Profiles search
Jerry Proctor, GCIH, CISSP
Senior Information Security Analyst
Brooklyn, NY, United States
Details
Education:
B.A.
Philosophy
Wheaton College
1991 : 1995
Master of Science - MS
Management of Technology (MoT)
New York University
2023 :
Philosophy
Wheaton College
1991 : 1995
Master of Science - MS
Management of Technology (MoT)
New York University
2023 :
Experience:
2023 : Present
Confidential Employer
Senior Information Security Analyst
• Utilize investigative tools for tracking and remediation of malware, ransomware, insider threat operations. Splunk, Tanium, NetWitness. Provide technical services needed for cyber incident response investigations including containment, eradication and remediation activities. Recent caseload involves malicious email campaigns, malware, brand protection cases, data integrity, internal threat operations.
• Coordinate and lead investigations with SOC, Adversary Hunt, Insider Threat Operations, Data Loss Prevention, Technical Services and other teams as needed. Incident handling.
• Reports to upper management with executive summaries of all cases, metrics tracking trends and case types, and BLUF summaries for situational awareness of critical cases.
• Responsible for assessing scope of incident damage and incident severity. Compile metrics and executive summaries, after-action reports and timelines. Responsible for maintaining documentation throughout a cyber incident. Assist in the drafting of post-incident reports to senior leadership to convey impact, origin, root cause, and remediation.
• Provides recommendations to resolve incident and/or reduce impact of incident, and to prevent future similar incidents.
• Maintain on-call availability for a 24x7x365 coverage.
2020 : 2023
BNY Mellon
Information Security Analyst - Cyber Incident Response Analyst (VP)
• Managed twelve analysts in Manhattan, Virginia, Pittsburgh, and Bangalore. All hiring, interviews, training, tools, and procurement. Stood up two new teams from scratch in Data Triage and Data Analysis. Tracked team goals and tasks in JIRA and Confluence. Report progress to senior management.
• Engaged all application & infrastructure/security-control data owners and influence their creation of logs and Security Monitoring service adoption. Onboarded over 200 applications in 2018. Coordinated with offshore team for installation and configuration of Splunk universal forwarding agent and custom logging solutions.
• Documented log generation (content creation) and collection build requirements for application/service-specific logs.
• Worked with SIEM Engineering team and data owners to ensure log collection of each data source was technically implemented.
• Extended existing log-onboarding/Security Monitoring service adoption process as required to improve adoption rates, improve internal-customer experience, and improve operational efficiency
• Provided application on-boarding prioritization recommendations, based upon available capacity in SIEM environment vs. log capacity/build requirements for their applications, and timeline to log availability.
• Managed scheduling and queueing of data owner conversations, log on-boarding, and post-on-boarding log review with data owners.
• Facilitated the development of data source-specific data dictionaries; ability to analyze available fields and values and propose optimal sets of fields and values to retain for Security Monitoring use.
2017 : 2020
BNY Mellon
Information Security Analyst - Senior Specialist - Log Adoption Specialist (VP)
• Security patching and maintenance of all Windows systems, Linux servers, Oracle and MS SQL databases, 3rd party applications, application, internet perimeter and DMZ systems. Schedule downtime and work with business owners, engineers, and DBAs to routinely keep environment secure and up-to-date in Test, Production, Web, and DR.
• Maintenance of Tenable Nessus vulnerability scanner, Tenable.io, Tenable Log Correlation Engine (SIEM) and Security Center Continuous View. Interpretation of output from Nessus vulnerability scans/LCEs and escalation of security issues identified.
• Programming, configuration, and maintenance of Tenable environment. Write data normalization rules and filters to better sift monitoring data for security, anomalous, error, and previously uncategorized events.
• Maintenance of IBM BigFix deployment for systems management purposes, patching, reporting, asset management.
• Compliance, auditing. Work with external auditors to report compliance with financial industry standards.
