Profiles search
LuLu Wang
SpaceX---SR. INFORMATION SECURITY ANALYST
Beverly Hills, CA, United States
Details
Experience:
Support SpaceX as our front line responder by identifying, triaging, and remediating security detections and anomalies.
Assess newly published vulnerabilities and attacker tactics, techniques, and procedures (TTPs) to identify possible defensive measures to locate and stop threat actors.
Provide incident response support as a key stakeholder. Collaborate with SpaceX engineering teams to proactivity improve and secure systems from future attacks.
Operate and help mature playbooks to protect SpaceX people, missions, and assets.
2021 : Present
SpaceX
SR. INFORMATION SECURITY ANALYST
Plan, prepare for, schedule, and coordinate internal assessments and external audits
Perform assessments of systems and networks within our environment and identify where those systems and networks deviate from acceptable configurations, enterprise policy, or local standards
Identify security and compliance gaps and partner with system owner and stakeholders to appropriately remediate
Generate awareness of assessment results, facilitate and prepare system security plans and update the plan of actions and milestones
Periodically conduct a complete review of each system's audits and monitor corrective actions until all actions are closed
Develop, maintain, monitor, and improve appropriate internal controls and policies to protect SpaceX systems and data
Perform security analysis of operational and development environments, threats, vulnerabilities and internal interfaces to define and assess compliance with accepted industry and government standards
Facilitate development of Memorandums of Understanding (MOU), Interconnection Security Agreements (ISA), Risk Acceptance Letters (RAL), System Security Plans (SSP), Plans of Action & Milestones (POA&M), and support Continuous Monitoring
Manage, assess, communicate and partner with our business and systems owners to determine the efficacy of security controls, solution around constraints, and facilitate justifiable confidence in the system's security posture
Operate and contribute to continuous improvement of information security assurance processes and systems
Stay abreast of changes to regulations, compliance guidelines, assessment methodologies, and the emerging TTPs; recommend proactive changes to controls, policies, and procedures to respond to these changes
2014 : 2021
SpaceX
Information Security Analyst
Responsible for the overall scheme demonstration and design of precision guidance system
Responsible for the scheme demonstration, simulation and verification evaluation of the new detection system
Responsible for/traction to carry out key technical research and demonstration verification of precision guidance system
Responsible for precision guidance professional technology development planning and technical research.
2013 : 2014
China Aerospace Science & Industry Corporation Limited
Information Analyst
Designed and developed a new automated production performance report for the company. Work with IT to build databases and servers for reports, and design data models and ETLs. Through years of efforts, we have integrated global product test data and unified all production reports
Outstanding achievement :
- Development of fully automatic production reports for China. In the first year, save at least 100,000 RMB per year in labor costs for the product inspection and development department. In the following 3 years, a separate data department was established, independent servers and databases were established, and in cooperation with the global IT department, AMD chip assembly and factory inspection data reports were integrated (including Singapore, Malaysia, Taiwan, China).
- Project information tracking and sharing platform. Users can use this online platform to register new projects, share inspection data, and reduce inefficient mass mailing. And with the accumulation of project data, employees can find solutions by retrieving old project information.
2011 : 2012
Inspur Group
Data Analyst
Daily updates on day shift PO (Protection Officer) attendance in the SAP system. • Answer calls from the head office. Respond in a timely manner to temporary issues faced by POs deployed at customer sites. • Manage daily headcount to ensure adequate coverage at all customer locations.
2008 : 2009
Inspur Group
Intern
Assess newly published vulnerabilities and attacker tactics, techniques, and procedures (TTPs) to identify possible defensive measures to locate and stop threat actors.
Provide incident response support as a key stakeholder. Collaborate with SpaceX engineering teams to proactivity improve and secure systems from future attacks.
Operate and help mature playbooks to protect SpaceX people, missions, and assets.
2021 : Present
SpaceX
SR. INFORMATION SECURITY ANALYST
Plan, prepare for, schedule, and coordinate internal assessments and external audits
Perform assessments of systems and networks within our environment and identify where those systems and networks deviate from acceptable configurations, enterprise policy, or local standards
Identify security and compliance gaps and partner with system owner and stakeholders to appropriately remediate
Generate awareness of assessment results, facilitate and prepare system security plans and update the plan of actions and milestones
Periodically conduct a complete review of each system's audits and monitor corrective actions until all actions are closed
Develop, maintain, monitor, and improve appropriate internal controls and policies to protect SpaceX systems and data
Perform security analysis of operational and development environments, threats, vulnerabilities and internal interfaces to define and assess compliance with accepted industry and government standards
Facilitate development of Memorandums of Understanding (MOU), Interconnection Security Agreements (ISA), Risk Acceptance Letters (RAL), System Security Plans (SSP), Plans of Action & Milestones (POA&M), and support Continuous Monitoring
Manage, assess, communicate and partner with our business and systems owners to determine the efficacy of security controls, solution around constraints, and facilitate justifiable confidence in the system's security posture
Operate and contribute to continuous improvement of information security assurance processes and systems
Stay abreast of changes to regulations, compliance guidelines, assessment methodologies, and the emerging TTPs; recommend proactive changes to controls, policies, and procedures to respond to these changes
2014 : 2021
SpaceX
Information Security Analyst
Responsible for the overall scheme demonstration and design of precision guidance system
Responsible for the scheme demonstration, simulation and verification evaluation of the new detection system
Responsible for/traction to carry out key technical research and demonstration verification of precision guidance system
Responsible for precision guidance professional technology development planning and technical research.
2013 : 2014
China Aerospace Science & Industry Corporation Limited
Information Analyst
Designed and developed a new automated production performance report for the company. Work with IT to build databases and servers for reports, and design data models and ETLs. Through years of efforts, we have integrated global product test data and unified all production reports
Outstanding achievement :
- Development of fully automatic production reports for China. In the first year, save at least 100,000 RMB per year in labor costs for the product inspection and development department. In the following 3 years, a separate data department was established, independent servers and databases were established, and in cooperation with the global IT department, AMD chip assembly and factory inspection data reports were integrated (including Singapore, Malaysia, Taiwan, China).
- Project information tracking and sharing platform. Users can use this online platform to register new projects, share inspection data, and reduce inefficient mass mailing. And with the accumulation of project data, employees can find solutions by retrieving old project information.
2011 : 2012
Inspur Group
Data Analyst
Daily updates on day shift PO (Protection Officer) attendance in the SAP system. • Answer calls from the head office. Respond in a timely manner to temporary issues faced by POs deployed at customer sites. • Manage daily headcount to ensure adequate coverage at all customer locations.
2008 : 2009
Inspur Group
Intern
Company:
SpaceX
About
I have been working as an information security analyst for eleven years. My area of expertise is researching information technology security, monitoring organizations for cyber security breaches, etc. Now I manage a small team of 39 people. I want to find differences on LinkedIn. Outstanding people in the field communicate with each other, learn from each other and make progress together. I hope we can be friends
Profile Photo
