Profiles search
Michael Y.
Cybersecurity Engineer at Panasonic Avionics Corporation
Los Angeles, CA, United States
Details
Experience:
Panasonic Avionics, a 5,000+ employee subsidiary of Panasonic North America, makes in-flight entertainment and communications systems that allow airborne passengers to get their fix of live TV, movies, music, interactive games, and travel guides. Its Global Communications Suite offers internet access, telephone service, and broadband connectivity.
Customers include most commercial airline carriers and aircraft manufacturers, such as Airbus and Boeing. Panasonic Avionics has operations in the US, Asia, Australia, Europe, and the Middle East.
AREAS OF RESPONSIBILITY
- Entra ID (Azure AD) : audit, secure, and investigate AAD/M365 services and activities. SAML SSO, MFA/2FA
- PowerShell : create AD, AAD scripts for security, automation, compliance, reporting, investigations
- Certificates (PKI) : secure, inventory, monitor public and private certs. Advise Certificate Owners
- Security Events (SIEM) and Vulnerability Management
- Web Apps : protect, monitor, and inventory web apps. Establish formal onboarding/offboarding/auditing processes
- Account Lifecycle (IAM) : improve and audit identity/access management and processes in coordination with HR, Compliance, Audit, Legal, Systems/Network Operations, and 3rd parties
--- Privileged Access Management (PAM) : Zero Trust principle. Separation of roles, rights, server networks
- Firewalls : manage access control lists/rules. Establish formal request and management processes
- VPN : secure with “Zero Trust”. Consolidate, migrate from several solutions to one
- Endpoint and Endpoint Privilege management
- Training : mentor security and other teams, including PKI, PowerShell, Active Directory, AAD IdP
- Incident response, Root Cause Analysis (RCA), Agile workflow methodology
- Create documentation, How-To’s, knowledgebase articles on Confluence, ServiceNow, Jira
2019 : Present
Panasonic Avionics Corporation
Cybersecurity Engineer
YuenX provides insights, advice, and reviews on products, services, technology, photography, and the outdoors. Its goal is to inform, engage, and educate, and many of its articles have been featured by both Google and Bing as Critic Reviews alongside well-known publishers.
The site is built on the WordPress publishing platform with many posts organically ranking (no ad campaign) on the first page of Google Search results with 1.7M+ monthly impressions. According to Google (6/2023), the site receives 18,000+ unique visitors over a 30-day period with 75%+ of referrals coming from organic searches. Google only counts visitors who have Javascript enabled.
YuenX primarily earns from affiliate commissions at no extra cost to its visitors.
2019 :
YuenX
Owner, Content Creator
SUMMARY
I was hired to assist cloud engineers with managing AD and Azure AD (AAD) and was soon asked to lead the AAD project’s Identity and Access Management (IAM) effort. I integrated over 60 IdP-/SP-initiated, MFA-enabled SaaS apps with Federated SSO while challenging internal processes and some vendors on their security practices.
Across 6 autonomous Divisions and with a One IT and Security First mindset, I brought cross-functional teams together (IAM, HR, developers, engineers, cybersecurity) to improve, secure, and standardize processes. This resulted in 5 positive messages sent to my manager within the first 6 months of hire, culminating in an Employee Appreciation Award (2019 H1).
RESPONSIBILITIES
Supplied global, shared services in a team of 12 for a 3,700+ employee insurance company.
- Azure AD : leveraged its identity and access management services in a hybrid cloud configuration
- Active Directory : administered a multi-forest AD, Windows, and VMware infrastructure. ADRAP
- Certificates : managed MS PKI/Certificate Authority (CA)
- IAM : standardized, secured, and consolidated identity/access management processes and procedures
- Cybersecurity, Compliance : identified and remediated risks
- Advanced PowerShell : created AD, AAD, Windows, VMware, PKI scripts for automation, compliance
- Terraform : introductory IAC training to automate AWS AMI VMs in EC2, isolated in S3 buckets and VPCs
- Office 365 : participated in deployment planning/troubleshooting with eventual goal to become the SME
- Engaged in department-wide DevOps challenge labs around AWS, Terraform (automation, security)
- Stealthbits Audit (PIM) : audited AD, data access, identities
- Infrastructure support for : Salesforce, Sailpoint
2018 : 2019
Pacific Life
Sr Systems Engineer
SUMMARY
I automated tasks/projects and resolved compliance/security issues after management recognized my ability to improve processes and identify risks. I later became the North American go-to PowerShell developer for the 10-person team.
