Profiles search
Phillip D.
Cyber Security Professional
Ft. Washington, MD, United States
Details
Education:
Bachelor of Science - BS
Computer Engineering
University of North Carolina at Charlotte
Computer Engineering
University of North Carolina at Charlotte
Experience:
2023 : Present
Mastercard
Lead Information Security Engineer
2022 : 2023
TekStream Solutions
Splunk Consultant
Management :
- Manage a team of eight (8) cybersecurity professionals.
- Regularly engage with members of my team to ensure they meet the requirements of their positions.
- Collect, review, and submit weekly and monthly status reports on behalf of my team to showcase their accomplishments and progress to corporate and client leadership.
- Performed annual performance evaluations for members of my team and provided guidance regarding their professional development goals and areas for improvement.
Technical :
- Developed multiple alerts and scheduled reports to meet client operational and security requirements
- Developed an add-on that ingests certificate data from Windows- and Linux-based Splunk instances and normalizes event data in accordance with the Common Information Model (CIM) Certificate data model.
- Led efforts to onboard data from newly deployed servers and applications, working with system administrators and vendors to ensure that the appropriate data is being ingested.
- Continuous review of security compliance scan results and performed multiple STIG compliance checks for servers running Splunk Enterprise versions 7.3.3 and 8.1.6.
- Developed Splunk app to streamline the performance of STIG compliance checks on a Splunk Enterprise servers leveraging the Splunk REST API to access backend configuration settings.
- Led the successful effort to upgrade the Splunk Enterprise from 7.3.3 to 8.1.6 and Splunk Enterprise Security from 5.0.0 to 6.2.2.
- Configured indexer discovery on production universal forwarders so that they can receive information on forwarding destinations.
- Created and managed multiple Splunk KV (key-value) stores.
- Implemented best practices and security hardening of Splunk Enterprise servers.
- Active troubleshooting of forwarding, indexing, and reporting issues.
- Work closely with application administrators to create Splunk dashboards using advance XML and CSS.
2021 : 2022
Falconwood, Incorporated
Cyber Team Lead | Senior Cyber Ops Admin | Splunk Enterprise Security Administrator
- Administered complex Splunk environment consisting of clustered indexers, standalone search heads, a heavy forwarder, and over a thousand universal forwarders. Performed daily Splunk health checks on indexing, forwarding, and license usage.
- Developed multiple Splunk dashboards and reports to monitor server health, indexing, forwarding, and security-related issues, e.g., the expiration of digital certificates used for secure communication over Splunk ports.
- Responsible for ensuring high availability of Splunk’s search and indexing capabilities.
- Developed and deployed automated solution to configure and onboard data from universal forwarders throughout the client space.
- Actively monitored the operational and reporting status of universal forwarders
- Developed and maintained Splunk Enterprise Standard Operating Procedures (SOP) documentation.
- Developed Splunk Enterprise access policy for client when on-boarding new users that have been approved for privileged access to the environment.
- Troubleshot and remedied various technical issues experienced with deployed Splunk apps and add-ons.
2020 : 2021
Falconwood, Incorporated
Cyber Ops Admin | Splunk Enterprise Administrator
- Created multiple architectures for optimal data pipelining and assembled large complex datasets to meet client’s functional business requirements.
- Served as Cyber Security SME to provide guidance, advice, and expertise on topics ranging from data security, network security, application security, and mitigation techniques against known and burgeoning threats to secure and sensitive infrastructures and internal assets.
- Developed system architecture design and system security design documentation.
- Performed daily data engineering activities, e.g., transformation of data from an untenable original format to a more usable, structured format for ingestion into data analytic dashboard applications that I have developed for the client.
- Designed, implemented, secured, maintained, and administered enterprise geospatial analytical systems using COTS and open-source solutions within a classified operational environment.
- Conducted analysis of system requirements and components and performed system audits to ensure intended system functionality, operation, and performance requirements were met.
- Handled code review and communication as liaison between the information assurance and software development teams.
- Designed a web-based application using JavaScript, Python, C#, and security-focused design patterns to integrate with an existing application that is compliant with risk management frameworks, such as NIST 500-83 and CNSSI 1253.
- Designed and implemented the architecture of an information system which provides spatial analytics and data visualization throughout the client’s Production, Beta, and Development/Test environments.
- Served as system administrator for Microsoft Windows Server 2012 R2, ESRI ArcGIS Enterprise, Tableau Server, and Tableau Desktop.
- Developed maps and mapping services using ESRI ArcGIS Enterprise.
- Developed mapping applications and resource management tools using HTML, CSS, and JavaScript.
2019 : 2020
Deloitte
Senior Cyber Security Consolutant
Mastercard
Lead Information Security Engineer
2022 : 2023
TekStream Solutions
Splunk Consultant
Management :
- Manage a team of eight (8) cybersecurity professionals.
