Profiles search
Sharon McNeil
Manager - Cybersecurity Operations Center - East Carolina University
Greenville, NC, United States
Details
Education:
Bachelor of Science (BS)
Business Education - Information Technology
East Carolina University
Master's degree
Business Education - Computer and Information Technology
East Carolina University
Bachelor of Business Administration - BBA
Marketing Research Management
East Carolina University
J. H. Rose High
Business Education - Information Technology
East Carolina University
Master's degree
Business Education - Computer and Information Technology
East Carolina University
Bachelor of Business Administration - BBA
Marketing Research Management
East Carolina University
J. H. Rose High
Experience:
•Reports to the Chief Information Security Officer (CISO) on the planning, development, execution, monitoring, and evaluation of cybersecurity strategies, policies, and procedures.
•Manage our team of Cybersecurity professionals and Student Interns providing direction, and guidance, while assisting in formulating and structuring our team members' goals and tasks.
•Functions as a subject matter expert for complex cybersecurity-related issues connected to threat intelligence, cyber incident response, and vulnerability management, while mentoring additional personnel
•Oversees monitoring, detection, and analysis of security events utilizing Splunk Security Information and Event Management (SIEM) solution, including chairing the SIEM Steering Committee
•Subject matter expert for Cybersecurity Operations Center (CSOC) utilizing investigative tools such as Rapid7, Splunk Enterprise (SIEM), Spirion Identity Finder, Encase Forensics, Cisco Endpoints, Cisco Source Firepower, Microsoft Cloud App Security, Infoblox, and Cisco Stealth Watch
•Oversees investigations pertaining to security incidents, provides technical expertise for identifying affected systems and the scope of potential compromise, ensures quality control for security incident report documentation, including remediation and recovery efforts.
•Oversees vulnerability management processes for servers and network devices and collaborates with various IT groups providing technical oversight of campus-wide vulnerability management goals.
•Maintains the knowledge of various security tools associated with threat intelligence, incident response management, vulnerability management, sensitive data scanning and verification, and forensic analysis.
•Maintains a broad knowledge of industry standards and best practice security frameworks including ISO 27002, NIST, and CIS Controls.
•Assist and advise, other university departments throughout our organization to identify, address, and resolve complex security-related issues.
2022 : Present
East Carolina University
Manager - Cybersecurity Operations Center
• Subject matter expert for Cybersecurity Operations Center (CSOC) utilizing investigative tools such as Rapid7, Splunk Enterprise, Spirion Identity Finder, Encase Forensics, Cisco Endpoints, Cisco Source Firepower, Microsoft Cloud App Security, Infoblox, and Cisco Stealth Watch
• Supervised Cybersecurity Operations Center Interns, overseeing scheduling, and training on technical tasks utilizing cybersecurity applications, and developed and conducted intern evaluations centered on performance and usage of cybersecurity tools.
• Team leader in overseeing the organization’s sensitive data in compliance with the state’s NC Identity Theft and Protection Act ensuring the safe storage of compliance and regulated data
• Conduct Security Incident Response investigations, provide documentation of the incident and conduct Lessons Learned
• Chair of our organization’s Vulnerability Management Committee
• Oversee comprehensive vulnerability management systems across all on-premises assets utilizing Rapid7 InsightVM
• Monitor network and application performance to identify adverse anomalies and irregular activity
• Deploy endpoint detection and prevention tools to thwart malicious hacks
• Escalation point for CSOC support staff, providing high-level troubleshooting and assistance with problematic issues.
2018 : 2022
East Carolina University
IT Cybersecurity Specialist
• Performed technical security assessments of applications utilized throughout the organization, determining the leverage of security in protecting university data.
• Supported the Clinical Information Steering Committee. as a liaison for the Security Operations team by providing analytical documentation of an application's usage and storage of HIPAA data.
• Led support staff overseeing the organization’s sensitive data in compliance with the state’s NC Identity Theft and Protection Act ensuring the safe storage of compliance and regulated data
• Created, modified, and removed user accounts for the University’s administrative and enterprise systems initiated by online change requests and a systematic review process.
