Profiles search
Doug Wilson
Information Security Engineer at Ortho Clinical Diagnostics
Highland Lakes, NJ, United States
Details
Education:
Computer Network Defense Course
Computer Network Defense Course
U.S. Army Reserve Readiness Training Center
2005 : 2005
Diploma in Network Security
Network Security
Chubb Institute
2004 : 2005
Information Assurance Security Officer Certification Course
U.S.Army Signal Corps
2004 : 2004
Systems Administrator/Network Manager Security Course
US Army Signal Corps
2000 : 2000
Diploma in Network Engineering and Data Communication
Network Engineering and Data Communication
Chubb Institute
1998 : 1999
Computer Network Defense Course
U.S. Army Reserve Readiness Training Center
2005 : 2005
Diploma in Network Security
Network Security
Chubb Institute
2004 : 2005
Information Assurance Security Officer Certification Course
U.S.Army Signal Corps
2004 : 2004
Systems Administrator/Network Manager Security Course
US Army Signal Corps
2000 : 2000
Diploma in Network Engineering and Data Communication
Network Engineering and Data Communication
Chubb Institute
1998 : 1999
Experience:
2018 : Present
Ortho Clinical Diagnostics
Information Security Engineer
I was hired by PVH as the Senior Security Analyst on their Information Security team. The team provided day to day security operations for over 10,000 hosts in locations around the globe as well as three data centers and ecommerce environment. Tasks included threat hunting, PCI compliance monitoring, and incidence response, vulnerability monitoring, establishing and documenting security controls as well as mentoring other Security Analysts on the team.
• Primary duty was threat hunting using Firepower IPS, Checkpoint FW, Websense proxy, Akamai WAF, Alert logic, Cisco Ironport, Cisco Umbrella, Trustar intel, Threatconnect, Forcepoint, and Splunk .
• Wrote the policy and process for daily console checks of the various security infrastructure components.
• Evaluated vulnerabilities in the Corporate and Retail environment using Rapid 7 Nexpose
• Monitored firewall and PCI server logs for PCI compliance.
• Evaluated and monitored entire security infrastructure for effectiveness and health. Identified several gaps in the infrastructure and proposed remediation.
• Provided first responder incident response to all alerts and indications of compromise generated by the security infrastructure..
• Mentored and trained lower level Security Analysts in threat hunting, console checks and incident response.
2016 : 2018
PVH Corp
Information Security Anaylist
Recruited by Rymax to secure their IT infrastructure consisting of 300 end points, 25 servers and 70 locally hosted web sites as well as comply with PCI standards. Tasks included architecture of the IT security infrastructure, hardening system configuration, writing policy, investigating indications of compromise, vulnerability assessment and remediation, create PCI reporting processes, research and evaluate various security technologies. My tasks and responsibilities are as follows;
• Hardened all system configurations to CIS benchmarks and best practice standards using global and local policy settings and configuration.
• Wrote the policy and process to identify and evaluate vulnerabilities in the environment and remediate as required. The results addressed the existing vulnerability gap from 2 years to within 1 week of vulnerability identification. Critical patches were addressed in 3 days.
• Evaluated vulnerabilities in the existing Web environment and addressed ongoing SQLi attacks. SQLi attacks were being conducted on a daily basis and were returning successful http 200 responses. Using IIS request filtering and Netsparker the successful return rate was reduced by 95%.
• Evaluated weekly third party PCI scans of web environment and remediate as required.
• Deployed, configured and maintained Cisco Firepower NGF. Using Firepower as our frontline defense I investigated all alarms generated by the NGF and determined the status of the threat.
• Evaluated several SIEM products and purchased AlienVault USM as the environments primary security monitoring technology. I deployed, configured and maintained USM as well as investigated the alarms generated.
• Monitored and evaluated third party alarms generated in the DMZ. Alert Logic was used in the DMZ to alert to any malicious traffic entering the DMZ. The alarms generated were investigated on a daily basis and compared to the traffic seen in Firepower..
2016 : 2016
Rymax Marketing Services, Inc.
