Profiles search
Michael M.
Global CyberSecurity Manager
Oshkosh, WI, United States
Details
Experience:
2022 : Present
Modine Manufacturing Company
Global Cybersecurity Manager
Participate in and coach the Security Operations & Incident Response Team (SIRT) : to employ strategy, standards, processes, and technology to detect, respond and recover from security incidents and to limit impacts of any such occurrence or reoccurrence by using risk-based triage.
Serve as a security expert in network, application design, operating systems, endpoint protection, mobile devices, and foundational InfoSec technical controls.
Work closely with architects and analyst to ensure adequate security solutions are in place throughout all systems to mitigate identified risks sufficiently, while meeting business objectives and regulatory requirements.
Manage and update the InfoSec risk model, and in coordination with other functional teams (e.g. HR, Finance, IT, Engineering), establish plans to securely manage the cyber risks associated with business activities and technical implementations.
Serve as a trusted advisor to business functional areas (e.g. Finance, HR, Engineering) and/or internal IT resources (such as infrastructure, applications, IT services).
Ensure that business and technical requirements are aligned to policy and are implemented within regulatory and contractual compliance. Advocate for cyber risk mitigation during planning sessions and implementation of new services.
Maintain expert awareness of all aspects of information security and compliance, including PCI, SOC, and HIPAA requirements for information systems and industry best practices; such as, NIST 800-53, 800-171.
Contribute to the development and maintenance of the information security strategy.
2019 : 2022
Oshkosh Corporation
Lead CyberSecurity Engineer
Participate in the Security Incident Response Team (SIRT). Help SIRT to employ strategy, standards, processes and technology to detect, respond and recover from security incidents and to limit the impact of any such occurrence or reoccurrence by using risk-based triage.
Serve as a security resource in network or application design, operating systems, endpoint protection, mobile devices, and foundational InfoSec technical controls. Maintain and roadmap InfoSec hosted systems (e.g. SIEM, DLIP) and drive continuous improvement.
Participate in the Global InfoSec Risk Management Program including Global Threat & Vulnerability Management, Global Insider Threat Management, Data Governance, Cloud Security, Supplier Risk Management, Global Security Policies, and InfoSec Governance & Compliance.
Work with other functional area analysts and project teams ensuring InfoSec policies/standards are part of designs to mitigate identified risks sufficiently, while meeting business objectives and regulatory requirements. Develop process improvements and manage Key Performance Indicators.
Ensure that business and technical requirements are aligned to policy and are implemented within regulatory and contractual compliance. Advocate for cyber risk mitigation during planning sessions and implementation of new services.
Maintain awareness of all aspects of information security and compliance, including PCI, SOX, and HIPAA requirements for information systems and industry best practices; such as, NIST 800-53, ISO 27001, COBIT, NIST 800-171, etc.
Contribute to forensic investigations/analysis, including collaboration with governmental agencies, as needed.
2019 : 2019
Oshkosh Corporation
Senior Information (IT) Cyber Security Engineer (contract)
Responsibilities include : Manages day-to-day operations to ensure both new and current IT initiatives are completed within agreed upon time frame and delivered to user expectations. Communicates with decision makers and stakeholders to ensure understanding of deliverables and negotiate expectations. Coordinates and manages outsourced resources and vendor software providers directly associated with the systems software under the department’s responsibilities. Ensures compatibility with current systems while remaining up to date with technologies.
Projects include : Established a central system for network monitoring and application monitoring.
Implementing a mobile device management solution.
Major network refresh including replacing network switches, firewalls, and upgrading internet service to provide more visibility, security, reliability, and performance while reducing long term costs.
Lead project management of developing an Accounts Payable app for the ERP system.
Lead project management on improving logistics communications.
Migrated from Trend Micro Endpoint to Sophos Cloud Endpoint solution.
Improved IT reporting systems to increase visibility.
Improved visibility on website performance, online presence, and public facing applications.
2018 : 2019
Rogers Petroleum
IT Manager
Responsibilities include :
Manage network (LAN, WLAN, & WAN) and server (including EDI, ERP, Exchange, AD, NFS, ESX, WSUS) security & availability; while supporting, end users, computers, software, printers and server backups between the Morristown & Kodak facilities.
Projects include :
• Migrated from Dell SonicWALL to Implementing a next generation firewall system.
• Networked two facilities, including developing and implementing complete network setup for new facility.
• Migrated from Symantec Endpoint to Sophos Cloud Endpoint solution.
• Established an IT security awareness program.
• Established video surveillance systems for Morristown & Kodak locations.
