco StealthWatch, McAfee ePolicy Orchestrator (ePO), ServiceNOW, the xWiki knowledge sharing platform, and the Comodo iTOP ITIL change management platform.
▪ Create and manage processes to detect, respond to, and remediate Advanced Persistent Threats (APTs) in the Philips environment in order to reduce the IS Risk level.
▪ Continuously research large-scale IS threats to improve defense strategies. Examples of such threats are the Conficker and Cutwail Botnets, WannaCry ransomware, and the vulnerabilities and exploits that the Shadow Brokers leaked.
▪ Create, review, and maintain IS Use Cases, procedures, guidelines, and access controls.
▪ Review and recommend changes to the IT infrastructure and the IT/IS policies to improve the overall IS posture.
▪ Craft professional company-wide information security alerts when large-scale incidents occur.
▪ Received training in Lean and Agile Methodologies.
2015 : 2017
Philips Health Systems
Information Security Analyst
Received training and experience in Penetration Testing and Ethical Hacking. Performed internal and external Security audits as well as penetration/vulnerability audits. Performed PCI readiness audits. Performed remediation for any and all vulnerabilities found. User identity management using active directory, Office 365 as a service, and password synchronization with DirSync. Provided excellent support to hundreds of clients and thousands of users. Utilized Office 365, Windows (all versions), ConnectWise, Labtech, ScreenConnect, Hyper-V, Linux, and Dell SonicWALL routers to provide email, Network, Security, hardware, and software support. Designed and implemented Network, Security, and Disaster recovery infrastructure.
2013 : 2015
Technology Seed
Information Security Specialist
Carefully and quickly checking each Medical Balloon I run in the machine for anything wrong with it, from dirt particles lodged inside to incorrect size. Precision and speed was crucial. I worked on a variety of different machines and types of Medical Balloons. Each Balloon had to be very carefully examined since they are used for medical procedures. I worked third shift.
2012 : 2013
Vention Medical
Medical Balloon Machine Operator
Triangle Credit Union
Information Security Analyst
2018 : 2020
Mainstay Technologies
Information Security Specialist
▪ Develop the Security Operations Center (SOC) group and collaborate with other Information Security (IS) groups to build and mature the CISO organization from the ground up.
▪ Collaborate with the counterpart SOC in Europe to develop, mature, and provide unified Security Operations actions on a global level.
▪ Information Security Incident Response, threat intelligence, IS systems engineering, and anomaly detection via network traffic and endpoint processes.
▪ Develop and implement use cases within Splunk to automate incident reporting using custom queries and dashboards. Create and use custom queries within Splunk to search through correlated logs throughout related incident investigations.
▪ Source appropriate IS systems and tools to be used by the SOC.
▪ Received training and utilized the following IS tools : Archer SecOps, Splunk Enterprise, HP ArcSight, CarbonBlack Endpoint Detection and Response (EDR), ZScaler Proxy, Cisco StealthWatch, McAfee ePolicy Orchestrator (ePO), ServiceNOW, the xWiki knowledge sharing platform, and the Comodo iTOP ITIL change management platform.
▪ Create and manage processes to detect, respond to, and remediate Advanced Persistent Threats (APTs) in the Philips environment in order to reduce the IS Risk level.
▪ Continuously research large-scale IS threats to improve defense strategies. Examples of such threats are the Conficker and Cutwail Botnets, WannaCry ransomware, and the vulnerabilities and exploits that the Shadow Brokers leaked.
▪ Create, review, and maintain IS Use Cases, procedures, guidelines, and access controls.
▪ Review and recommend changes to the IT infrastructure and the IT/IS policies to improve the overall IS posture.
▪ Craft professional company-wide information security alerts when large-scale incidents occur.
▪ Received training in Lean and Agile Methodologies.
2015 : 2017
Philips Health Systems
Information Security Analyst
Received training and experience in Penetration Testing and Ethical Hacking. Performed internal and external Security audits as well as penetration/vulnerability audits. Performed PCI readiness audits. Performed remediation for any and all vulnerabilities found. User identity management using active directory, Office 365 as a service, and password synchronization with DirSync. Provided excellent support to hundreds of clients and thousands of users. Utilized Office 365, Windows (all versions), ConnectWise, Labtech, ScreenConnect, Hyper-V, Linux, and Dell SonicWALL routers to provide email, Network, Security, hardware, and software support. Designed and implemented Network, Security, and Disaster recovery infrastructure.
2013 : 2015
Technology Seed
Information Security Specialist
Carefully and quickly checking each Medical Balloon I run in the machine for anything wrong with it, from dirt particles lodged inside to incorrect size. Precision and speed was crucial. I worked on a variety of different machines and types of Medical Balloons. Each Balloon had to be very carefully examined since they are used for medical procedures. I worked third shift.
2012 : 2013
Vention Medical
Medical Balloon Machine Operator
Company:
Triangle Credit Union
Years of Experience:
12
Skills
Active Directory, Agile Methodologies, C++, Communication, Computer Hardware, Computer Repair, ConnectWise, Customer Satisfaction, Customer Service, Encryption, ePolicy Orchestrator, Great Customer Service, Group Policy, Incident Handling, Information Security, Information Technology, Labtech, Leadership, Lean, Lean Six Sigma, Linux, Microsoft Exchange, Microsoft Office, Network Administration, Network Security, Office 365, OpenVAS, Penetration Testing, Powershell, Proxy, Python Scripting, Quick Learner, Scrum, Security Audits, Servers, SonicWALL, Splunk, Technical Support, Time Management, Troubleshooting, Virus Prevention and Removal, VMware, Windows, Windows 7, Windows Server, ZScaler, Teaching, Adolescents, Telephone Skills, Networking, Team Leadership, System Administration, Virus Prevention and, Hyper-V, Remote Access, Google Apps, Backup Solutions, DNS, C
Profile Photo