Information Security Engineer
I worked as a Security Engineer in a team environment for a Security Operation Center. The SOC provides security monitoring in support of PCI and SOX compliance for their clients 24 x 7 x 365 days. The role and responsibilities of Security Engineer included the following;
• Work in 24 x 7 x 365 SOC environment
• Investigate alerts for action
• Assist customers in managing their PCI environment
• Monitor systems for proper functionality
• Provide root cause analysis of security events and report
• Provide assistance in incident response
• Author monthly reports and analysis of past events
• Configure firewall, IDS and IPS settings
• Review and improve internal processes and procedures
• Conduct training for new team members
• Author new system monitoring reviews and alert processing
• Review and improve data management
• Provide daily vulnerability alerts for various customers
• Provide guidance in hardening systems
• Scan for vulnerabilities and guidance for remediation
Systems used in the conduct of the above duties include the following;
• Sourcefire
• Cisco IPS
• Qradar
• TrustWave Web Defend
• Carbon Black
• Tibco LogLogic
• Ossec
• Splunk
• ELK
• FireEye
• Panorama, Palo Alto firewall
• McAfee Network Security Platform
• Fortagate, fortamanager, fortalizer
• McAfee Network Security Manager
• MalwareBytes
• NNT log tracker
• Trend Micro Third Brigade
• Change tracker
• Nessus scanner
• Cisco Secure ACS
• TrapX honeypot
• Vulnerability testing
• Checkpoint Smartevent
• Idera SQL compliance manager
2014 : 2016
Secure Technology Integration Group
Security Engineer
Information Technology Manager 1999 / 2013
Subsystems Technology Incorporated Rosslyn, VA
Contractor to U.S. Army, OPM-CAS Picatinny Arsenal, NJ
Directly responsible for procurement, management, and security of all information technology systems used within the Office of Project Management-Combat Arms Support, Mortar Division. Responsibilities included the following;
• Manage W2008, Vista, Win 7, W2K LAN consisting of 4 servers and 100 workstations.
• Designated as the Information Assurance Security Officer for OPM-CAS.
• Track, implement and report to higher HQ published security patches
• Monitor and configure network security parameters
• Design and implement network policies and procedures.
• Perform maintenance and repair on all servers, workstations and printers.
• Train and support all end users in the desktop environment including security.
• Design and implement disaster recovery procedures.
• Research and document entire client / server environment.
• Responsible for all information technology budget, software and equipment specifications.
• Active member of the PM-CAS Information Technologies Integrated Products Team.
• Active member of the PM-CAS Knowledge Management Integrated Products Team.
Additional duties include acting assistant to the Information Assurance Manager and Chief Information Officer, office of Program Executive Manager-Ammunition (reporting senior organization for OPM-CAS). Duties include the following;
• Directly responsible for the specification, purchase, architecture, training, and implementation of Patchlink enterprise-level patch management software for 5000 nodes.
• Awarded a Letter of Commendation from Brigadier General Izzo for my work with PEO Ammo in identifying and implementing Patchlink software as Picatinny Arsenal’s patch management solution.
1999 : 2013
U.S.Army
Information Technology Manager
Ortho Clinical Diagnostics
Information Security Engineer
I was hired by PVH as the Senior Security Analyst on their Information Security team. The team provided day to day security operations for over 10,000 hosts in locations around the globe as well as three data centers and ecommerce environment. Tasks included threat hunting, PCI compliance monitoring, and incidence response, vulnerability monitoring, establishing and documenting security controls as well as mentoring other Security Analysts on the team.
• Primary duty was threat hunting using Firepower IPS, Checkpoint FW, Websense proxy, Akamai WAF, Alert logic, Cisco Ironport, Cisco Umbrella, Trustar intel, Threatconnect, Forcepoint, and Splunk .
• Wrote the policy and process for daily console checks of the various security infrastructure components.
• Evaluated vulnerabilities in the Corporate and Retail environment using Rapid 7 Nexpose
• Monitored firewall and PCI server logs for PCI compliance.
• Evaluated and monitored entire security infrastructure for effectiveness and health. Identified several gaps in the infrastructure and proposed remediation.
• Provided first responder incident response to all alerts and indications of compromise generated by the security infrastructure..
• Mentored and trained lower level Security Analysts in threat hunting, console checks and incident response.
2016 : 2018
PVH Corp
Information Security Anaylist
Recruited by Rymax to secure their IT infrastructure consisting of 300 end points, 25 servers and 70 locally hosted web sites as well as comply with PCI standards. Tasks included architecture of the IT security infrastructure, hardening system configuration, writing policy, investigating indications of compromise, vulnerability assessment and remediation, create PCI reporting processes, research and evaluate various security technologies. My tasks and responsibilities are as follows;
• Hardened all system configurations to CIS benchmarks and best practice standards using global and local policy settings and configuration.
• Wrote the policy and process to identify and evaluate vulnerabilities in the environment and remediate as required. The results addressed the existing vulnerability gap from 2 years to within 1 week of vulnerability identification. Critical patches were addressed in 3 days.
• Evaluated vulnerabilities in the existing Web environment and addressed ongoing SQLi attacks. SQLi attacks were being conducted on a daily basis and were returning successful http 200 responses. Using IIS request filtering and Netsparker the successful return rate was reduced by 95%.
• Evaluated weekly third party PCI scans of web environment and remediate as required.
• Deployed, configured and maintained Cisco Firepower NGF. Using Firepower as our frontline defense I investigated all alarms generated by the NGF and determined the status of the threat.
