INFORMATION SECURITY
Home
-Overview-
Contacts
INFORMATION SECURITY RESUME
OVERVIEW --- JOE CRUMP I am a proven solution architect, customer advocate, ArcSight SIEM engineer, and compassionate consultant. Specializing in ArcSight Solution Architecture, Deployment, Management, Maintenance, and Use Case Development. As a consultant, I have benefited from multiple perspectives within Security Operations Centers of dozens of enterprise level corporations in a wide range of sizes and levels of maturity. From my introduction to the world of InfoSec as an intrusion and event analyst thrust into an emergency SOC rebuild at a top tier Interactive Entertainment corporation, to an engineer overseeing the architectural restructuring of a mature solution in need of expansion at a nationwide energy sector conglomerate, I have been fortunate to serve one satisfied client after another. EXPERIENCE PRINCIPAL | BIG FISH SMALL WORLD LTD | MARCH 2017 - CURRENT Solution Architect/ArcSight SIEM Engineer/Consultant Leveraging my culmination of knowledge and experience, I am currently venturing to provide consultant and engineering services available via fractional contracts with various entities. Having, in the past year, provided consult and service to the following: · Multi National Petroleum and Mineral Resources Company - Consulted for the benefit of an overhaul of existing physical infrastructure. - Developed and deployed business critical use cases in concert with various teams onsite. - Provided advanced system analysis and upgrade migration for multiple components of the customer’s SIEM and log management solutions. · International Consulting Firm - Supported large scale initiatives to expand, rearchitect, and upgrade existing ArcSight SIEM and log management solutions for multiple customers - Developed Use Cases to support business and security requirements for various end customers · Nationwide Energy Company - Provided consult and educational input for incoming SOC team - Developed and documented workflow process and procedure for the SOC team - Developed Dashboards and Reporting content to support new and existing Use Cases and trained SOC analysts how to best leverage these and other available tools within the ArcSight Suite - Developed and deployed rule logic in ESM to counter emerging threats · Nationwide Telecommunication Company - Consulted and assisted on the architecture and planning of a large merging of systems as it relates to dataflow for log management and Security Monitoring leveraging the ArcSight Suite of products · Financial Securities Service - Architected and deployed ArcSight SIEM and Log Management solution for a bi-coastal firm with stringent HA/DR requirements - Developed Use Cases and related ESM rules and associated content for application security, PCI DSS control governance, and other business and security requirements · Air Cargo Conglomerate - Provided architectural review and health-check for and existing ArcSight SIEM and log management solution - Determined best course forward for a needed expansion and upgrade of all components - Engineered and implemented restructuring of existing infrastructure to ready the customer for a seamless expansion with attention to future scalability PRINCIPAL CONSULTANT | ALCHEMY SECURITY | MARCH 2013 – MARCH 2017 Consultant/Solution Architect/ArcSight SIEM Engineer for: · Nationwide Rail Transportation Company - Provided an in-depth Health Check and solution review - Performed emergency repairs on badly malfunctioning systems and databases within the ArcSight SIEM and Log Management solution · Federal Judicial System - Provided on site architectural review and consult for an ArcSight Log Management solution - Successfully deployed the solution within parameters of multiple compliance-based constraints - Developed Alerts, Reports, and Dashboards for new and existing use cases · International Telecommunications Firm (ISO compliant architecture and deployment) - Architected and deployed an ArcSight SIEM solution for business and security requirements - Architected and deployed a multi-tenancy and modular event data gathering and delivery mechanism for distribution among the customer’s hosted clients’ unique environments - Performed Use Case development and created related content for the organization and their customers based on the variety of available feed sources · Regional Banking Conglomerate - Architected and deployed Log Management solution to support an existing ArcSight SIEM solution - Created alerts, reports and dashboards on the ArcSight SIEM and log management solutions to support many existing use cases (PCI DSS standards, control governance and risk management) - Administered solution long term and performed as customer liaison in a MSSP setting · Nationwide Energy Company - Provided consult and support for a migration from an older SIEM on a Windows platform to an upgraded version on Linux - Performed architecture review for data collection and log management solution - Developed Alerts, Reports, and Dashboards for new and existing use cases · European Government Agencies - Provided Architecture, consult and support for a migration from an older SIEM on a Windows platform to multiple upgraded versions with HA/DR requirements on Linux - Provided architectural review and consult for an expansion and upgraded ArcSight Log Management solution built in a large redundant array of virtual machines set atop a redundant stacked multithreaded DB · Alchemy Security - Cyber Security Defense Center - Served as Principal Consultant for ArcSight customers and supported internal SOC operations CONSULTANT | ALCHEMY SECURITY | MARCH 2012 – MARCH 2013 Intrusion and Event Analyst/Consultant/ArcSight SIEM Engineer for: · Multiple Statewide Agencies (multiple states) Finance, Banking, Education, Governmental, Judicial - Architected and deployed ArcSight SIEM and/or log management solutions for business and security requirements based on individual organizational requirements - Developed and deployed compliance-based content (PCI, HIPAA, SOX, etc.) as needed · International Aerospace Flight Systems Developer within multi-faceted conglomerate - Architected and deployed ArcSight SIEM and log management solution in accordance with a unique set of internal needs including system hardening and air gapped network requirements · Multiple Regional Savings and Loan Corporations - Architected and deployed ArcSight SIEM and/or log management solutions for business and security requirements based on individual organizational requirements - Developed and deployed PCI compliance related content as well as identity and access management, encryption assurance, and key management use cases · Publishing House - Architected and deployed an ArcSight Log Management solution - Developed Alerts, Reports, and Dashboards for new and existing use cases · Alchemy Security - Cyber Security Defense Center - Served as Consultant for ArcSight customers and supported internal SOC operations DEVELOPER | BIG FISH SMALL WORLD PRODUCTIONS | MARCH 2008 – MARCH 2012 Web Developer/Consultant/Multi-Media developer for: · Venture Lending Company - Developed a website template to be distributed to recipients of venture capital to create a uniform interface for public facing assets - Developed back-end access for customers to communicate with the parent company as well as update their own websites · Multiple smaller clients - Provide web-development for a wide variety of clients with many unique requirements - Prepare multi-media assets for placement on new or existing websites · Large Power Conglomerate - Produce training assets for a wide array of jobsite requirements (underground, medium and high voltage power stations, line-work, etc.) - Produce Installation and Operational training assets (video and interactive) for UPS systems and fire suppression systems for data centers · International Shipping Company - Produced Training assets for maintenance procedures for their fleet of trucks · International Sports Clothing Brand - Produced interactive assets for inter-company use covering a wide variety of subject matter Objectives To bring to bear my talents for the benefit of my team and our common goals. To continue to broaden my understanding of the space in and surrounding cyber security. Skills & Abilities LEADERSHIP · I find a commonality with team members, whether under my direction or lateral colleagues, and learn from their unique perspectives and experiences, in order to formulate a path to achieve our common goals. · The most important trait of a good leader is their understanding of what it means to be in the trenches. I have been in many firestorms under the direction of leaders both successful and unsuccessful. I have learned much from the combined experiences. · Being the face and/or voice of many projects, and the boots on the ground for many more, customer satisfaction has always been my aim. The results of this personal directive have been the repeated conversion of customer to denizen. COMMUNICATION · Having delivered to many individuals and organizations in dozens of settings worldwide, I have honed my ability to persuade and please even the most challenging of customers. · Listening to, and observing the non-verbal cues of the client, are key to understanding how best to deliver consult or services. · Knowledge sharing is a process I find most gratifying. To be able to help team-members, clients, or customers more fully understand their options, more clearly perceive their positions, and ultimately become more successful is a paramount metric with which I gauge my success. Education ASSOCIATE OF APPLIED SCIENCE DEGREE | 2009 | CSCC (COLUMBUS, OHIO) · Major: Applied Science - Interactive Multi-Media · Related coursework: System Analysis, Application Development, System and Network Security, Database Administration, Web Development, Action Script, PHP, HTML, CSS, Linux administration, Windows administration, etc. · Graduated with honors - Magna Cum Laude