- Regularly engage with members of my team to ensure they meet the requirements of their positions.
- Collect, review, and submit weekly and monthly status reports on behalf of my team to showcase their accomplishments and progress to corporate and client leadership.
- Performed annual performance evaluations for members of my team and provided guidance regarding their professional development goals and areas for improvement.
Technical :
- Developed multiple alerts and scheduled reports to meet client operational and security requirements
- Developed an add-on that ingests certificate data from Windows- and Linux-based Splunk instances and normalizes event data in accordance with the Common Information Model (CIM) Certificate data model.
- Led efforts to onboard data from newly deployed servers and applications, working with system administrators and vendors to ensure that the appropriate data is being ingested.
- Continuous review of security compliance scan results and performed multiple STIG compliance checks for servers running Splunk Enterprise versions 7.3.3 and 8.1.6.
- Developed Splunk app to streamline the performance of STIG compliance checks on a Splunk Enterprise servers leveraging the Splunk REST API to access backend configuration settings.
- Led the successful effort to upgrade the Splunk Enterprise from 7.3.3 to 8.1.6 and Splunk Enterprise Security from 5.0.0 to 6.2.2.
- Configured indexer discovery on production universal forwarders so that they can receive information on forwarding destinations.
- Created and managed multiple Splunk KV (key-value) stores.
- Implemented best practices and security hardening of Splunk Enterprise servers.
- Active troubleshooting of forwarding, indexing, and reporting issues.
- Work closely with application administrators to create Splunk dashboards using advance XML and CSS.
2021 : 2022
Falconwood, Incorporated
Cyber Team Lead | Senior Cyber Ops Admin | Splunk Enterprise Security Administrator
- Administered complex Splunk environment consisting of clustered indexers, standalone search heads, a heavy forwarder, and over a thousand universal forwarders. Performed daily Splunk health checks on indexing, forwarding, and license usage.
- Developed multiple Splunk dashboards and reports to monitor server health, indexing, forwarding, and security-related issues, e.g., the expiration of digital certificates used for secure communication over Splunk ports.
- Responsible for ensuring high availability of Splunk’s search and indexing capabilities.
- Developed and deployed automated solution to configure and onboard data from universal forwarders throughout the client space.
- Actively monitored the operational and reporting status of universal forwarders
- Developed and maintained Splunk Enterprise Standard Operating Procedures (SOP) documentation.
- Developed Splunk Enterprise access policy for client when on-boarding new users that have been approved for privileged access to the environment.
- Troubleshot and remedied various technical issues experienced with deployed Splunk apps and add-ons.
2020 : 2021
Falconwood, Incorporated
Cyber Ops Admin | Splunk Enterprise Administrator
- Created multiple architectures for optimal data pipelining and assembled large complex datasets to meet client’s functional business requirements.
- Served as Cyber Security SME to provide guidance, advice, and expertise on topics ranging from data security, network security, application security, and mitigation techniques against known and burgeoning threats to secure and sensitive infrastructures and internal assets.
- Developed system architecture design and system security design documentation.
- Performed daily data engineering activities, e.g., transformation of data from an untenable original format to a more usable, structured format for ingestion into data analytic dashboard applications that I have developed for the client.
- Designed, implemented, secured, maintained, and administered enterprise geospatial analytical systems using COTS and open-source solutions within a classified operational environment.
- Conducted analysis of system requirements and components and performed system audits to ensure intended system functionality, operation, and performance requirements were met.
- Handled code review and communication as liaison between the information assurance and software development teams.
- Designed a web-based application using JavaScript, Python, C#, and security-focused design patterns to integrate with an existing application that is compliant with risk management frameworks, such as NIST 500-83 and CNSSI 1253.
- Designed and implemented the architecture of an information system which provides spatial analytics and data visualization throughout the client’s Production, Beta, and Development/Test environments.
- Served as system administrator for Microsoft Windows Server 2012 R2, ESRI ArcGIS Enterprise, Tableau Server, and Tableau Desktop.
- Developed maps and mapping services using ESRI ArcGIS Enterprise.
- Developed mapping applications and resource management tools using HTML, CSS, and JavaScript.
2019 : 2020
Deloitte
Senior Cyber Security Consolutant
Company:
Mastercard
Years of Experience:
16
Skills
Application Security, Cybersecurity, Linux, Python (Programming Language), Security Architecture Design, Leadership, Research, PowerPoint, SQL, C, Computer Security, VBA, Penetration Testing, HTML, CSS, Cyber-security, Risk Assessment, Information Technology, Microsoft Excel, Information Security, Application Threat Modeling, JavaScript, Microsoft Visio, Web Sequence Diagrams, SAML 2.0, RAML, Microsoft Office, Java, XML Signature Wrapping Attacks, API Security, Web Services API, Ready API! Secure Pro, Python, Application Threat
Profile Photo
