Daren Austin

Responsibilities:

• Primarily responsible for securing Google Cloud Platform (GCP) environment spanning over 200 projects and 1,000 virtual machines.
• Implemented various tools for continuous cloud security posture management, significantly enhancing visibility and control over GCP assets.
• Integrated comprehensive log management into a centralized SIEM for real-time anomaly detection.
• Collaborated with cross-functional teams to implement security best practices in GCP.
• Developed custom detection rules in the SIEM for monitoring and identifying high-risk activities within various systems resulting in early detection of potential security threats.

Responsibilities:

• Developed and managed vulnerability scanning tools using both Nessus and Alertlogic, and worked with the findings to remediate issues across hundreds of EC2 and on premise instances, and AWS misconfigurations
  
• Implemented static and dynamic code scanning tools for all apps, using Gitlab SAST and Nesssus
• Developed tools to monitor security events, and send data to Datadog to create dashboards and alerting.
  
• Increased our security scorecard from a 68 to a 93
  
• Evaluated multiple docker scanning tools, and implemented docker image scanning using Trivy.
• Assisted in successfully passing our ISO 27001 audit.
  
• Implemented and managed a DLP solution to help secure HIPAA data
  

Responsibilities:

• Managed Instructure’s vulnerability disclosure program in coordination with BugCrowd. Triaged 50+ findings per month across multiple technology teams and within 4 distinct environments. Additionally, managed the findings with team members to ensure appropriate remediation.
• Developed and managed the configuration and implementation of both dynamic and static internal vulnerability scanning tools across several teams at Instructure using both Rapid7 InsightVM and Nessus.
• Assisted with configuring and implementing both dynamic and static code scanning tools using Checkmarx, Snyk, and Rapid7 InsightAppsec.
• Managed vulnerability findings across thousands of instances across multiple AWS accounts using Trusted Advisor and GuardDuty, and remediated any findings across multiple Instructure teams.
• Performed and managed the evaluation of 5+ docker scanning tools to determine which tools were the most efficient and appropriate for Instructure’s environment
• Developed Instructure-wide SIEM dashboarding and alerting using both Sumo Logic, and Splunk. Monitored alerts and worked with Instructure-wide teams to re-mediate findings.

Responsibilities

• Developed and Managed an AWS environment in less than 6 months to ensure the environment is scalable, cost effective, and secure.
• Developed an environment that received PCI compliance certification and compliant with HIPAA guidelines by working with multiple company teams to ensure remediation with these security standard frameworks.
  
• Deployed and managed various tools like OpenVAS, and Qualys Community to test for vulnerabilities with systems.
• Used tools like Burp suite and ZAP to look for vulnerabilities in the web application.
  
• Used MobSF to discover vulnerabilities in the mobile applications.
• Evaluate security risks, and work with development teams to solve the issue, and deploy a fix within 3 months.
• Deployed and managed an ELK stack and Graylog to monitor 3 environments for abnormalities, and work with development teams to triage issues as needed.
• Developed and administered information technology security training to 100+ people using Gophish on a quarterly basis. This training included, phishing simulations, and demonstrations on email phishing techniques, and how to protect yourself, and the company. After the training was administered, email phishing simulations dropped from a 90% click / open rate to a 20% click / open rate.
  

Responsibilities

• Deployed and managed Nessus for internal vulnerability scanning, and Qualys for external vulnerability scanning on systems. I worked with 3 different teams to report, evaluate and deploy a fix.
• Developed and administered company-wide PCI compliance training to 100+ people within the company. The training consisted of the following security domains: Protecting cardholder data, Updating systems and anti-virus software, Encrypting sensitive information.
  
• Evaluate findings in Nessus monthly, investigate viable fixes, and create a plan with my team how to apply a fix.
• Work with a team were were able to build a highly available environment with 99.99% uptime.
• Participated and executed a role in the Incident Response Team as a security analyst. I would research the time and details of an incident, and collect more information.
• In collaboration with the lead architect, designed and implemented a data center and on premise type of infrastructure for our company that was compliant with security standards for PCI Level 1.
• Team lead on the Security team with managing our relationship with auditors conducting our PCI Level 1 audit. This including working with auditors, leadership, and internal infrastructure and application teams to ensure all audit evidence was sufficient for PCI standards.

Responsibilities

• Deployed and managed Nessus for internal vulnerability scanning, and Qualys for external vulnerability scanning on systems. I worked with 3 different teams to report, evaluate and deploy a fix for triaged findings.
  
• As a Systems and Security engineer I would apply patches and updates to Windows and Linux servers.
  
• Used GFI Languard for patch management on Windows servers to ensure they were always up to date.
  
• Managed patch management on a monthly basis of Linux servers on both Debian and Redhat based systems.
• Used Nagios and Icinga to monitor systems and network devices for issues, and respond to issues immediately
• Support for internal systems like Domain Controllers and Email servers to ensure they were functioning properly
• Participated and executed a role in the Incident Response Team as a security analyst. I would research the time and details of an incident, and collect more information.
• Team lead on the Security team with managing our relationship with auditors conducting our PCI Level 1 audit. This including working with auditors, leadership, and internal infrastructure and application teams to ensure all audit evidence was sufficient for PCI standards.