• Evaluated several SIEM products and purchased AlienVault USM as the environments primary security monitoring technology. I deployed, configured and maintained USM as well as investigated the alarms generated.
• Monitored and evaluated third party alarms generated in the DMZ. Alert Logic was used in the DMZ to alert to any malicious traffic entering the DMZ. The alarms generated were investigated on a daily basis and compared to the traffic seen in Firepower..
2016 : 2016
Rymax Marketing Services, Inc.
Information Security Engineer
I worked as a Security Engineer in a team environment for a Security Operation Center. The SOC provides security monitoring in support of PCI and SOX compliance for their clients 24 x 7 x 365 days. The role and responsibilities of Security Engineer included the following;
• Work in 24 x 7 x 365 SOC environment
• Investigate alerts for action
• Assist customers in managing their PCI environment
• Monitor systems for proper functionality
• Provide root cause analysis of security events and report
• Provide assistance in incident response
• Author monthly reports and analysis of past events
• Configure firewall, IDS and IPS settings
• Review and improve internal processes and procedures
• Conduct training for new team members
• Author new system monitoring reviews and alert processing
• Review and improve data management
• Provide daily vulnerability alerts for various customers
• Provide guidance in hardening systems
• Scan for vulnerabilities and guidance for remediation
Systems used in the conduct of the above duties include the following;
• Sourcefire
• Cisco IPS
• Qradar
• TrustWave Web Defend
• Carbon Black
• Tibco LogLogic
• Ossec
• Splunk
• ELK
• FireEye
• Panorama, Palo Alto firewall
• McAfee Network Security Platform
• Fortagate, fortamanager, fortalizer
• McAfee Network Security Manager
• MalwareBytes
• NNT log tracker
• Trend Micro Third Brigade
• Change tracker
• Nessus scanner
• Cisco Secure ACS
• TrapX honeypot
• Vulnerability testing
• Checkpoint Smartevent
• Idera SQL compliance manager
2014 : 2016
Secure Technology Integration Group
Security Engineer
Information Technology Manager 1999 / 2013
Subsystems Technology Incorporated Rosslyn, VA
Contractor to U.S. Army, OPM-CAS Picatinny Arsenal, NJ
Directly responsible for procurement, management, and security of all information technology systems used within the Office of Project Management-Combat Arms Support, Mortar Division. Responsibilities included the following;
• Manage W2008, Vista, Win 7, W2K LAN consisting of 4 servers and 100 workstations.
• Designated as the Information Assurance Security Officer for OPM-CAS.
• Track, implement and report to higher HQ published security patches
• Monitor and configure network security parameters
• Design and implement network policies and procedures.
• Perform maintenance and repair on all servers, workstations and printers.
• Train and support all end users in the desktop environment including security.
• Design and implement disaster recovery procedures.
• Research and document entire client / server environment.
• Responsible for all information technology budget, software and equipment specifications.
• Active member of the PM-CAS Information Technologies Integrated Products Team.
• Active member of the PM-CAS Knowledge Management Integrated Products Team.
Additional duties include acting assistant to the Information Assurance Manager and Chief Information Officer, office of Program Executive Manager-Ammunition (reporting senior organization for OPM-CAS). Duties include the following;
• Directly responsible for the specification, purchase, architecture, training, and implementation of Patchlink enterprise-level patch management software for 5000 nodes.
• Awarded a Letter of Commendation from Brigadier General Izzo for my work with PEO Ammo in identifying and implementing Patchlink software as Picatinny Arsenal’s patch management solution.
1999 : 2013
U.S.Army
Information Technology Manager
Company:
Ortho Clinical Diagnostics
Years of Experience:
39
Skills
Active Directory, Computer Hardware, Computer Security, Disaster Recovery, DoD, Hardware, Information Assurance, Information Security, Information Technology, IT Management, Leadership, Microsoft Certified Professional, Microsoft Exchange, Microsoft Office, Network Administration, Networking, Network Security, Operating Systems, Security, Security Clearance, Servers, Software Installation, System Administration, Troubleshooting, VMware, Windows, Windows 7, Windows Server, Microsoft Certified
About
A results-oriented Information Technologies professional with proven abilities in leadership, systems management, project management, troubleshooting, risk management and improving efficiency of operations. Excellent troubleshooting skills enhanced by 15 years of Information Technology Administration experience. Quickly grasps complex concepts, analyzes, and interprets ideas into a logical strategy. Strong ability to identify strengths and weakness, implement systematic, technological, and policy changes that optimize Information Technologies and cost effectiveness. Demonstrated ability to manage and troubleshoot complex hardware and software architectures for maximum productivity and control costs through the use of available resources.
Profile Photo
