Summary
Overview
Work History
Education
Skills
Certification
Accomplishments
Publications
Independent Blogs
Timeline
Generic

JOSEPH PIGGEÉ

Great Falls,MT

Summary

Dynamic and results-driven Security Specialist with a proven track record in engineering and optimizing cutting-edge security frameworks. Adept at deploying advanced solutions such as Cortex XSOAR, Microsoft Azure Sentinel, and Splunk to enhance threat detection, streamline incident response, and fortify organizational security. Demonstrates expertise in crafting and fine-tuning complex correlation rules, developing custom dashboards, and automating workflows to drive operational efficiency and reduce vulnerabilities. Proven success in migrating large-scale environments and integrating security tools, boosting system efficiency and resilience. Accomplished in conducting in-depth security assessments, designing robust incident response plans, and improving security posture through innovative solutions and strategic planning. Committed to ensuring the integrity, confidentiality, and availability of information systems by designing and implementing robust security architecture frameworks, managing information security risks, and ensuring compliance with regulatory requirements and industry standards.

Experienced with network security, threat analysis, and incident response. Utilizes analytical skills to fortify systems against potential breaches. Strong understanding of risk management and proactive security measures.

Overview

13
13
years of professional experience
1
1
Certification

Work History

PRINCIPAL SECURITY ENGINEER

Estee Lauder
10.2023 - 07.2024
  • Created dynamic dashboards to evaluate and refine various use-case designs, enhancing visibility and decision-making capabilities across security operations.
  • Deployed Cortex XSOAR with custom playbooks and ServiceNow (SNOW) integration, streamlining incident response workflows and improving operational efficiency.
  • Conducted regular project reviews to ensure adherence to established standards and requirements, resulting in consistent delivery of high-quality outcomes.
  • Engineered complex correlation rules in Splunk using SPL, significantly enhancing the detection and analysis of security incidents.
  • Executed comprehensive threat-hunting activities using Splunk and SentinelOne XDR, proactively identifying and mitigating potential threats.
  • Fine-tuned Splunk rules and alerts to enhance accuracy and reduce false positives, improving the efficiency of threat detection and response.
  • Utilized Recorded Future for proactive brand management, safeguarding the organization’s reputation and minimizing risk exposure.
  • Provided guidance and training to Level 1 and Level 2 SOC team members, fostering skill development and enhancing overall team performance.

SECURITY ANALYST

Nature's Way Products
02.2022 - 10.2023
  • Developed and implemented robust security protocols for safeguarding computer configurations and data files against malware, phishing, and other cyber threats, significantly enhancing organizational resilience.
  • Deployed Microsoft Azure Sentinel (SIEM) with SOAR capabilities, including Workbooks, Playbooks, and Incident Management functions, leading to improved threat detection and response efficiency.
  • Configured Azure Active Directory & Active Directory Synchronization with Role-Based Access Control (RBAC), enhancing secure user access and system management.
  • Onboarded and integrated a Managed Security Service Provider (Netrix) for SOC capabilities, strengthening 24/7 security monitoring and incident response.
  • Implemented Qualys for Vulnerability Management, identifying and addressing system vulnerabilities to prevent potential exploits and breaches.
  • Deployed PhishER for effective phishing management, significantly reducing the risk of phishing attacks through enhanced detection and response capabilities.
  • Launched a Security Awareness Training Program using KnowBe4, increasing employee awareness and preparedness against cyber threats.

SECURITY ENGINEER

Fairview Health Services UMMC
02.2021 - 02.2022
  • Migrated a 7,500+ node environment from McAfee ePO to FireEye HX, encompassing multiple locations across the Midwest, ensuring a seamless transition with minimal disruption to operations.
  • Collaborated with cross-functional teams including SCCM and VDI to design and deploy a robust endpoint protection solution, incorporating necessary exceptions and optimizing integration for a streamlined deployment process.
  • Completed internal security assessment for HITRUST certification, demonstrating a strong commitment to compliance and enhancing the organization’s security posture.
  • Created and managed integration with LogRhythm, Splunk, and ServiceNow, enhancing threat detection, incident response, and operational efficiency through improved data visibility and actionable insights.
  • Integrated endpoint protection solution with Gigamon Threat Intelligence and Qualys Vulnerability Management, bolstering the organization’s ability to detect and respond to emerging threats and vulnerabilities.
  • Led the implementation and planning for SecOps technologies, including FireEye HX for endpoint protection, FireEye CMS for centralized management, and FireEye NX for network security, providing comprehensive support and optimizing security infrastructure.

