Profiles search
Ryan Forbes
Senior Information Security Engineer
Queens Village, NY, United States
Details
Education:
Bachelor's degree
Finance and Investment
Baruch College
2016 : 2017
Associate of Arts (AA)
Liberal Arts and Sciences/Liberal Studies
Nassau Community College
2012 : 2015
Finance and Investment
Baruch College
2016 : 2017
Associate of Arts (AA)
Liberal Arts and Sciences/Liberal Studies
Nassau Community College
2012 : 2015
Experience:
2023 : Present
Qualia
Senior Information Security Engineer
● Leading Forensics investigation post-incident to identify source of entry, lateral movement, and privilege escalation as part of formal Root-Cause-Analysis (RCA)
● Developing python script to parse Atlassian Confluence for PII as part of the DLP program
● Architecting and managing IT infrastructure supporting corporate and security applications
● Implementing and integrating SSO applications with Okta IDP using SAML, OAuth
● Designing and building user on-boarding and off-boarding scripts with Okta Workflows
● Deploying, upgrading, and maintaining enterprise Slack, including building bots for automated events
● Developing in-house system for tracking IT SLA requests and metrics for leadership presentations
● Automating the quarterly access reviews for SOC2 compliance by enforcing least privilege access
● Partnering with InfoSec and Compliance to ensure proper application of security, IT controls, and policies
● Building Bash scripts to deploy in Kandji MDM to harden endpoint protection utilizing filevault and firewall
2022 : 2023
SEVENROOMS
Security/IT Systems Engineer
● Designed and architected python reporting script to pull data from multiple systems to measure IT support KPI
● Implemented and integrated applications with Okta SSO using SAML, OAuth, and OIDC
● Partnered with Cyber Security and Compliance to ensure proper execution of application security, IT controls
● Built Bash scripts to deploy in JAMF to ensure endpoint protection compliance
● Designed Okta Workflows automate onboardings and access to SAML apps using SCIM
● Liaised with Security and Compliance during SOC2 audit periods for information and evidence gathering
● Secured web traffic and DLP enforcement on endpoints with Netskope web proxy
● Managed the roll-out of Google Enterprise MDM via JAMF for iOS devices
● Optimized operational security by automating offboarding removing access to terminated users
● Executed Zero Trust for endpoints via JAMF for Computers (Device Trust)
● Assisted compliance with GDPR and CCPA readiness
● Implemented Github enterprise tier, cleaned up stale accounts, and tightened user permissions
● Applied Dependabot for software composition analysis (SCA)
2022 : 2022
Spring Health
Security/IT Systems Engineer
● Established vulnerability management program with bug bounty and annual penetration test with HackerOne
● Secured AWS environment following NIST benchmarks to ensure proper cloud infrastructure security
● Utilized Web Application Firewall (WAF) to protect from web app attacks
● Configured and responded to alerts from endpoint protection by Carbon Black
● Built project plan, implemented and administered DAST tool by Rapid7, and the SAST tool SonarQube
● Constructed Snyk (SCA) testing and SAST scanning into Travis CI/CD pipeline
● Engineered internal tools with Python and Bash to automate tasks and ensure proper configuration
● Gathered evidence for ISO 27001 audit and client audits to certify compliance
● Configured new SSO applications with SAML via Okta
● Configured SPF, DKIM, and DMARC as well as email encryption to enable better email security
● Monitored Pagerduty alerts and investigated network security events
● Coordinated with engineering teams to establish and implement security standards to secure applications
● Performed regular application vulnerability assessments and lead initiatives to resolve security flaws
● Analyzed security logs and improving collection and analysis
● Established and promoted security best practices and general security awareness
● Analyzed, investigated and remediated security incidents
2020 : 2022
pymetrics
Information Security Engineer
● Programming Python automation routines to reduce reporting delays by over 50%
● Designing and implementing Django web app for internal use
● Developing data retrieval, data scrubbing, data quality, transformation, and automated distribution
● Performing daily data analysis and statistical modelling studies
● Presenting visualizations and insights involving highly dimensional data
● Providing technical education to business groups
● Participating in Analytics Team briefings for business leaders and senior management
2018 : 2020
Big Apple Testing
Full Stack Engineer
Qualia
Senior Information Security Engineer
● Leading Forensics investigation post-incident to identify source of entry, lateral movement, and privilege escalation as part of formal Root-Cause-Analysis (RCA)
● Developing python script to parse Atlassian Confluence for PII as part of the DLP program
● Architecting and managing IT infrastructure supporting corporate and security applications
