Profiles search
Jason Jacob
Information Security
New York, NY, United States
Details
Experience:
Building and supporting infosec operations and initiatives for PetPartners Inc, Independence American Insurance Company (IAIC), FIGO Pet Insurance, Third Party Pet, Hartville Pet Insurance (formally Crum and Forster Pet Insurance), and PetHealth. Companies are subsidiaries of Independence Pet Group (IPG) and held by the JAB Holding Company.
https : //www.independencepetgroup.com
• Azure Security and Azure/On Premise Active Directory
• Incident Detection and Response/Threat Intel Ops
• Patch and Vulnerability Management (Datto/ManageEngine/Arctic Wolf, Managed Risk solution)
• O365/Email Security/Microsoft Defender and Purview
• MFA (Okta)
• SIEM Management
• Phishing Tests and Security Awareness Training (Knowbe4/Security Mentor)
• Firewall/VPN Management (Azure/Cisco Meraki/Fortinet)
• Endpoint and Network Security/Threat Detection and Response (Trend Micro, AW, etc..)
• Log/Event Monitoring (through internal tools/Netwrix/AW)
• Third Party Risk Management (Prevalent)
• Assisting with audits
• Other initiatives and operations assistance/development as needed
2022 : Present
Independence Pet Group
Information Security Analyst
• Monitored abuse mailbox for phishing, privacy matters, email scams, password compromises, loss or theft of restricted or internal data, unauthorized disclosures or access, and other abuses and use Microsoft Azure/Cloud Security for investigation if necessary.
- Incidents/incident reports/tickets are managed through either Servicenow or Request Tracker.
• Investigated reports made by REN-ISAC regarding issues detected (such as open DNS resolvers, malware, etc...)
• Used Cisco Secure Endpoint to reduce the attack surface at Rutgers by using advanced endpoint detection and response (EDR), threat hunting, and endpoint isolation on devices at the university.
• Used Stealthwatch to detect attacks across the Rutgers network by analyzing incident reports using a flow collector.
• Worked with IDR team to complete vulnerability scans/pen testing and analysis of infrastructure using Rapid7 InsightVM.
• Used Splunk to search, monitor, and analyze data to turn into actionable evidence for incidents and investigate compromised accounts.
• Reported and investigated PHI accounts that are compromised and work w/ the Ethics and Compliance Privacy group.
• Actively threat hunted on Rutgers infrastructure.
• Investigated Dorkbot reports to find high-risk vulnerabilities in Rutgers web applications.
• Ran Linux commands/scripts to analyze compromised accounts, add malicious URLs to the Palo Alto Firewall list, etc...
• Managed NAC for devices connected to the Rutgers network through Cisco Identity Services Engine.
• Provided and maintained security/privacy awareness training to students, faculty, and staff.
• Reported abuse to ISPs and complete further investigation if necessary.
• Researched threats and vulnerabilities to support IDR and update/maintain IR/threat intel documentation, methods, tools, etc...
• Worked with SOC/IDR group on additional projects.
• Worked with OmniSOC/use ELK to respond to incidents.
• Investigated DUO security alerts for user accounts.
2021 : 2022
Rutgers University
Information Security Analyst - Incident Detection and Response
• Proactively worked with Data and Cybersecurity teams/heads in a variety of functions to support Infosec requirements, such as Identity and Access Management (IAM), Data Loss Prevention (DLP), Application Security, Cyber Threat Defense, Third Party Risk Management, Cyber Security Awareness Training, and Security Governance, Risk, & Compliance (GRC).
• Built and maintained threat intelligence and incident response methods, playbooks, tools, etc..
• Provided project management support for various InfoSec projects.
• Supported automation initiatives through proficiency in MS Office and programming languages.
• Produced and maintained the security metrics and reports for multiple audiences.
• Supported application security initiatives and remediation activities.
• Educated and raised awareness of SG employees of their roles and responsibilities to safeguard and protect SG corporate and client information.
• Primary Training and Awareness responsibilities :
- Streamlined collection and dissemination of Training and Awareness metrics.
- Participated in awareness events and building InfoSec awareness campaigns.
- Assisted with report creation and presentation of training and awareness reports.
