Profiles search
Philip Daigle
NERC / E-ISAC
Columbia, MD, United States
Details
Education:
SANS
Experience:
Primary malware analyst and senior analyst for shares of incidents from members
Key Achievements :
● Point of escalation for information security related incidents, particularly if those incidents involve malware, email, or the member is able to provide a PCAP or network transaction records
● Primary contact for the separation of E-ISAC (both physically and logically) from the rest of NERC
● Create and present various presentations and workshops covering a variety of topics ranging from basic malware analysis and incident response to making use of the services provided by E-ISAC to industry partners and members
● Interact with government partners to share sanitized information regarding incidents pertinent to the electricity sector
● Coordinate and interact with various ISAC’s including Downstream Natural Gas, Financial Services, and Oil and Gas
● The E-ISAC is responsible for analyzing large datasets to detect trends and assist our members with responding to those trends. Part of my position is creating new methods of analysis, storage, and categorization of those datasets
2014 : Present
North American Electric Reliability Corporation
E-ISAC Cybersecurity Specialist
2018 : 2019
Laureate International Universities
Incident Response
Senior incident response analyst on Exelon Corporation’s Information Security Management team
Key Achievements :
● Point of escalation for information security related incidents
● Primary handler for several high visibility incidents requiring interfacing with other organizations and agencies
● Perform vulnerability scans and assist with mitigation of findings
● Manage and assist with the performance of vulnerability assessments
● Perform ad-hoc vulnerability assessments against new services and systems
● Responsible for approval of firewall changes based on assessments of how those changes might affect the company’s security posture
● Primary for both vulnerability assessments and vulnerability patch management pertaining to Critical Infrastructure
● Organize and participate in, various Red Team and “Capture the Flag” events for our Incident Response and Network Monitoring Teams
● Create and maintain various scripts (mainly bash and python) used daily by the Network Security Monitoring Team
● Created and Maintained several honeypot systems (kippo and honeyd) that were used to detect intrusion events
● Effectively used the information obtained from those honeypot systems to create a case for other mitigation strategies (the installation of denyhosts on all linux systems for example)
● Installed and maintained the open source sensor systems in use by the Network Security Monitoring and Incident Response Teams. These systems included services such as httproxy, dnsnarf, argus, mailsnarf
2012 : 2014
Exelon
Technical Analyst IT (Information Security Engineer/Analyst)
• Security incident responder
• Perform vulnerability scans and assist with mitigation of findings
• Manage and assist with the performance of vulnerability assessments
• Perform ad-hoc vulnerability assessments against new services and systems
• Responsible for approval of firewall changes based on assessments of how those changes might affect the company’s security posture
2008 : 2012
Constellation Energy
Information Security Engineer/Analyst
Delivered key technological support for traders operating in a multitude of diverse markets in an innovative trading floor environment. Troubleshoot and provide issue resolution for a variety of technical issues, including application support, network and database connectivity, and Excel macro problems.
• Oversaw the successful migration of 1500+ trader workstations to a new building
• Provide timely and reliable technical support for financial and commodity traders in an extremely fast-paced, high-pressure environment
2000 : 2002
Enron
Trading Infrastructure and Support
Key Achievements :
● Point of escalation for information security related incidents, particularly if those incidents involve malware, email, or the member is able to provide a PCAP or network transaction records
● Primary contact for the separation of E-ISAC (both physically and logically) from the rest of NERC
● Create and present various presentations and workshops covering a variety of topics ranging from basic malware analysis and incident response to making use of the services provided by E-ISAC to industry partners and members
● Interact with government partners to share sanitized information regarding incidents pertinent to the electricity sector
● Coordinate and interact with various ISAC’s including Downstream Natural Gas, Financial Services, and Oil and Gas
● The E-ISAC is responsible for analyzing large datasets to detect trends and assist our members with responding to those trends. Part of my position is creating new methods of analysis, storage, and categorization of those datasets
2014 : Present
North American Electric Reliability Corporation
E-ISAC Cybersecurity Specialist
2018 : 2019
Laureate International Universities
Incident Response
Senior incident response analyst on Exelon Corporation’s Information Security Management team
Key Achievements :
● Point of escalation for information security related incidents
● Primary handler for several high visibility incidents requiring interfacing with other organizations and agencies
● Perform vulnerability scans and assist with mitigation of findings
● Manage and assist with the performance of vulnerability assessments
● Perform ad-hoc vulnerability assessments against new services and systems
● Responsible for approval of firewall changes based on assessments of how those changes might affect the company’s security posture
● Primary for both vulnerability assessments and vulnerability patch management pertaining to Critical Infrastructure
● Organize and participate in, various Red Team and “Capture the Flag” events for our Incident Response and Network Monitoring Teams
● Create and maintain various scripts (mainly bash and python) used daily by the Network Security Monitoring Team
● Created and Maintained several honeypot systems (kippo and honeyd) that were used to detect intrusion events
● Effectively used the information obtained from those honeypot systems to create a case for other mitigation strategies (the installation of denyhosts on all linux systems for example)
● Installed and maintained the open source sensor systems in use by the Network Security Monitoring and Incident Response Teams. These systems included services such as httproxy, dnsnarf, argus, mailsnarf
2012 : 2014
Exelon
Technical Analyst IT (Information Security Engineer/Analyst)
• Security incident responder
• Perform vulnerability scans and assist with mitigation of findings
• Manage and assist with the performance of vulnerability assessments
• Perform ad-hoc vulnerability assessments against new services and systems
• Responsible for approval of firewall changes based on assessments of how those changes might affect the company’s security posture
2008 : 2012
Constellation Energy
Information Security Engineer/Analyst
Delivered key technological support for traders operating in a multitude of diverse markets in an innovative trading floor environment. Troubleshoot and provide issue resolution for a variety of technical issues, including application support, network and database connectivity, and Excel macro problems.
• Oversaw the successful migration of 1500+ trader workstations to a new building
• Provide timely and reliable technical support for financial and commodity traders in an extremely fast-paced, high-pressure environment
2000 : 2002
Enron
Trading Infrastructure and Support
Company:
North American Electric Reliability Corporation
Years of Experience:
23
Skills
CIP, Computer Forensics, Computer Security, Cyber Security, Disaster Recovery, Firewalls, IDS, Information Security, Information Security Management, Infrastructure, Integration, Linux, Log Analysis, Networking, Network Security, Problem Solving, Program Management, Security, Security Architecture Design, System Deployment, Technical Support, Trampoline, Troubleshooting, Vulnerability Assessment, Vulnerability Management, Windows
Profile Photo