SECURITY ENGINEER

National Grid, Natural Gas
10.2020 - 03.2021
  • Led the successful migration of over 50,000 nodes from McAfee ePO to FireEye HX, across multiple locations on the East Coast and in the UK, ensuring a seamless transition with minimal disruption.
  • Collaborated cross-functionally with SCCM and VDI teams to design and implement a viable endpoint protection solution, incorporating necessary exceptions and ensuring full integration.
  • Integrated FireEye HX with Tenable/Nessus vulnerability management and created a robust integration with Splunk Phantom, enhancing the overall security posture and threat response capabilities.
  • Implemented and optimized endpoint protection solutions by integrating them with Splunk and ServiceNow Automation (SOAR), streamlining incident response and automation workflows.
  • Developed and executed deployment strategies for endpoint protection across both VDI environments, optimizing for both persistent and non-persistent setups.
  • Automated workflows using PowerShell and Python scripts, facilitating playbooks and API calls to improve operational efficiency and streamline processes.
  • Executed planning and implementation of SecOps technologies, including FireEye HX for endpoint protection, FireEye CMS for centralized management, FireEye ETP for email security, and FireEye NX for network security, ensuring comprehensive coverage and support.

SECURITY ENGINEER

Mandiant\FireEye
02.2019 - 07.2020
  • Delivered precise deployment and configuration of Confidential suite products, tailoring solutions to meet specific client needs and ensuring seamless integration with existing systems.
  • Integrated Confidential security solutions with other network security products, enhancing overall security infrastructure and streamlining threat management processes.
  • Developed and documented Security Operations Standard Operating Procedures (SOPs) for Confidential products, including incident response, IOC sweeping, forensic analysis, and disaster recovery, improving response efficiency and procedural clarity.
  • Integrated Confidential products with SecureWorks and CarbonBlack, fostering enhanced threat detection and incident response capabilities.
  • Led the implementation and planning for SecOps technologies, including MIR Intelligent Response, FireEye Endpoint Protection, Centralized Management, Automation, Email Security, and Forensics, streamlining security operations and improving threat management.
  • Executed the deployment and support of SIEM solutions (Helix, TAP-W-SOAR), enhancing threat detection and response capabilities across client environments.

SECURITY ENGINEER

Granite Construction
10.2017 - 03.2019
  • Developed and implemented a comprehensive planning, deployment, and operations framework for onboarding both current and future clients, enhancing the efficiency and effectiveness of security services integration.
  • Developed and implemented a comprehensive planning, deployment, and operations framework for MDM solution, and integration during merger acquisition using Intune, Apple Business Manager, and JAMF Pro.
  • Engineered, implemented, and continuously monitored advanced security measures to safeguard computer systems, networks, and sensitive information, significantly reducing potential security breaches.
  • Ensured compliance with SOX and COBIT standards, maintaining regulatory adherence and promoting best practices in security management.
  • Implemented a robust Endpoint Protection Solution using McAfee ePO, ENS, MAR/TIE/DXL, fortifying endpoints against threats and enhancing overall network security.
  • Contributed to the development of the SOC Team, providing insights and support to improve team capabilities and incident response effectiveness.
  • Created detailed Incident Response Playbooks using Powershell and Python, providing actionable guidelines and automating response procedures to streamline incident management.

SIEM SECURITY ENGINEER

McAfee Professional Services
01.2017 - 09.2017
  • Designed and implemented a comprehensive SOC (Security Operations Center) framework for both onsite and remote security services, enhancing the organization’s ability to manage security incidents effectively.
  • Deployed a sophisticated SIEM (Security Information and Event Management) solution incorporating core SOC services, including Incident Response, Threat Management, Vulnerability Management, and User Behavior Analytics, ensuring robust compliance with industry standards.
  • Conducted thorough vulnerability assessments and integrated results with Rapid7\Nexpose to strengthen the organization’s vulnerability management strategy.
  • Delivered targeted training for client SOC teams on SIEM best practices and troubleshooting techniques, enhancing their operational proficiency and response readiness.
  • Architected and refined SIEM deployment strategies to create a repeatable USECASE-based framework, optimizing security event management.
  • Integrated with Dell SecureWorks and Splunk, enhancing the organization’s ability to leverage additional threat intelligence and analytics capabilities.

SECURITY ENGINEER

Epiq Systems
02.2011 - 12.2016
  • Spearheaded the successful deployment and configuration of System Center 2012 Operations Manager, enhancing system monitoring capabilities and operational efficiency.
  • Led the seamless migration of VMware monitoring to System Center 2012 Operations Manager, improving monitoring accuracy and system reliability.
  • Created a strategic SIEM Implementation and Maturity Roadmap, guiding the evolution of security monitoring capabilities and ensuring alignment with organizational goals.
  • Designed and documented a comprehensive Compliance Logging and Auditing Strategy, strengthening regulatory adherence and audit readiness.
  • Analyzed and responded to previously undisclosed software and hardware vulnerabilities, mitigating potential security risks and strengthening defenses.

