Jon Chaipis
Details
• Incident response and security incident response, endpoint/network defenses, network-focused forensics, and threat hunting
• Conduct technical investigation of security related incidents and post incidents digital forensics to identify causes and recommend future mitigation strategies
• Offensive security knowledge to allow the ability to think like an adversary
• Partnering with other teams to resolve gaps in detection capabilities
• Conduct technical research and identify methods to detect evolving Advanced Persistent Threats (APTs) Tactics, Techniques, and Procedures (TTPs)
• Strong verbal and written communication skills, in order to ensure thorough and accurate reporting during and concluding a security incident
• Detection of advanced threats that are not detected via traditional security tools
• Operationalize cyber threat intelligence
• Regular collaboration with multiple teams : Cyber Threat Fusion Center, Security Content Development, Cyber Threat Intelligence, and Offensive Security Research teams
• Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards
• Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security
• Review and correlate security logs
• Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives
• Collaborate and consult with peers, colleagues, and managers to resolve issues and achieve goals
2022 : Present
Wells Fargo
Senior Information Security Engineer
• Expanded vulnerability management to encompass entire organization, rolled out Qualys Agent and implemented authenticated scanning across enterprise
• Vulnerability management engagement with engineering teams & stakeholders
• CIS Benchmarks from Qualys implemented and scored against assets to align with GDPR, CMMC, DFARS, NIST, and ISO 27001 compliance initiatives, including hardening of assets to CIS level 1 minimum across the enterprise
• Lead penetration test findings remediation by engaging with key stakeholders and presenting solutions
• Leveraged PowerShell/Python scripts for remediation solutions
• Chaired DNS hygiene cleanup initiative and streamlined the clean-DNS acquisition process
• Proofpoint PSAT Phish simulation campaigns, administered all phishing simulation campaigns
• Training and awareness content, including newsletters and a social media variant on a monthly cadence
• Security operations and responding to phishing incidents using Proofpoint TAP, TRAP, & Email Defense toolsets
2021 : 2022
Sunbelt Rentals, Inc.
Compliance Analyst, Information Security
• Led the College information security team and provided leadership in cybersecurity domains
• Rapidly implemented Palo Alto Global Protect VPN in response to COVID-19
• Azure Active Directory MFA rollout in tandem with PA-GP VPN
• Chaired compliance initiatives for GLBA, FERPA, and NIST 800-171, including technical implementation
• Implemented a risk management strategy based on conducted risk assessments of business domains
• Implemented and coordinated vulnerability scanning, including presenting and remediation of findings
• Developed, documented, and coordinated information/cyber security incident response plans
• Deployed open source SIEM security onion and pointed log sources from network and security tools at it
• Set up alerting and monitoring criteria for critical systems and network perimeter
• Leveraged Security Onion, Kibana, Suricata, Zeek, Logstash, Elasticsearch to assist with security operations
• Azure Active Directory IAM access review and removal of unnecessary accesses
• Training and awareness content, newsletters on a monthly cadence, and mandatory annual training
• Reviewed computer and network configurations to recommend hardening using CIS benchmarks
• Cybersecurity liaison for all cyber inquiries at the college
• Oversaw all organization, infrastructure, cloud, and application security changes
• Monitored cloud accounts using Proofpoint CASB for DLP and suspicious activity
2020 : 2022
Southeast Community College
Information Security Analyst
• Identity and access management using Active Directory
• Splunk utilized to interpret events around user security events
• Supported large acquisition including network, MS tenant and domain
• Supported Windows 10 upgrade rollout
• Provided in-depth technical support including software and hardware management
• Security operations level 1 for intake and directing tickets/incidents to appropriate teams
• Helpdesk liaison for communicating rapidly evolving outages, systems issues
• Provided training to helpdesk associates & analysts
• Coordinated with higher levels and technical teams for root cause analysis and resolution
• Process improvements and identifying how to use tools more effectively
• Advanced troubleshooting using multiple tools for issue resolution
• Provided user awareness of cybersecurity standards and organization policies/processes
• Quality focus and unwavering client support, through all conditions and situations
• Ability to work through language/communications barriers efficiently and confidently
2018 : 2020
NTT DATA Services
Senior Helpdesk Analyst, Security and Network SME
About
With a boundless passion for cybersecurity, I have scaled the heights of achievement and discovered a world of endless possibilities. As an accomplished incident responder, threat detector, and cybersecurity operations expert, I have spent years perfecting my craft and developing my skills to deliver innovative solutions to complex problems.
From the moment I began my career, I have demonstrated a remarkable ability to inspire and lead technical teams toward achieving success across diverse business domains. My analytical skills and deep understanding of IT environments and architecture have enabled me to develop effective operational solutions that drive strategic growth and help organizations achieve their goals.
My ability to communicate complex technical concepts to business stakeholders has earned me the respect and acclaim of many I work with. As a lead investigator, I have proven myself to be a talented and capable professional, earning the admiration of my peers and inspiring those around me to reach new heights.
My dedication to the field is evident in my academic achievements, obtaining my master's in cybersecurity and continuously researching to stay on the cutting edge of the latest technologies and trends. Through my passion and commitment, I have become a role model for those who aspire to follow in my footsteps.
I am grateful for the opportunities that have come my way, and I am dedicated to using my talents to help organizations navigate the ever-evolving world of cybersecurity. With an unwavering commitment to excellence, I am excited to see where this journey will continue to take me.
Profile Photo