RESPONSIBILITIES
Provided engineering and consulting services to internal and external clients (like PIMCO, an investment management firm) for a highly regulated, global bank of 36,000+ employees responsible for 11%+ ($28T) of the World’s assets. Uptime and security were critical.
- Active Directory : administered and secured a multi-forest, multi-domain AD
- VMware : managed 8,130+ VMs and 273+ ESXi hosts (HP, Cisco UCS, Dell, Nutanix) on 8 vCenters
- Optimized performance, capacity with vRealize OpsMgr 6.7 (vROps)
- Advanced PowerShell : created AD, Windows, VMware, PKI scripts for automation, monitoring, compliance
- Certificates : managed and provided MS PKI/Certificate Authority (CA) consulting (Win, Linux, Cisco)
- Excel : visualized/manipulated data with vLookups, Pivot Tables, Conditional Formatting, Formulas
2017 : 2018
State Street
IT Infrastructure Analyst, Assistant Vice President
OVERVIEW
- Dental/medical conglomerate with 11,000+ employees and $3+ billion market capitalization
- Administration of 140+ domestic/international sites, including sister companies' like Nobel Biocare, in team of 12 engineers
- Standardization and migration of 16+ remote sites to VMware-based virtual server environments
- Continuous Risk and Security assessment, remediation, and management
- Acquisitions, Mergers : Active Directory (AD) migrations/cleanup to a single-domain model, ADMT, ADRAP
- Engineering, Migration of MS Public Key Infrastructure/Certificate Authority
- Improvement and Documentation of processes and policies worldwide for consistency and ease of administration
- Escalation support to global IT Ops team of 49
- Training/Mentoring of diverse individuals across teams
- Organization of activities to strengthen team bond : movies/gaming/dinners, ToughMudder
RESPONSIBILITIES
- Citrix XenApp XA 6-7.9; XenDesktop 7.6; MCS, PVS/Provisioning Services 7.9
- Citrix NetScaler VPX 9-10.5; XenServer 6
- Citrix Migrations : MPS 4 to XA 6 to 7.9 with PVS | WI to StoreFront 3
- VMware ESXi 4-6 on 150+ Hosts, 2640+ VMs. PowerCLI
- PowerShell scripting : AD, Windows, VMware, Exchange, Citrix, PKI, WSUS
- MS PKI/Certification Authority (CA) Migration : 2008 SHA-1 to 2012 R2 SHA-256, Cross-Forest Configuration, Cleanup/Decommission
- Certificates : Internal/Public SSL
- SQL Server 2005-2016
- MS ADFS 3 (AD Federation Services) : Single Sign-On (SSO), SAML, Web Application Proxy (WAP)
- Quest ActiveRoles (ARS), Recovery Manager for AD
- Exchange 2013 via PowerShell/EMC
- WSUS Patch Management
- Carbon Black Protection/Bit9
- F5 Big-IP 12 : LTM, APM, ASM (Local Traffic/Load Management, Access Policy, App Security)
- Migration : Threat Management Gateway TMG to F5
- SCCM 2007 R2, SCOM 2007 R2
- Anti-Virus : Trend OfficeScan, FEP 2010
- Commvault Simpana, Symantec Backup Exec, Tape
- KMS, Serv-U MFT (SFTP, FTPS), SSH, IIS, NAS, AWS EC2
2010 : 2017
Envista Holdings Corporation
Systems Engineer III (Kavo Kerr/Danaher Dental)
Customers include most commercial airline carriers and aircraft manufacturers, such as Airbus and Boeing. Panasonic Avionics has operations in the US, Asia, Australia, Europe, and the Middle East.
