Gene Cupstid

Details

Education: Associate of Science - AS

Computer Systems Networking and Telecommunications

ITT Technical Institute-Richmond

2001 : 2003

Music Performance, General

Virginia Commonwealth University

1999 : 2001

Experience: Led development efforts for SIEM (LogRhythm), creating correlation rules, custom log source collection agents and parsers, and response automation.

Developed the SecOps automation library which consists of thousands of lines of code across over 100 different commands for interactive and script use. This library contains commands that allow analysts to sandbox files/urls, initiate incident response playbooks, and easily interact with security control APIs. Examples include Anomali ThreatStream, Defender Advanced Threat Hunting, LogRhythm, ZeroFox, Cisco Umbrella, and more.

Wrote much of the SOC runbook library, covering topics such as phishing, malware investigation and remediation, user compromise, and more.

Served as a level 3 escalation point for cases and incidents.

Acted as a mentor for new SOC analysts, training and encouraging them in the development of their incident handling, investigation, and threat hunting skills.

Incorporated the Azure security stack into the SOC workflow and defined processes for working with Defender 365 (Endpoint, O365, Identity, Cloud App Security, etc.)

Developed custom integration of Azure security products into the SIEM by utilizing Defender365 APIs and design of ETL pipeline to retrieve, transform and parse events.

2018 : Present

C.H. Robinson

Information Security - Development & Engineering

SIEM Platform Engineer (LogRhythm)

2018 :

C.H. Robinson

Information Security Engineer

Security platform owner for MGI Splunk Implementation and GlobalScape EFT.

2017 : 2018

MoneyGram International

Sr. Information Security Engineer

Primary role is platform owner for IPS (Intrusion Prevention) and team member VPN.

Management of Target's IPS platform, owned by Remote Access Services team. Platforms currently include Checkpoint and IBM Proventia.

Other supported platforms include : Checkpoint Firewall / IPS, Pulse Secure SSLVPN

Other tools : Splunk, Arcsight SIEM

2015 : 2017

Target

Network Security Engineer

• SEM Program Lead

• IPS/IDS Program Lead

• Network DLP Program Lead

Responsibilities include :

Installation, configuration, and development of the SEM solution, RSA Envision and McAfee Nitro.

Development and implementation of the Sarbanes Oxley, Network Security, and compliance monitoring programs.

Coordination of multiple security programs into the SEM program including IDS/IPS, Firewalls, McAfee EPO, and the Vulnerability Assessment solution.

Development and management of compliance reporting and alerting using Quest Reporter and RSA Envision.

2011 : 2015

Kroll Ontrack

Senior Information Security Engineer

Company: C.H. Robinson

Years of Experience: 21

Skills

Apache 2, Bash, CISSP, Databases, Data Security, Disaster Recovery, Firewalls, Incident Response, Information Security, IPS, Linux, Log Management, McAfee, Network Forensics, Networking, Network Security, Operating Systems, Perl, PHP, Red Hat Linux, Security, SEM, SIEM, Syslog, Syslog-ng, Ubuntu, Unix, Vulnerability Assessment, Windows Event Log, Windows Server

About

With 15 years in InfoSec, my passion for the last couple of years lies in developing specialized security solutions, automation frameworks and integrating various security platforms via APIs using PowerShell, C#, and .NET.

---- SECURITY PLATFORMS ----

• SIEM/SEM and Log Analysis

• Network Threat Analysis / FW/IPS Engineering

• Linux Admin, Scripting & Automation

• PKI Administration

• Forensic image capture

• Vulnerability Scanning

• Endpoint Management & Controls

---- PROGRAMMING-RELATED SKILLS ----

• Python

• C#

• Bash

• Perl

• PHP

• Object-Oriented programming and common design patterns

• Regular Expressions

---- DATABASE ----

• Oracle

• PostgreSQL

• MySQL

• SQL Server

• Relational DB Design / 3NF