2017 : 2017
Mizuho Trust & Banking Co. (USA)
IT Security Maintenance & Vulnerability Testing (VP)
• Deployed DuoSecurity multifactor authentication, network perimeter hardening and penetration testing, deploy Webroot antimalware solution with cloud monitoring and alerting, clean up external DNS and firewall rules to minimize network’s attack surface. Performed internal audits for compliance with banking and finance customers.
• Administrated corporate LAN/WAN with main office in New York City and data center at SunGard in Carlstadt, NJ. Managed all servers, systems, and network gear. Deployed virtual machines, email administration with Exchange Online/Office 365 (including Powershell, mail rules, blacklisting/whitelisting), virtualization with VMWare ESXi platform, Windows 2012 R2, terminal server work environments. Dell, HP, and IBM hardware platforms.
• Backups and data retention with Barracuda 690s, cloud backups. Intermedia for email backups. Amazon Glacier for legacy file storage. Develop technical plan for email and file backups to satisfy Dodd-Frank requirements and handle technical end of successful SEC audit.
• Successfully passed Microsoft software licensing audit with zero cost to company, tracked volume licensing and purchases.
• Handled billing, chose new products and vendors. Saved company more than $80K in 2016 by seeking out new vendors for bandwidth, alternate product solutions, and devising innovative technical solutions around new and existing infrastructure problems.
• Managed technical end of corporate move. Negotiated rates, arranged movers, bandwidth. Accomplished move in four months. Consolidate network and decommission legacy equipment reducing rack equipment from eight racks to two.
• Managed offsite datacenter, disaster recovery. Exchange Online/Office 365. Star2Star phone system. Supported and configured Meraki switches and firewalls, HP switches, Dell Sonicwall firewall, Cisco 3700 router, Meraki wireless.
2014 : 2017
cfX Incorporated
Senior Network and Systems Administrator
Confidential Employer
Senior Information Security Analyst
• Utilize investigative tools for tracking and remediation of malware, ransomware, insider threat operations. Splunk, Tanium, NetWitness. Provide technical services needed for cyber incident response investigations including containment, eradication and remediation activities. Recent caseload involves malicious email campaigns, malware, brand protection cases, data integrity, internal threat operations.
• Coordinate and lead investigations with SOC, Adversary Hunt, Insider Threat Operations, Data Loss Prevention, Technical Services and other teams as needed. Incident handling.
• Reports to upper management with executive summaries of all cases, metrics tracking trends and case types, and BLUF summaries for situational awareness of critical cases.
• Responsible for assessing scope of incident damage and incident severity. Compile metrics and executive summaries, after-action reports and timelines. Responsible for maintaining documentation throughout a cyber incident. Assist in the drafting of post-incident reports to senior leadership to convey impact, origin, root cause, and remediation.
• Provides recommendations to resolve incident and/or reduce impact of incident, and to prevent future similar incidents.
• Maintain on-call availability for a 24x7x365 coverage.
2020 : 2023
BNY Mellon
Information Security Analyst - Cyber Incident Response Analyst (VP)
• Managed twelve analysts in Manhattan, Virginia, Pittsburgh, and Bangalore. All hiring, interviews, training, tools, and procurement. Stood up two new teams from scratch in Data Triage and Data Analysis. Tracked team goals and tasks in JIRA and Confluence. Report progress to senior management.
• Engaged all application & infrastructure/security-control data owners and influence their creation of logs and Security Monitoring service adoption. Onboarded over 200 applications in 2018. Coordinated with offshore team for installation and configuration of Splunk universal forwarding agent and custom logging solutions.
• Documented log generation (content creation) and collection build requirements for application/service-specific logs.
• Worked with SIEM Engineering team and data owners to ensure log collection of each data source was technically implemented.
• Extended existing log-onboarding/Security Monitoring service adoption process as required to improve adoption rates, improve internal-customer experience, and improve operational efficiency
• Provided application on-boarding prioritization recommendations, based upon available capacity in SIEM environment vs. log capacity/build requirements for their applications, and timeline to log availability.