• ITCS Staff Council : Recording Secretary
2014 : 2018
East Carolina University
Information Technology Security Analyst
• Oversaw compliance documentation such as HIPPA, SOX, PCI, & others and translate documents into technical requirements that Enterprise Application staff must meet and follow.
• Guided Enterprise Application and Desktop Support staff regarding privacy issues and requirements as well as assist in resolving privacy issues.
• Coordinated all security initiatives and efforts with Enterprise Application and Desktop Support staff as well as coordinate with security liaisons in Enterprise Systems and Networking.
• Utilized tools used to test application security such as Sniffers, Web Vulnerability scanners, Network scanners, and Penetration Toolkits.
• Utilized tools to identify and target known risk threats on campus workstations.
• Oversaw and recommend desktop security strategies for members of the Enterprise Application staff to prevent severe and potentially catastrophic penetration into the enterprise environment.
2007 : 2014
East Carolina University
Technical Security Officer
• Developed, coordinated, and provisioned the annual HIPAA Security Rule training program for all identified University HIPAA system administrators and other personnel who had indirect contact with electronic PHI
• Performed security assessments and gap analysis for the purpose of measuring and documenting compliance with federal and state regulations.
• Monitored and documented the progress of compliance plans.
• Provided information and guidance to IT support staff and other responsible parties for securing systems.
• Served as a backup person to the MVS/RACK account administrator.
• Modified data access rights for existing user accounts.
• Oversaw User Awareness and Education activities in IT Security.
2004 : 2007
East Carolina University
Information Technology Security Analyst
•Manage our team of Cybersecurity professionals and Student Interns providing direction, and guidance, while assisting in formulating and structuring our team members' goals and tasks.
•Functions as a subject matter expert for complex cybersecurity-related issues connected to threat intelligence, cyber incident response, and vulnerability management, while mentoring additional personnel
•Oversees monitoring, detection, and analysis of security events utilizing Splunk Security Information and Event Management (SIEM) solution, including chairing the SIEM Steering Committee
•Subject matter expert for Cybersecurity Operations Center (CSOC) utilizing investigative tools such as Rapid7, Splunk Enterprise (SIEM), Spirion Identity Finder, Encase Forensics, Cisco Endpoints, Cisco Source Firepower, Microsoft Cloud App Security, Infoblox, and Cisco Stealth Watch
•Oversees investigations pertaining to security incidents, provides technical expertise for identifying affected systems and the scope of potential compromise, ensures quality control for security incident report documentation, including remediation and recovery efforts.
•Oversees vulnerability management processes for servers and network devices and collaborates with various IT groups providing technical oversight of campus-wide vulnerability management goals.
•Maintains the knowledge of various security tools associated with threat intelligence, incident response management, vulnerability management, sensitive data scanning and verification, and forensic analysis.
•Maintains a broad knowledge of industry standards and best practice security frameworks including ISO 27002, NIST, and CIS Controls.
•Assist and advise, other university departments throughout our organization to identify, address, and resolve complex security-related issues.
2022 : Present
East Carolina University
Manager - Cybersecurity Operations Center
• Subject matter expert for Cybersecurity Operations Center (CSOC) utilizing investigative tools such as Rapid7, Splunk Enterprise, Spirion Identity Finder, Encase Forensics, Cisco Endpoints, Cisco Source Firepower, Microsoft Cloud App Security, Infoblox, and Cisco Stealth Watch
• Supervised Cybersecurity Operations Center Interns, overseeing scheduling, and training on technical tasks utilizing cybersecurity applications, and developed and conducted intern evaluations centered on performance and usage of cybersecurity tools.
• Team leader in overseeing the organization’s sensitive data in compliance with the state’s NC Identity Theft and Protection Act ensuring the safe storage of compliance and regulated data
• Conduct Security Incident Response investigations, provide documentation of the incident and conduct Lessons Learned
• Chair of our organization’s Vulnerability Management Committee
• Oversee comprehensive vulnerability management systems across all on-premises assets utilizing Rapid7 InsightVM
• Monitor network and application performance to identify adverse anomalies and irregular activity
• Deploy endpoint detection and prevention tools to thwart malicious hacks
• Escalation point for CSOC support staff, providing high-level troubleshooting and assistance with problematic issues.