Education

Associate of Science - Business Administration

UNIVERSITY OF PHOENIX
Tempe, AZ
07.2005

Skills

  • Incident Management
  • Cybersecurity Operations
  • Anti-Malware Solutions
  • Security Architecture Design
  • Governance, Risk, and Compliance (GRC)
  • Information Security Risk Management
  • Risk Assessment and Mitigation
  • Security Controls Implementation
  • Security Information and Event Management (SIEM)
  • Vulnerability Management
  • Security Framework Development
  • Incident Response
  • Continuous Monitoring
  • Regulatory Compliance
  • Industry Standards Adherence
  • Information Systems Integrity
  • Confidentiality Assurance
  • Security Operations Management
  • Correlation Rules Engineering
  • Threat Hunting
  • Data Analytics for Security
  • Brand Protection
  • Security Protocol Development
  • Directory Services Configuration
  • Managed Security Service Integration
  • Endpoint Protection Solutions
  • SIEM Optimization
  • Custom Security Solutions
  • XDR-EDR-MDR

Certification

  • ISC2- CISSP #523718
  • GIAC - GISP #2809
  • GIAC - GCIH #24775
  • McAfee ESM/ Nitro - SIEM #172
  • MCSE # 1124484
  • VCP5-DCV #147463
  • ITILv3
  • Splunk USER

Accomplishments

  • Implemented Microsoft Azure Sentinel as an SIEM solution with integrated SOAR capabilities, including customized Workbooks, Playbooks, and Incident Management functions.
  • Developed a comprehensive Security Program Roadmap, deployed Qualys for effective Vulnerability Management.
  • Introduced PhishER to manage and mitigate phishing threats, conducted PCI Security Assessment and penetration testing.
  • Launched a Security Awareness Program using KnowBe4, Created and established an Incident Response Plan.
  • Rolled out FireEye Security solutions, including NX, HX, and Cloud HX, for endpoint, email, and network security at National Grid Utility, serving the US East Coast and the UK. Integrated these solutions with their SIEM system, Splunk, and developed policies and incident response playbooks.
  • Deployed FireEye Security solutions—NX, EX, ETP, HX, and Cloud HX—for endpoint, email, and network security for the Indiana Secretary of State and eight counties, enhancing election security.
  • Implemented McAfee Endpoint Security and McAfee Active Response for 1100 endpoints.

Publications

  • What is a SIEM?, Tripwire – The State of Security, https://www.tripwire.com/state-of-security/incident-detection/log-management-siem/what-is-a-siem/
  • SIEM – I Thought Everyone Knew, https://vtechnicalsolutions.wordpress.com/2016/01/04/siem-i-thought-everyone-knew/
  • SIEM Overview Illustration, https://vtechnicalsolutions.wordpress.com/2015/11/14/mcafee-siem-overview-illustration/
  • What does the Wassenaar Pact mean and its effect on InfoSec, https://www.linkedin.com/pulse/what-does-wassenaar-pact-mean-its-effect-infosec-joe
  • ATTENTION: SIEM Engineers, Project Managers, and Compliance Auditors (CISA), https://www.linkedin.com/pulse/attention-siem-engineers-project-managers-compliance-joe

Independent Blogs

  • Http://joleyexchangeserver.blogspot.com/
  • Https://vtechnicalsolutions.wordpress.com/
  • Https://www.linkedin.com/in/justjoey/

Timeline

PRINCIPAL SECURITY ENGINEER

Estee Lauder
10.2023 - 07.2024

SECURITY ANALYST

Nature's Way Products
02.2022 - 10.2023

SECURITY ENGINEER

Fairview Health Services UMMC
02.2021 - 02.2022

SECURITY ENGINEER

National Grid, Natural Gas
10.2020 - 03.2021

SECURITY ENGINEER

Mandiant\FireEye
02.2019 - 07.2020

SECURITY ENGINEER

Granite Construction
10.2017 - 03.2019

SIEM SECURITY ENGINEER

McAfee Professional Services
01.2017 - 09.2017

SECURITY ENGINEER

Epiq Systems
02.2011 - 12.2016

Associate of Science - Business Administration

UNIVERSITY OF PHOENIX

Similar Profiles

CREATE PROFILE
JOSEPH PIGGEÉ