AREAS OF RESPONSIBILITY
- Entra ID (Azure AD) : audit, secure, and investigate AAD/M365 services and activities. SAML SSO, MFA/2FA
- PowerShell : create AD, AAD scripts for security, automation, compliance, reporting, investigations
- Certificates (PKI) : secure, inventory, monitor public and private certs. Advise Certificate Owners
- Security Events (SIEM) and Vulnerability Management
- Web Apps : protect, monitor, and inventory web apps. Establish formal onboarding/offboarding/auditing processes
- Account Lifecycle (IAM) : improve and audit identity/access management and processes in coordination with HR, Compliance, Audit, Legal, Systems/Network Operations, and 3rd parties
--- Privileged Access Management (PAM) : Zero Trust principle. Separation of roles, rights, server networks
- Firewalls : manage access control lists/rules. Establish formal request and management processes
- VPN : secure with “Zero Trust”. Consolidate, migrate from several solutions to one
- Endpoint and Endpoint Privilege management
- Training : mentor security and other teams, including PKI, PowerShell, Active Directory, AAD IdP
- Incident response, Root Cause Analysis (RCA), Agile workflow methodology
- Create documentation, How-To’s, knowledgebase articles on Confluence, ServiceNow, Jira
2019 : Present
Panasonic Avionics Corporation
Cybersecurity Engineer
YuenX provides insights, advice, and reviews on products, services, technology, photography, and the outdoors. Its goal is to inform, engage, and educate, and many of its articles have been featured by both Google and Bing as Critic Reviews alongside well-known publishers.
The site is built on the WordPress publishing platform with many posts organically ranking (no ad campaign) on the first page of Google Search results with 1.7M+ monthly impressions. According to Google (6/2023), the site receives 18,000+ unique visitors over a 30-day period with 75%+ of referrals coming from organic searches. Google only counts visitors who have Javascript enabled.
YuenX primarily earns from affiliate commissions at no extra cost to its visitors.
2019 :
YuenX
Owner, Content Creator
SUMMARY
I was hired to assist cloud engineers with managing AD and Azure AD (AAD) and was soon asked to lead the AAD project’s Identity and Access Management (IAM) effort. I integrated over 60 IdP-/SP-initiated, MFA-enabled SaaS apps with Federated SSO while challenging internal processes and some vendors on their security practices.
Across 6 autonomous Divisions and with a One IT and Security First mindset, I brought cross-functional teams together (IAM, HR, developers, engineers, cybersecurity) to improve, secure, and standardize processes. This resulted in 5 positive messages sent to my manager within the first 6 months of hire, culminating in an Employee Appreciation Award (2019 H1).
RESPONSIBILITIES
Supplied global, shared services in a team of 12 for a 3,700+ employee insurance company.
- Azure AD : leveraged its identity and access management services in a hybrid cloud configuration
- Active Directory : administered a multi-forest AD, Windows, and VMware infrastructure. ADRAP
- Certificates : managed MS PKI/Certificate Authority (CA)
- IAM : standardized, secured, and consolidated identity/access management processes and procedures
- Cybersecurity, Compliance : identified and remediated risks
- Advanced PowerShell : created AD, AAD, Windows, VMware, PKI scripts for automation, compliance
- Terraform : introductory IAC training to automate AWS AMI VMs in EC2, isolated in S3 buckets and VPCs
- Office 365 : participated in deployment planning/troubleshooting with eventual goal to become the SME
- Engaged in department-wide DevOps challenge labs around AWS, Terraform (automation, security)
- Stealthbits Audit (PIM) : audited AD, data access, identities
- Infrastructure support for : Salesforce, Sailpoint
2018 : 2019
Pacific Life
Sr Systems Engineer
SUMMARY
I automated tasks/projects and resolved compliance/security issues after management recognized my ability to improve processes and identify risks. I later became the North American go-to PowerShell developer for the 10-person team.
RESPONSIBILITIES
Provided engineering and consulting services to internal and external clients (like PIMCO, an investment management firm) for a highly regulated, global bank of 36,000+ employees responsible for 11%+ ($28T) of the World’s assets. Uptime and security were critical.