2018 : 2022
East Carolina University
IT Cybersecurity Specialist
• Performed technical security assessments of applications utilized throughout the organization, determining the leverage of security in protecting university data.
• Supported the Clinical Information Steering Committee. as a liaison for the Security Operations team by providing analytical documentation of an application's usage and storage of HIPAA data.
• Led support staff overseeing the organization’s sensitive data in compliance with the state’s NC Identity Theft and Protection Act ensuring the safe storage of compliance and regulated data
• Created, modified, and removed user accounts for the University’s administrative and enterprise systems initiated by online change requests and a systematic review process.
• ITCS Staff Council : Recording Secretary
2014 : 2018
East Carolina University
Information Technology Security Analyst
• Oversaw compliance documentation such as HIPPA, SOX, PCI, & others and translate documents into technical requirements that Enterprise Application staff must meet and follow.
• Guided Enterprise Application and Desktop Support staff regarding privacy issues and requirements as well as assist in resolving privacy issues.
• Coordinated all security initiatives and efforts with Enterprise Application and Desktop Support staff as well as coordinate with security liaisons in Enterprise Systems and Networking.
• Utilized tools used to test application security such as Sniffers, Web Vulnerability scanners, Network scanners, and Penetration Toolkits.
• Utilized tools to identify and target known risk threats on campus workstations.
• Oversaw and recommend desktop security strategies for members of the Enterprise Application staff to prevent severe and potentially catastrophic penetration into the enterprise environment.
2007 : 2014
East Carolina University
Technical Security Officer
• Developed, coordinated, and provisioned the annual HIPAA Security Rule training program for all identified University HIPAA system administrators and other personnel who had indirect contact with electronic PHI
• Performed security assessments and gap analysis for the purpose of measuring and documenting compliance with federal and state regulations.
• Monitored and documented the progress of compliance plans.
• Provided information and guidance to IT support staff and other responsible parties for securing systems.
• Served as a backup person to the MVS/RACK account administrator.
• Modified data access rights for existing user accounts.
• Oversaw User Awareness and Education activities in IT Security.
2004 : 2007
East Carolina University
Information Technology Security Analyst
Company:
East Carolina University
Years of Experience:
26
Spoken Language:
Spanish
Skills
Account Management, Committee Management, Committees, Computer Forensics, Contract Negotiation, Customer Service, Cybersecurity, Cybersecurity Incident Response, Data Security, Employee Training, Entrepreneurship, Event Planning, First Time Home Buyers, Foreclosures, Higher Education, Information Security, Information Security Awareness, Information Technology, Leadership, Leadership Development, Listings, Management, Marketing, Microsoft Office, Project Management, Public Speaking, Purchasing, Real Estate, Real Estate Transactions, REO, Residential Homes, Risk Assessment, Sales, Security, Selling, Short Sales, Social Networking, Strategic Planning, Teaching, Team Leadership, Technology Assessment, Threat & Vulnerability Management, Time Management, Training, U.S. Health Insurance Portability and Accountability Act (HIPAA), Vulnerability Management, Windows Server
About
My passion is Information Technology and I have over 20 + years of experience in various Information Technology roles.
I figured out as kid that I wanted to somehow be involved in the technology. Since then, I’ve emerged myself in anything involving technology including technical support, to finding my passion in technology – cybersecurity.
I’m a cybersecurity specialist specializing in threat defense, vulnerability management, threat management and protecting sensitive data.
Reach me at mcneilslmc@gmail.com. Feel free to message me — I’d love to chat.
EXPERIENCE
Cybersecurity Operations
Systems Administration of Windows Server in Enterprise environment
Sensitive Data Management and Protection
Vulnerability Management
Project Management
Profile Photo
