Jason Iacono
Details
Gwinnett Technical College
• Create Splunk search queries and dashboards to detect malicious behavior
• Consult with University and Healthcare stakeholders to remediate security vulnerabilities
• Create incident response playbooks for a diverse range of information security threats
• Perform gap analysis to identify on-premises security controls, logging and monitoring, and threat intelligence capabilities
2018 : Present
Emory University
Senior Enterprise Information Security Specialist
As a senior information security analyst, I performed threat monitoring for client environments to detect suspicious and hostile activity that would jeopardize the confidentiality & integrity of information systems. I also wrote information security policies for the security monitoring department and provided live demos of our SIEM and threat intelligence service.
▬▬▬▬▬▬▬▬▬▬▬▬
★ Co-speaker / Co-Presenter at MasterCard Global Risk Leadership Conference - “Everything PCI” Workshop
★ Research & develop new threat detection rules for SIEM, based off threat intelligence
★ Research emerging cyber threats & techniques to guard against electronic intruders
★ Harden & deploy security policies to servers & workstations
★ Authored HIPAA security whitepaper for company publication
★ Wrote department-wide information security policy manual, including guidelines for :
• Disaster Recovery
• Change Control
• Security Incident Response
• Incident Management
2015 : 2018
ControlScan
Senior Information Security Analyst
Market leader in enterprise servers, storage, networking, and software. At Hewlett-Packard, I was the primary elevation point for level 1 support engineers. I provided level 2 Windows and Linux hardware support for HP's Proliant server line (a portfolio of 50+ multi generation servers).
• Diagnosed and troubleshot complex systems and environments for some of the most well known Fortune 500 & 100 companies worldwide
• Validated client-reported defects and collaborated with JHP development teams for fixes
• Consulted with clients on information security-related vulnerabilities, and offered remediation/mitigation advice
• Managed client expectations and concerns during further technical escalations
2014 : 2015
Hewlett Packard Enterprise
Technical Solutions Consultant III - HP Proliant Servers, Direct Attached Storage, and Power
• Consulted customers on RAID best-practices, configured & troubleshot all RAID levels (RAID Levels 0, 1, 10, 5, 6, 50, 60). Also validated customer-reported defects coordinated with development team for fixes
• Helped fulfill large-scale deployment for a national bank. (40+ servers)
• Developed training documentation for contractors & inside employees (technical writing & knowledgebase articles)
• Managed release of public downloads (drivers, firmware, & management tools) for 30+ storage products
2011 : 2014
LSI Corporation
Storage Solutions Engineer
IT Managed Services firm providing cloud hosting & infrastructure virtualization for small/medium-sized businesses. I joined as the company was quickly expanding, and helped provide full service management of Windows Server systems and Windows-based networks. On a small team of about 5, supported, troubleshot, and helped maintain the networks of over 20 small/medium businesses in the Atlanta area.
• Closed an average of 15-20 trouble tickets a day
• Provided multi-level desktop and server support (including information security support)
• Oversaw office moves, ISP cutovers, & server and cloud migrations
• Monitored/maintained enterprise endpoint protection software
2009 : 2011
Xogent
Information Technology Analyst
Skills
Active Directory, Antivirus, CEH, Cloud Security, CompTIA Security+, Computer Hardware, Computer Security, cyber deception, DHCP, Firewalls, HIPAA, Honeypots, Hyper-V, Information Security, Information Technology, Internet Protocol Suite (TCP/IP), Intrusion Detection, Linux, Microsoft Certified Professional, Network Administration, Networking, Network Security, Operating Systems, Policy Writing, RAID, Red Hat Linux, Security, Servers, SIEM, System Administration, System Deployment, TCP/IP, Technical Writing, Threat Intelligence, Troubleshooting, Virtualization, Windows 7, Windows Server, Wireless Security
About
I am a Senior Information Security Professional specializing in threat intelligence and cyber deception. I have nearly 10 years of success in helping nonprofits, small businesses, and multinationals alike navigate through their technology and cyber security challenges.
Sometimes people ask, What do you really do?
I maintain a constant state of paranoia about cybersecurity threats, so that you don’t have to. I'm the guy that freaks out going through airport security because I've read the reported detection rates. I obsess over the minutiae. I keep my finger on the pulse of today's information security threats. What's emerging, what's evolving, and how to get ahead of it. I translate and distill all the obscure tech-talk and security information. And in the end, you know what you're facing, who's targeting you, and what you can do about it.
Currently, I work at ControlScan as a Senior Information Security Analyst. I help clients identify what digital monsters might attack their networks (by analyzing threat intelligence feeds), and then I produce high-quality threat detection rules to stop those security threats early and safely. I've also interviewed and mentored new hires. Written white papers, presented and paneled for security conferences, and have demoed live SIEM & threat intelligence products to help convert leads.
AREAS OF EXPERTISE
• SIEM & Security Monitoring
• HIPAA & PCI-DSS
• IT Security Policy Documentation
• Change Management
• Intrusion Detection (IDS/HIDS)
• Honeypots & Cyber Deception
• Threat Intelligence & Threat Hunting
SKILLS SUMMARY
• Systems •
Microsoft Windows Server; Linux (RedHat, CentOS, Ubuntu, Kali)
• Networking •
TCP/IP; SSH; RDP; Syslog
• Security •
LogRhythm/Alienvault SIEM; Anomali Threat Intelligence Platform; Sophos Endpoint Protection; Nessus; Snort Intrusion Detection (IDS); OSSEC Intrusion Detection (HIDS); Metasploit; Sonicwall, WatchGuard, Meraki firewalls
• Frameworks •
HIPAA-HITECH; PCI-DSS; Cyber Killchain
Profile Photo
