Theron Stratford

Information Security Engineer @ Wells Fargo | Security Officer, Qualys, Web Scanning

Columbia, SC, United States

Details

Experience: Service Manager, Network Security Engineer

Managed VCenter servers, adding and removing workstations and servers; managed RSA group rights for lab access and token import from production; monitored weekly vulnerability on Lab workstations and servers with Edge updates.

• As Project Manager, completed lab re-design for Proof of Concept (Avg. 3 per Month) and Streamlined process that reduced POC spin-up time from 60 days to 2 weeks.

• As Firewall Administrator, design rules for new POCs and routinely review for security vulnerabilities.

• Documentation – Complete the project process with Diagrams and contact information, and keep the documentation current.

• Designed the department's ServiceNow ticketing process and Jira dashboards

Applications : Palo Alto Panorama | ServiceNow | Qualys | Agile | and Jira | MS Teams | SharePoint | Visio

2017 : Present

Wells Fargo

Information Security Engineer

IT Director, Security Officer (Contract)

Designed IT-related activities and provided administrative direction and support for daily operations.

• Created a disaster recovery plan with the hot site for the data center and responded to all HIPAA audits.

• Served as Citrix VM admin, Physical to Virtual, over 15 MS servers; managed Cisco Web / Email Firewall.

• Conducted information security training, education, and awareness programs.

• Reduced monthly data charges by 65% with Cellular backup to all 19 Medical sites.

2016 : 2017

Eau Claire Cooperative Health Center

IT Director

AgFirst 01/2013 - 02/2016

Sr. Security Admin

Administered Qualys Vulnerability Management, Web Application Scanning, and Policy Compliance for scanning and ticketing banks network devices (Over 10K). Moderated security lifecycle regarding MS server patch management and SQL server database access. Responded to auditors’ requests with security reports.

• Focused remediation of SANS top 20 vulnerabilities NIST standards for priority patching and prevention.

• Managed NMAP and Metasploit to run security scans on possible non-patch-related vulnerabilities.

• Managed Vanguard's GFI from the SCCM patch process and third-party patching and managed Log Rhythm for SOX reporting.

• Designed and managed several Splunk dashboards for Banks internal audit concerns.

2013 : 2016

AgFirst Farm Credit Bank

Sr Security Administrator

Responsible for the management and maintenance of over 3,200 PCs, 287 Microsoft servers 2008-10 (with 285 in VM cluster) connected to our 62TB Compellant SAN storage, 97 HP POE switches, 49 HP Routers, 47 SonicWALL TZ210/240 firewalls, Cisco core switch, two (2) Cisco Firewalls, SonicWALL Spam appliance, Bluecoat web filter, and Breach/trust wave Web firewall. Performed project planning, met with customers to gather specific needs and hardware requirements to configure hardware/software solutions, and negotiated with multiple vendors to deploy a solution.

Wrote over fifteen (15) security NIST Security Framework 800-53 compliant grants, bringing in over Two Million ($2,000,000) Dollars for infrastructure and firewall upgrades to the agency within two (2) years. Created the Office of Information Security (OIS), where we practiced the security lifecycle process for every new agency process introduced into the network. Added security appliances to the web for IDS and IPS for PII protection and created all agency security policies and procedures regarding security following FISMA, NIST 800-53 (17 security policies in all). As a team leader, we uniquely brought together opposing personalities to complete significant projects on time and under budget. Upgraded agency firewall and core switch several times (HP, Cisco, Nexus).

1998 : 2012

SCDEW

IT Director / Security Mgr.

Company: Wells Fargo

About

As an Information Security Engineer at Wells Fargo, I have over six years of experience managing, designing, and implementing security solutions for various network devices and applications. I am also a PMP candidate, aiming to obtain the certification by November 2023.

My core competencies include vulnerability management, policy compliance, firewall administration, project management, and documentation. I have completed multiple proof-of-concept projects, reducing the spin-up time from 60 days to two weeks. I have also focused on remediating SANS top 20 vulnerabilities and NIST standards, using tools such as Qualys, NMAP, and Metasploit. Additionally, I have created a disaster recovery plan, conducted information security training, and responded to HIPAA audits.

My mission is to streamline security processes and projects, ensuring the protection and integrity of data and systems. I enjoy security vulnerability reporting and Visio network diagrams, and I have strong interpersonal skills to work with vendors and co-workers. I am always eager to learn new technologies and best practices, and I am passionate about delivering high-quality results.