Daniel Lagos
Mount Prospect,Illinois
Summary
Computer security professional with 15 years of progressive experience in the Healthcare and Finance industries. Demonstrated skill identifying business risks and compliance issues and designing proactive solutions. Background designing and implementing layered network security approaches.
Overview
26
26
years of professional experience
1
1
Certification
Work History
Independent Security Researcher
04.2014 - Current
- Independent research and investigation into security subjects of interest.
SENIOR SECURITY ENGINEER
AVIDXCHANGE
01.2023 - 10.2024
- Managed SIEM (Google Chronicle), EDR (CrowdStrike), and Microsoft Cloud security solutions (Microsoft Defender)
- Led the migration of EDR from Cisco AMP to CrowdStrike and SIEM from Arctic Wolf to Google Chronicle
- Administered email security solutions including Microsoft Defender and Abnormal
- Assisted product engineering in implementing automated malware scanning for incoming files
- Acted as lead during the CrowdStrike outage, organized response, and developed improvements for future EDR and system update failures
- Led the transition from Qualys to Tenable for vulnerability management.
SECURITY ANALYST
NORTHWESTERN MEDICINE
08.2018 - 09.2023
- Unified endpoint protection platforms (30,000 workstations, 4,000 servers) post-mergers using tools such as Trend Micro (10.6, 11, XG, ApexOne), Cisco AMP, Symantec, McAfee, and Microsoft Defender
- Planned anti-virus update rollout and migration from on-premises to cloud-hosted solutions
- Created an Exclusion Request form in ServiceNow for new server requests
- Trained new hires on incident response and Pair Programming
- Authored incident response playbooks, including DDoS Response and macOS Incident Response (macOS & iOS forensic analysis using Jamf, Jamf Protect, MacQuisition, Cellebrite Inspector)
- Developed SIEM alert rules and automated responses, using tools like LogRhythm, Azure Sentinel, Azure Logic Apps, Splunk Enterprise, and Palo Alto XSOAR (home lab use)
- Led Cyber Threat Intelligence program and acted as contact for H-ISAC
- Used tools like Recorded Future, Feedly, CISA, Reddit, Twitter, and VirusTotal for incident analysis
- Led Incident of Compromise (IOC) gathering during the SolarWinds breach
- Facilitated Agile processes for Security Operations, using Azure DevOps and Jira
- Developed ServiceNow dashboards for phishing investigations, using ServiceNow, Proofpoint, and IronPort.
SYSTEM ADMINISTRATOR
LAGOS S.A.S (ITALY)
01.1999 - 03.2014
- Managed firewalls and security solutions
- Conducted employee security awareness programs
- Designed a physical security system with a "honey pot" to trigger alarms while minimizing property damage
- Managed and maintained a mixed environment of PCs and Macs for the organization.
Education
Bachelor of Science - Cyber Security
Western Governors University
12.2024
Associate of Applied Science - Computer And Information Sciences
Istituto Tecnico Industriale "Blaise Pascal"
Italy01.2003
Skills
Identity and Access Management
Operating System Hardening
Two-Factor Authentication Implementation
Incident Response Management
Intrusion Detection Systems
Cloud Security Management
Regulatory Compliance Knowledge
Security Architecture Design
SIEM management
Endpoint Security
Security Policies
Access Control
Certification
- CompTIA - A+, Network+, Security+, CySA+, Pentest+, Project+
- EC-Council - Encryption Specialist (ECES)
- GIAC - GCIH (analyst #31280), GIME (GIAC iOS and macOS Examiner, exam beta tester & to be taken in September 2023)
- Microsoft - Azure Fundamentals, Career Essentials in Generative AI by Microsoft and LinkedIn, Microsoft Security Operations Analyst (SC-200, currently studying)
- Axelos - ITIL Foundation v4
- Scrum.org - Professional Scrum Master I
- (ISC)2 - CISSP (#478009)
- Atlassian - Jira Fundamentals (257148292)
- Apple - Apple Certified Macintosh Technician ACMT (ITA2BV09) - Expired 2013
Talksgiven
Presented at Thotcon (Chicago 2015), Derbycon (Louisville 2018), Cyphercon (Milwaukee 2023), and CircleCityCon (Online 2023) on topics such as election hacking, RFID security, and Agile for security operations.
Organizationmembership
- OWASP
- ISSA (Chicago Chapter)
- Blue Team Con Staff
Developmentexperience
- Python
- Java
- C
- Pascal
Researchandinvestigation
Independent research and investigation into security subjects of interest.
Technicalskills
Network protocols, TCP/IP, DNS, firewalls, encryption (AES, RSA, PKI), vulnerability scanning, penetration testing, endpoint protection with Trend Micro, Cisco AMP, CrowdStrike, Microsoft Defender, incident response, malware analysis, phishing defense, Microsoft Azure, cloud security, identity and access management (IAM), SIEM tools like Microsoft Sentinel and Google Chronicle, log analysis, incident response automation, Azure DevOps, cloud infrastructure security, macOS, iOS, Windows Server, Linux (Ubuntu), system hardening, mobile device management (MDM) with Jamf, Jamf Protect, endpoint detection and response (EDR) with CrowdStrike, configuration management, forensic analysis with Cellebrite Inspector, MacQuisition, IT service management (ITSM) with ServiceNow, Agile methodology, Scrum framework, project planning, risk management, resource management, workflow automation using Jira, Azure DevOps, CI/CD pipelines, PowerShell scripting, security orchestration, process automation, infrastructure as code (IaC), DevOps best practices, Google Chronicle, Microsoft Sentinel, LogRhythm, Splunk Enterprise, security orchestration and automation (SOAR) with Palo Alto XSOAR, playbook development, automated incident response workflows, Vulnerability management with Qualys, Tenable, threat detection, root cause analysis, incident response playbooks, DDoS defense, digital forensics, encryption technologies (AES, RSA), System troubleshooting, hardware maintenance, endpoint management, encryption protocols, IT infrastructure management, firewall administration
Awards
- SANS SEC504 Capture The Flag Winner - 2017
- Thotcon 0x9 Capture the Flag 4th place - 2018
- Recorded Future CTI Capture The Flag Chicago 3rd Place - 2023
Affiliations
- ISSA
- OWASP
Languages
English
Native or Bilingual
Italian
Native or Bilingual
Polish
Full Professional
Timeline
SENIOR SECURITY ENGINEER
AVIDXCHANGE
01.2023 - 10.2024
SECURITY ANALYST
NORTHWESTERN MEDICINE
08.2018 - 09.2023
Independent Security Researcher
04.2014 - Current
SYSTEM ADMINISTRATOR
LAGOS S.A.S (ITALY)
01.1999 - 03.2014
Bachelor of Science - Cyber Security
Western Governors University
Associate of Applied Science - Computer And Information Sciences
Istituto Tecnico Industriale "Blaise Pascal"
Similar Profiles
Nathan BIGERNathan BIGER
Garde d'enfants at NAGarde d'enfants at NA
Shane JohnShane John
Club Secretary at NAClub Secretary at NA
Feria Fairbrother-OzbekFeria Fairbrother-Ozbek
Apprentice Plumber at NAApprentice Plumber at NA
Zach Tamanini Class of 2026Zach Tamanini Class of 2026
Student Athlete at NAStudent Athlete at NA
David GonzalezDavid Gonzalez
Automotive Technician at Schaumburg FordAutomotive Technician at Schaumburg Ford