2020 : 2021
Societe Generale
Information Security Intern
• Conducted Cybersecurity audits : testing administrative, technical, and physical controls to determine adequacy of design and operating effectiveness.
• Performed IT infrastructure audits : assessing design and operating effectiveness – 500+ Databases (Oracle, MySQL, MS-SQL, Sybase, DB2/UDB), Operating Systems, Servers, and Active Directory.
• Performed research to ensure understanding of auditable entities and/or related-activities.
• Timely executed assigned tasks on an audit and/or non-recurring projects.
• Assisted with identifying risks and controls for assigned tasks on an audit.
• Documented control evaluation procedures in adherence with the BBH Internal Audit Department policies and procedures.
• Assisted with gathering and analyzing data to conduct audit-related activities.
• Executed assigned testing procedures in adherence with the BBH Internal Audit Department policies and procedures.
• Summarized and documented preliminary draft audit findings that provide a clear detailed description, root cause/risk impact of the issue, and suggested recommendation for audit management review with documentation for audits being processed through the Archer eGRC platform.
• Effectively communicated audit results to audit management in a constructive manner.
• Audits and projects : Database Privileged Access Management, SOC2 Testing, SWIFT, Symantec Data Loss Prevention.
2020 : 2020
Brown Brothers Harriman
Information Technology Auditor
• Taught recitation sections of 21 and 20 students for the undergraduate course 01 : 198 : 170 : Computer Applications for Business in the Fall 2019 semester.
• Conducted, proctored and graded quizzes, exams, assignments for students.
• Taught students web design concepts specifically focused on HTML, CSS, and JavaScript using different applications such as JSBin, Atom and Notepad ++.
• Taught students functions and techniques about data investigation and manipulation using Excel.
• Worked closely with the Director of Undergraduate Introductory Instruction in the Computer Science department to identify issues students are having and develop appropriate solutions.
• Introduced students to computer tech/security, data communications, network applications, and structured programming.
2019 : 2020
Rutgers University
Lecturer
https : //www.independencepetgroup.com
• Azure Security and Azure/On Premise Active Directory
• Incident Detection and Response/Threat Intel Ops
• Patch and Vulnerability Management (Datto/ManageEngine/Arctic Wolf, Managed Risk solution)
• O365/Email Security/Microsoft Defender and Purview
• MFA (Okta)
• SIEM Management
• Phishing Tests and Security Awareness Training (Knowbe4/Security Mentor)
• Firewall/VPN Management (Azure/Cisco Meraki/Fortinet)
• Endpoint and Network Security/Threat Detection and Response (Trend Micro, AW, etc..)
• Log/Event Monitoring (through internal tools/Netwrix/AW)
• Third Party Risk Management (Prevalent)
• Assisting with audits
• Other initiatives and operations assistance/development as needed
2022 : Present
Independence Pet Group
Information Security Analyst
• Monitored abuse mailbox for phishing, privacy matters, email scams, password compromises, loss or theft of restricted or internal data, unauthorized disclosures or access, and other abuses and use Microsoft Azure/Cloud Security for investigation if necessary.
- Incidents/incident reports/tickets are managed through either Servicenow or Request Tracker.
• Investigated reports made by REN-ISAC regarding issues detected (such as open DNS resolvers, malware, etc...)
• Used Cisco Secure Endpoint to reduce the attack surface at Rutgers by using advanced endpoint detection and response (EDR), threat hunting, and endpoint isolation on devices at the university.
• Used Stealthwatch to detect attacks across the Rutgers network by analyzing incident reports using a flow collector.
• Worked with IDR team to complete vulnerability scans/pen testing and analysis of infrastructure using Rapid7 InsightVM.
• Used Splunk to search, monitor, and analyze data to turn into actionable evidence for incidents and investigate compromised accounts.
• Reported and investigated PHI accounts that are compromised and work w/ the Ethics and Compliance Privacy group.
• Actively threat hunted on Rutgers infrastructure.
• Investigated Dorkbot reports to find high-risk vulnerabilities in Rutgers web applications.
• Ran Linux commands/scripts to analyze compromised accounts, add malicious URLs to the Palo Alto Firewall list, etc...
• Managed NAC for devices connected to the Rutgers network through Cisco Identity Services Engine.
• Provided and maintained security/privacy awareness training to students, faculty, and staff.
