David Ignash - CISSP, CEH
Details
Computer Programming/Programmer, General
Baker College
2000 : 2005
Key achievements :
- Lead the organization to securely and efficiently use cloud resources/collaboration (during a pandemic)
- Worked in a SOC environment to set up & monitor alerts. Provided documentation and training to security administrators and analysts on what alerts to keep track of.
- Implemented Mobile Device Management (MDM) solutions; both on mobile as well as PC/Mac.
- Worked with vendors and leadership members to guide them through project requirements, flow, budget, purpose, and other aspects to attain approval for implementing projects and provide understanding of business value.
- Administered an application white-list program, set up an approval process, and monitored all files in the organization down to granular level.
- Designed security requirements, and administered email protection to ensure the security of emails for the organization.
- Implemented EDR (Endpoint Detection and Response) throughout the organization to detect malware, zero-day exploits, reduce attack surface, etc.
- Implemented behavioral monitoring and heuristics through machine learning/AI within the organization and endpoint.
- Administered the SIEM product to ensure all logs within the organization are properly sent, stored, and retrieved.
- Monitored the brand / organization for other various threats such as look-alike domains, leaked credentials, etc.
- Primary point of contact to help the organization meet multiple regulatory compliances such as HiTrust, SOC2, etc.
- See skills area for additional knowledge such as Salesforce, Power BI, Microsoft Azure & Amazon Web Services (AWS), etc.
2020 : Present
Delta Dental of Michigan
Senior Information Security Engineer
As a contracted Security Engineer my responsibility was to implement, upgrade, and support security initiatives as directed by the client.
2019 : 2020
TEKsystems
Security Engineer
As a security administrator of information technology I am responsible for managing all IT-related security and safety issues within the company. This includes developing systems and policies, as well as overseeing the implementation of procedures to secure both company and customer data. Some highlights of my day-to-day operations are :
- Integrates Email Security to help with DLP strategy, malware protection, phishing, and other threats that email poses.
- Performs Security/Vulnerability/Web Application Assessments on projects via Burp Suite, and Manual Review using SWAT & OWASP guidelines.
- Implements application white-listing to ensure only approved applications/companies can run, while blocking everything else.
- Brought security training to the organization through required training videos, personally training members of the organization, lunch & learns, and documentation.
- Manages all aspects of the firewall including updates, rule optimization, geo-protection, intrusion detection, and all features the firewall offers.
- Creates policies and procedures for Incident Handling, BCP, as well as all aspects of IT Security following NIST & FFIEC guidelines.
- Successfully migrated the organization to be almost entirely cloud based through Office 365, OneDrive, SharePoint, Teams, and other Microsoft cloud applications.
- Collaborates with auditors to create/gather evidence of NIST security controls for governing bodies & SOC audits.
- Leads the Disaster Recovery/Business Continuity Planning committee, along with coordinating the updates to the Disaster Recovery Plan as necessary, and performing Disaster Recovery tests.
- Creates and distributes reports to business members and the board so they are kept up to date on the state of the organization's security.
- Monitors and investigates logs and alerts from all systems in the organization through devices such as SIEM, Azure, Netwrix, and Firewall.
2016 : 2019
GreenStone Farm Credit Services
Security Administrator
Provide analysis to improve or create business processes which lead to an increase in productivity, accessibility, and communication throughout the organization.
After analysis either develop, or work with developers to create the solution.
Finally, work with appropriate parties to implement the solution into production
2012 : 2016
GreenStone Farm Credit Services
Application Systems Analyst
- Utilize a variety of networking tools to install, configure, troubleshoot, and support systems, applications and servers.
- Implement new projects tasked by upper management, users, and self assigned.
- Identify and resolve networking discrepancies to the complete satisfaction of all users.
- Purchase new equipment, and build relationships with vendors to provide optimal pricing for the company.
- Train users, and management on application configuration, features, and specifications.
- Ensure PCI-DSS (credit card standards) compliance at all points in the company.
Key Achievements :
* Introduced and implemented VMWare virtualization to servers that resulted in increased speed and immediate savings of tens of thousands of dollars.
* Conceptualized, implemented, and maintained an Avaya IP Telephony phone system that revamped productivity.
* Installed a new backup system for the entire company which increased reliability, saved hours of downtime, and increased efficiency.
* Set up a license/asset management system which saved thousands of dollars, hundreds of hours, and provided instant reports.
* Successfully migrated main file server from physical 2003 to virtual 2008 single-handed.
2006 : 2012
Goodrich Quality Theaters, Inc.
Systems Analyst
Skills
Active Directory, Amazon Web Services (AWS), BPMN, Business Analysis, Checkpoint Security, Cloud Applications, Computer Security, Group Policy, Incident Investigation, Incident Response, Information Security, Intrusion Detection, ITIL Certified, Kali Linux, Microsoft Azure, Microsoft OneDrive, Microsoft Power BI, Microsoft SQL Server, Microsoft Teams, Mimecast, Network Monitoring Tools, Network Security, NIST, Office 365, Penetration Testing, Powershell, Process Improvement, Proofpoint, Risk Analysis, Risk Assessment, Risk Management, Salesforce, Security Engineering, Security Information and Event Management (SIEM), Server Administration, SharePoint Administration, Software Documentation, System Administration, Visio, VMware, Vulnerability Assessment
About
- Certified Information Systems Security Professional (CISSP) through ISC2. Industry leading certification which proves the knowledge and experience it takes to protect organizations.
- Certified Ethical Hacker / Certified Network Defense Architect. Able to perform penetration tests/vulnerability assessments against private sector & government entities to mitigate security risks.
- Technically-savvy Senior Information Security Engineer with a proven track record of effective organizational security and defense.
- Experienced with cloud technologies including Microsoft Azure; hands-on experience moving multiple companies to a cloud infrastructure, maintaining them, and securing all aspects of the cloud.
- Fluent in helping organizations meet/maintain/exceed all compliance needs with hands-on experience with SOC2, HiTrust, HIPAA, PCI-DSS, etc. This is accomplished through detailed document creation, leading initiatives to meet compliance, collaborating with the organization's leadership, and working closely with auditors.
- Bachelor's degree in Computer Information Systems
- Champions initiatives to ensure they are implemented on time, on budget, and up to current best practice security standards.
- Self-motivated and proactive leader with superb technical acumen and exemplary communication skills.
- Formal training in Business Analysis, Business Process Modeling and Notation (BPMN), System Development Life Cycle (SDLC), and documentation techniques.
- Able to quickly grasp and apply new ideas, methods and technologies.
- Excels at collaborating with executive staff, clients, developers, vendors, and technical support staff.
Additional skills include: Risk Assessment, Risk Mitigation, Security Administration, Security Engineering, Network Monitoring, Incident Investigation and Response, Intrusion Detection, Forensics, Power BI, Amazon Web Services (AWS), and Salesforce security.
Profile Photo