● Implementing and integrating SSO applications with Okta IDP using SAML, OAuth
● Designing and building user on-boarding and off-boarding scripts with Okta Workflows
● Deploying, upgrading, and maintaining enterprise Slack, including building bots for automated events
● Developing in-house system for tracking IT SLA requests and metrics for leadership presentations
● Automating the quarterly access reviews for SOC2 compliance by enforcing least privilege access
● Partnering with InfoSec and Compliance to ensure proper application of security, IT controls, and policies
● Building Bash scripts to deploy in Kandji MDM to harden endpoint protection utilizing filevault and firewall
2022 : 2023
SEVENROOMS
Security/IT Systems Engineer
● Designed and architected python reporting script to pull data from multiple systems to measure IT support KPI
● Implemented and integrated applications with Okta SSO using SAML, OAuth, and OIDC
● Partnered with Cyber Security and Compliance to ensure proper execution of application security, IT controls
● Built Bash scripts to deploy in JAMF to ensure endpoint protection compliance
● Designed Okta Workflows automate onboardings and access to SAML apps using SCIM
● Liaised with Security and Compliance during SOC2 audit periods for information and evidence gathering
● Secured web traffic and DLP enforcement on endpoints with Netskope web proxy
● Managed the roll-out of Google Enterprise MDM via JAMF for iOS devices
● Optimized operational security by automating offboarding removing access to terminated users
● Executed Zero Trust for endpoints via JAMF for Computers (Device Trust)
● Assisted compliance with GDPR and CCPA readiness
● Implemented Github enterprise tier, cleaned up stale accounts, and tightened user permissions
● Applied Dependabot for software composition analysis (SCA)
2022 : 2022
Spring Health
Security/IT Systems Engineer
● Established vulnerability management program with bug bounty and annual penetration test with HackerOne
● Secured AWS environment following NIST benchmarks to ensure proper cloud infrastructure security
● Utilized Web Application Firewall (WAF) to protect from web app attacks
● Configured and responded to alerts from endpoint protection by Carbon Black
● Built project plan, implemented and administered DAST tool by Rapid7, and the SAST tool SonarQube
● Constructed Snyk (SCA) testing and SAST scanning into Travis CI/CD pipeline
● Engineered internal tools with Python and Bash to automate tasks and ensure proper configuration
● Gathered evidence for ISO 27001 audit and client audits to certify compliance
● Configured new SSO applications with SAML via Okta
● Configured SPF, DKIM, and DMARC as well as email encryption to enable better email security
● Monitored Pagerduty alerts and investigated network security events
● Coordinated with engineering teams to establish and implement security standards to secure applications
● Performed regular application vulnerability assessments and lead initiatives to resolve security flaws
● Analyzed security logs and improving collection and analysis
● Established and promoted security best practices and general security awareness
● Analyzed, investigated and remediated security incidents
2020 : 2022
pymetrics
Information Security Engineer
● Programming Python automation routines to reduce reporting delays by over 50%
● Designing and implementing Django web app for internal use
● Developing data retrieval, data scrubbing, data quality, transformation, and automated distribution
● Performing daily data analysis and statistical modelling studies
● Presenting visualizations and insights involving highly dimensional data
● Providing technical education to business groups
● Participating in Analytics Team briefings for business leaders and senior management
2018 : 2020
Big Apple Testing
Full Stack Engineer
Company:
Qualia
Years of Experience:
11
Spoken Language:
English
Skills
Artificial Neural Networks, Burp Suite, C (Programming Language), C++, Communication, Convolutional Neural Networks (CNN), Critical Thinking, Customer Satisfaction, Customer Service, Data Analysis, Data Entry, Data Mining, Data Science, Data Visualization, Deep Learning, English, Event Planning, Facebook, hashcat, Identity & Access Management (IAM), Java, JavaScript, Kali Linux, Leadership, Linux, Machine Learning, Machine Learning Algorithms, Merchandising, Microsoft Excel, Microsoft Office, Microsoft Word, Okta Administration, Okta Single Sign-On, Organization Skills, PowerPoint, Programming, Python, Python (Programming Language), R, Social Media, SQL, sqlmap, Statistics, Team Building, Team Leadership, Teamwork, TensorFlow, Time Management, Web Development
About
Talented individual with experience in bridging the gap between business needs and engineering. Strong desire to grow technical skills, and ability to learn new technologies swiftly. Seeking a challenging and rewarding position as a Cyber Security Engineer that promotes learning and growth and needs a highly motivated and skilled employee.
Profile Photo