2015 : 2018
OTICS USA
IT Specialist (Network Administrator)
Modine Manufacturing Company
Global Cybersecurity Manager
Participate in and coach the Security Operations & Incident Response Team (SIRT) : to employ strategy, standards, processes, and technology to detect, respond and recover from security incidents and to limit impacts of any such occurrence or reoccurrence by using risk-based triage.
Serve as a security expert in network, application design, operating systems, endpoint protection, mobile devices, and foundational InfoSec technical controls.
Work closely with architects and analyst to ensure adequate security solutions are in place throughout all systems to mitigate identified risks sufficiently, while meeting business objectives and regulatory requirements.
Manage and update the InfoSec risk model, and in coordination with other functional teams (e.g. HR, Finance, IT, Engineering), establish plans to securely manage the cyber risks associated with business activities and technical implementations.
Serve as a trusted advisor to business functional areas (e.g. Finance, HR, Engineering) and/or internal IT resources (such as infrastructure, applications, IT services).
Ensure that business and technical requirements are aligned to policy and are implemented within regulatory and contractual compliance. Advocate for cyber risk mitigation during planning sessions and implementation of new services.
Maintain expert awareness of all aspects of information security and compliance, including PCI, SOC, and HIPAA requirements for information systems and industry best practices; such as, NIST 800-53, 800-171.
Contribute to the development and maintenance of the information security strategy.
2019 : 2022
Oshkosh Corporation
Lead CyberSecurity Engineer
Participate in the Security Incident Response Team (SIRT). Help SIRT to employ strategy, standards, processes and technology to detect, respond and recover from security incidents and to limit the impact of any such occurrence or reoccurrence by using risk-based triage.
Serve as a security resource in network or application design, operating systems, endpoint protection, mobile devices, and foundational InfoSec technical controls. Maintain and roadmap InfoSec hosted systems (e.g. SIEM, DLIP) and drive continuous improvement.
Participate in the Global InfoSec Risk Management Program including Global Threat & Vulnerability Management, Global Insider Threat Management, Data Governance, Cloud Security, Supplier Risk Management, Global Security Policies, and InfoSec Governance & Compliance.
Work with other functional area analysts and project teams ensuring InfoSec policies/standards are part of designs to mitigate identified risks sufficiently, while meeting business objectives and regulatory requirements. Develop process improvements and manage Key Performance Indicators.
Ensure that business and technical requirements are aligned to policy and are implemented within regulatory and contractual compliance. Advocate for cyber risk mitigation during planning sessions and implementation of new services.
Maintain awareness of all aspects of information security and compliance, including PCI, SOX, and HIPAA requirements for information systems and industry best practices; such as, NIST 800-53, ISO 27001, COBIT, NIST 800-171, etc.
Contribute to forensic investigations/analysis, including collaboration with governmental agencies, as needed.
2019 : 2019
Oshkosh Corporation
Senior Information (IT) Cyber Security Engineer (contract)
Responsibilities include : Manages day-to-day operations to ensure both new and current IT initiatives are completed within agreed upon time frame and delivered to user expectations. Communicates with decision makers and stakeholders to ensure understanding of deliverables and negotiate expectations. Coordinates and manages outsourced resources and vendor software providers directly associated with the systems software under the department’s responsibilities. Ensures compatibility with current systems while remaining up to date with technologies.
Projects include : Established a central system for network monitoring and application monitoring.
Implementing a mobile device management solution.
Major network refresh including replacing network switches, firewalls, and upgrading internet service to provide more visibility, security, reliability, and performance while reducing long term costs.
Lead project management of developing an Accounts Payable app for the ERP system.
Lead project management on improving logistics communications.
Migrated from Trend Micro Endpoint to Sophos Cloud Endpoint solution.
Improved IT reporting systems to increase visibility.
Improved visibility on website performance, online presence, and public facing applications.
2018 : 2019
Rogers Petroleum
IT Manager
Responsibilities include :
Manage network (LAN, WLAN, & WAN) and server (including EDI, ERP, Exchange, AD, NFS, ESX, WSUS) security & availability; while supporting, end users, computers, software, printers and server backups between the Morristown & Kodak facilities.
Projects include :
• Migrated from Dell SonicWALL to Implementing a next generation firewall system.
• Networked two facilities, including developing and implementing complete network setup for new facility.
• Migrated from Symantec Endpoint to Sophos Cloud Endpoint solution.
• Established an IT security awareness program.
• Established video surveillance systems for Morristown & Kodak locations.
2015 : 2018
OTICS USA
IT Specialist (Network Administrator)
Company:
Modine Manufacturing Company
Spoken Language:
English, German
About
I am an IT Security manager, with a Master’s degree in Cyber Security. Proficient at successfully managing multiple projects, leading project development, training, and personnel development. I have experience managing team members along with a variety of vendors at different business segments. I strive to promote Cybersecurity as a passion.
Profile Photo