• Managed scheduling and queueing of data owner conversations, log on-boarding, and post-on-boarding log review with data owners.
• Facilitated the development of data source-specific data dictionaries; ability to analyze available fields and values and propose optimal sets of fields and values to retain for Security Monitoring use.
2017 : 2020
BNY Mellon
Information Security Analyst - Senior Specialist - Log Adoption Specialist (VP)
• Security patching and maintenance of all Windows systems, Linux servers, Oracle and MS SQL databases, 3rd party applications, application, internet perimeter and DMZ systems. Schedule downtime and work with business owners, engineers, and DBAs to routinely keep environment secure and up-to-date in Test, Production, Web, and DR.
• Maintenance of Tenable Nessus vulnerability scanner, Tenable.io, Tenable Log Correlation Engine (SIEM) and Security Center Continuous View. Interpretation of output from Nessus vulnerability scans/LCEs and escalation of security issues identified.
• Programming, configuration, and maintenance of Tenable environment. Write data normalization rules and filters to better sift monitoring data for security, anomalous, error, and previously uncategorized events.
• Maintenance of IBM BigFix deployment for systems management purposes, patching, reporting, asset management.
• Compliance, auditing. Work with external auditors to report compliance with financial industry standards.
2017 : 2017
Mizuho Trust & Banking Co. (USA)
IT Security Maintenance & Vulnerability Testing (VP)
• Deployed DuoSecurity multifactor authentication, network perimeter hardening and penetration testing, deploy Webroot antimalware solution with cloud monitoring and alerting, clean up external DNS and firewall rules to minimize network’s attack surface. Performed internal audits for compliance with banking and finance customers.
• Administrated corporate LAN/WAN with main office in New York City and data center at SunGard in Carlstadt, NJ. Managed all servers, systems, and network gear. Deployed virtual machines, email administration with Exchange Online/Office 365 (including Powershell, mail rules, blacklisting/whitelisting), virtualization with VMWare ESXi platform, Windows 2012 R2, terminal server work environments. Dell, HP, and IBM hardware platforms.
• Backups and data retention with Barracuda 690s, cloud backups. Intermedia for email backups. Amazon Glacier for legacy file storage. Develop technical plan for email and file backups to satisfy Dodd-Frank requirements and handle technical end of successful SEC audit.
• Successfully passed Microsoft software licensing audit with zero cost to company, tracked volume licensing and purchases.
• Handled billing, chose new products and vendors. Saved company more than $80K in 2016 by seeking out new vendors for bandwidth, alternate product solutions, and devising innovative technical solutions around new and existing infrastructure problems.
• Managed technical end of corporate move. Negotiated rates, arranged movers, bandwidth. Accomplished move in four months. Consolidate network and decommission legacy equipment reducing rack equipment from eight racks to two.
• Managed offsite datacenter, disaster recovery. Exchange Online/Office 365. Star2Star phone system. Supported and configured Meraki switches and firewalls, HP switches, Dell Sonicwall firewall, Cisco 3700 router, Meraki wireless.
2014 : 2017
cfX Incorporated
Senior Network and Systems Administrator
Company:
Confidential Employer
Years of Experience:
18
Skills
Computer Forensics, Computer Security, Cyber Security, Microsoft Exchange, Networking, Network Security, Penetration Testing, Security, VMware, VMware ESX, Vulnerability Assessment, Windows Server, Writing
About
Information Security Analyst and digital forensics investigator with twelve years experience. Cyber incident response, Splunk log investigation, project management, vulnerability scanning, pen testing, systems and network perimeter hardening, security maintenance and patching on Windows, Linux, Oracle, and MS SQL.
Network and systems administrator with twenty-three years experience in network/server operations in finance, retail, and non-profit. VMWare, Windows, Active Directory, Cisco and Meraki switching/routing. Investigation experience in live network monitoring, firewall configuration and access lists, local and network forensic analysis, risk analysis, forensic client deployment and server packet inspection, IDS and security auditing, SEC and PCI compliance.
Profile Photo