- Active Directory : administered and secured a multi-forest, multi-domain AD
- VMware : managed 8,130+ VMs and 273+ ESXi hosts (HP, Cisco UCS, Dell, Nutanix) on 8 vCenters
- Optimized performance, capacity with vRealize OpsMgr 6.7 (vROps)
- Advanced PowerShell : created AD, Windows, VMware, PKI scripts for automation, monitoring, compliance
- Certificates : managed and provided MS PKI/Certificate Authority (CA) consulting (Win, Linux, Cisco)
- Excel : visualized/manipulated data with vLookups, Pivot Tables, Conditional Formatting, Formulas
2017 : 2018
State Street
IT Infrastructure Analyst, Assistant Vice President
OVERVIEW
- Dental/medical conglomerate with 11,000+ employees and $3+ billion market capitalization
- Administration of 140+ domestic/international sites, including sister companies' like Nobel Biocare, in team of 12 engineers
- Standardization and migration of 16+ remote sites to VMware-based virtual server environments
- Continuous Risk and Security assessment, remediation, and management
- Acquisitions, Mergers : Active Directory (AD) migrations/cleanup to a single-domain model, ADMT, ADRAP
- Engineering, Migration of MS Public Key Infrastructure/Certificate Authority
- Improvement and Documentation of processes and policies worldwide for consistency and ease of administration
- Escalation support to global IT Ops team of 49
- Training/Mentoring of diverse individuals across teams
- Organization of activities to strengthen team bond : movies/gaming/dinners, ToughMudder
RESPONSIBILITIES
- Citrix XenApp XA 6-7.9; XenDesktop 7.6; MCS, PVS/Provisioning Services 7.9
- Citrix NetScaler VPX 9-10.5; XenServer 6
- Citrix Migrations : MPS 4 to XA 6 to 7.9 with PVS | WI to StoreFront 3
- VMware ESXi 4-6 on 150+ Hosts, 2640+ VMs. PowerCLI
- PowerShell scripting : AD, Windows, VMware, Exchange, Citrix, PKI, WSUS
- MS PKI/Certification Authority (CA) Migration : 2008 SHA-1 to 2012 R2 SHA-256, Cross-Forest Configuration, Cleanup/Decommission
- Certificates : Internal/Public SSL
- SQL Server 2005-2016
- MS ADFS 3 (AD Federation Services) : Single Sign-On (SSO), SAML, Web Application Proxy (WAP)
- Quest ActiveRoles (ARS), Recovery Manager for AD
- Exchange 2013 via PowerShell/EMC
- WSUS Patch Management
- Carbon Black Protection/Bit9
- F5 Big-IP 12 : LTM, APM, ASM (Local Traffic/Load Management, Access Policy, App Security)
- Migration : Threat Management Gateway TMG to F5
- SCCM 2007 R2, SCOM 2007 R2
- Anti-Virus : Trend OfficeScan, FEP 2010
- Commvault Simpana, Symantec Backup Exec, Tape
- KMS, Serv-U MFT (SFTP, FTPS), SSH, IIS, NAS, AWS EC2
2010 : 2017
Envista Holdings Corporation
Systems Engineer III (Kavo Kerr/Danaher Dental)
Company:
Panasonic Avionics Corporation
Spoken Language:
Chinese, Cantonese, Chinese, Mandarin, English, German, Spanish
About
I am a Cybersecurity Engineer (with prior 17 years in IT Systems Engineering) who thrives in a modern environment. My areas of specialty include security, Microsoft technologies, virtualization, scripting, process improvement, integration, some networking, mentoring, web design, and the creative arts.
My long-term career path is in Cybersecurity, M365, and/or DevSecOps. Some of my strengths are being detail-oriented, resourceful, patient, calm in stressful situations, and not afraid to challenge the status quo. I enjoy solving problems, learning and sharing knowledge, promoting team camaraderie, and being a geek.
PERSONAL
I am an outdoor enthusiast who aims to live a life that is inspiring. I enjoy being a parent, hiking, photography, food, technology, DIY projects, travel, mentoring, and building relationships.
15-year Long Beach Legacy Runner (2 Marathons, 14 Half) + 14 Half Marathons + 4 Tough Mudder 15K as of 2023.
Profile Photo