• Reported abuse to ISPs and complete further investigation if necessary.
• Researched threats and vulnerabilities to support IDR and update/maintain IR/threat intel documentation, methods, tools, etc...
• Worked with SOC/IDR group on additional projects.
• Worked with OmniSOC/use ELK to respond to incidents.
• Investigated DUO security alerts for user accounts.
2021 : 2022
Rutgers University
Information Security Analyst - Incident Detection and Response
• Proactively worked with Data and Cybersecurity teams/heads in a variety of functions to support Infosec requirements, such as Identity and Access Management (IAM), Data Loss Prevention (DLP), Application Security, Cyber Threat Defense, Third Party Risk Management, Cyber Security Awareness Training, and Security Governance, Risk, & Compliance (GRC).
• Built and maintained threat intelligence and incident response methods, playbooks, tools, etc..
• Provided project management support for various InfoSec projects.
• Supported automation initiatives through proficiency in MS Office and programming languages.
• Produced and maintained the security metrics and reports for multiple audiences.
• Supported application security initiatives and remediation activities.
• Educated and raised awareness of SG employees of their roles and responsibilities to safeguard and protect SG corporate and client information.
• Primary Training and Awareness responsibilities :
- Streamlined collection and dissemination of Training and Awareness metrics.
- Participated in awareness events and building InfoSec awareness campaigns.
- Assisted with report creation and presentation of training and awareness reports.
2020 : 2021
Societe Generale
Information Security Intern
• Conducted Cybersecurity audits : testing administrative, technical, and physical controls to determine adequacy of design and operating effectiveness.
• Performed IT infrastructure audits : assessing design and operating effectiveness – 500+ Databases (Oracle, MySQL, MS-SQL, Sybase, DB2/UDB), Operating Systems, Servers, and Active Directory.
• Performed research to ensure understanding of auditable entities and/or related-activities.
• Timely executed assigned tasks on an audit and/or non-recurring projects.
• Assisted with identifying risks and controls for assigned tasks on an audit.
• Documented control evaluation procedures in adherence with the BBH Internal Audit Department policies and procedures.
• Assisted with gathering and analyzing data to conduct audit-related activities.
• Executed assigned testing procedures in adherence with the BBH Internal Audit Department policies and procedures.
• Summarized and documented preliminary draft audit findings that provide a clear detailed description, root cause/risk impact of the issue, and suggested recommendation for audit management review with documentation for audits being processed through the Archer eGRC platform.
• Effectively communicated audit results to audit management in a constructive manner.
• Audits and projects : Database Privileged Access Management, SOC2 Testing, SWIFT, Symantec Data Loss Prevention.
2020 : 2020
Brown Brothers Harriman
Information Technology Auditor
• Taught recitation sections of 21 and 20 students for the undergraduate course 01 : 198 : 170 : Computer Applications for Business in the Fall 2019 semester.
• Conducted, proctored and graded quizzes, exams, assignments for students.
• Taught students web design concepts specifically focused on HTML, CSS, and JavaScript using different applications such as JSBin, Atom and Notepad ++.
• Taught students functions and techniques about data investigation and manipulation using Excel.
• Worked closely with the Director of Undergraduate Introductory Instruction in the Computer Science department to identify issues students are having and develop appropriate solutions.
• Introduced students to computer tech/security, data communications, network applications, and structured programming.
2019 : 2020
Rutgers University
Lecturer
Company:
Independence Pet Group
Spoken Language:
English, French, Malayalam
About
I’m currently working at IPG and its subsidiaries as a InfoSec Analyst helping to build out and further develop InfoSec initiatives, tools, and operations.
I’ve completed a MBS degree in Cybersecurity and a MI degree in Technology, Information and Management and Data Science along with a BS from Rutgers University in a span of 5 1/2 years rather than the traditional 8 years (4 for undergrad, 2 for each Masters) while also working full-time.
In my free time, I like catching up on latest news and trends, playing and watching Football/Basketball with my favorite teams being the Giants and the Nets and looking for opportunities to plan my future either professionally or by traveling the world.
Getting the opportunity to meet new people and develop new relationships is one of the essential things I believe can help further a career so if you would like to connect with me or chat, I would be happy to! (Please include a comment on your connection request)
Profile Photo
