Kristopher Knutsen

Details

Education: Bachelor of Science - BS

Computer and Information Systems Information Systems Security

Metropolitan State University of Denver

2015 : 2019

General Studies

Niwot High School

2002 : 2006

Experience: Bank of the West has joined BMO! My position and duties from BOTW will be merged into BMO Vendor Management, part of the Cyber Security Financial Crimes Unit.

2023 : Present

BMO

Information Security Analysis - Specialist II

- Implemented Cloudflared’s Zero Trust solution for zero trust remote access to designated internal sites and services while remote on company devices.

- Secured internal sites hosted on public facing VPCs with Cloudflare for internal use.

- Performed infrastructure migrations to Google Workspace

- Performed infrastructure migrations to Microsoft 365 and Azure AD.

- Managed hybrid Microsoft 365 and premise Active Directory.

- Implemented OAUTH for user IAM authentication with both Google Workspace and Azure AD.

- Designed and implemented MDM / MAM solutions for BYOD and corporate owned devices with Microsoft Intune.

- Virtualized bare metal servers for improved resource utilization with Proxmox, Hyper-V, and ESXI.

- Use of Docker and LSC containers were incorporated.

- Brought legacy Active Directory Group Policies to Microsoft and CIS baseline security standards.

- Learning how to use and manage Kubernetes to host an open-source XDR security platform on both GCP and AWS. Orchestrated container management to keep down the cost of cloud services, adjusting resources during times of peak utilization to deploy for use between an MSP and its clients.

- Coordinated with ISPs and businesses for multiple fiber optic infrastructure installations.

- Coordinated with Wireless ISPs and businesses for installation of primary and secondary internet circuits.

- Designed IT infrastructure plans for a new building to include network cabling, Wireless Access Point placement planning, cameras, networking equipment, and access control. Dictate building physical security and environmental requirements.

2021 :

Various small businesses

Information Security Consultant

- Team lead of security analysts.

- Involvement in Vendor Management program improvement.

- Stay current with security industry trends and security risks

- Developed and updated security controls questionnaire for third party vendors to disclose details of their information security program and posture.

- Use of Bitsight to identify vendor security concerns and inferred vulnerabilities.

2022 : 2023

Bank of the West

Senior Cyber Security Analyst, Vice President

- Review and analyze third party evidence for validation of bank domains of privacy, business resiliency and continuity documents, risk assessment.

- Monitor and coordinate third party findings and remediation verification.

- Experience with Archer for third party management.

- Coordinate vender assessments and reports between vendor and bank personnel to facilitate the review process.

- Peer Review assessments for accuracy in information and reporting.

2021 : 2022

Bank of the West

Cyber Security Analyst (Contracted)

- Reviewed and analyzed third party evidence for assessment validation to include domains of privacy, GDPR, system configuration controls, network controls, business resiliency and continuity documents, risk assessments, SIEMS, Vulnerability scans, and penetration tests.

- Reviewed evidence from all domains of a custom security assessment, mapped to NIST 800.53 r5, NIST-CSF, PCI-DSS, NY-DFS, and other frameworks.

- Reviewed SOC reports, ISO27001 Statement of Applicability (SoA), PCI-DSS reviewed Report on Compliance and Attestation of Compliance (RoC/AoC)

- Reviewed evidence to interpret results from a multitude of environments.

- Conducted and organized web conferences for the purpose of validating evidence remotely with third-parties, and for interacting with customers and third-parties discussing the validation process, in part, selling our product and its advantages.

- Created SalesForce reports to target and visualize specific data and managed tickets for validation activities. Managed ZenDesk tickets and knowledge base articles.

- Created team documentation and procedures

- Compiled information from several internal IS systems to output risk assessment validation results.

- Made process improvements to increase efficiency of manual tasks

- Collaborated with product and developers to create new internal tool to streamline validation efforts, improve efficiency, and incorporate analytics into the validation process

- Collaborated with assessment coordinators for smooth transition of assessment to validation phases

- Responsible for quality control of validation results on final report to customer and third-party

- Received outstanding performance reviews from leadership.

2018 : 2021

CyberGRX

Security Risk Analyst

Company: BMO

Years of Experience: 19

Skills

Active Directory, Avaya Communication Manager, avaya ip telephony, Cable Pinning, cabling, CompTIA Network+, Computer Hardware Installation, Computer Hardware Troubleshooting, Computer Networking, Cybersecurity, Domain Knowledge, Dynamic Host Configuration Protocol (DHCP), electronics, Enterprise Security, fortinet, Hardware, hp enterprise solutions, Information Security, Information Security Analysis, Information Technology, IP, IP Networking, ISO 27001, maintenance & repair, microsoft office, Military, network administration, Networking, Network Security, NIST, PCI DSS, pfsense, Problem Solving, Project Management, qnap, Risk Assessment, Security Architecture Design, Server Administration, Servers, SOC 1, SOC 2, software installation, Soldering, system administration, Third Party Risk Management (TPRM), Troubleshooting, Video Distribution, voice over ip (voip), Windows Server, Wireshark, Delegation, Middle Management, cables, electricians, military experience, preventive maintenance, test equipment, testing, Computer Hardware

About

Over eight years of Information Security, network and systems administration, and hands on technical experience. More than three years of cyber security and third-party risk experience, managing findings and compliance to cybersecurity principals. More than three years of experience with network administration, server administration, working with end users, performing network modernization, maintaining infrastructure, and project management. More than five years of experience installing components into rack assemblies, interconnection of various types of cabling and test equipment. More than two years with server rack and stacking, cable set manufacturing and installing racks in data centers. Six years of military experience involving the management, maintenance, testing and repair of computer and display systems, computer controlled electronic systems, video distribution systems, fiber networks, and tactical training equipment.