David Miller

Cloud Access Security Broker – manage Microsoft Defender for Cloud Apps (MDCA) infrastructure and services – Shadow IT, 3rd party SaaS integration

• Monitor Internet activity for over 150,000 Comcast employees
• Integrated MDCA event alerting with enterprise SIEM for incident response
• Implemented SaaS application monitoring for Office 365, Slack, Box, Salesforce and ServiceNow
• Implemented conditional application access in conjunction with the enterprise endpoint teams, to control activity originating from non-compliant systems
• Previously deployed and managed Symantec (Broadcom) CloudSOC CASB
• Work closely with DLP team to coordinate DLP activities and tasks related to cloud data

Enterprise Encryption Key Management - manage daily operations and provide implementation support for Comcast's Safenet/Gemalto Keysecure and Ciphertrust Manager enterprise key management infrastructure

• Key management supports over 150 endpoints to provide application, database and file/folder encryption solutions
• Primary customers are Comcast's PCI scoped applications such as payment services
• Infrastructure is in Comcast primary data centers, is highly available and supports FIPS 140-2 Level 3 requirements for tamper resistance

• Senior security resource leading initiatives for multibillion-dollar laboratory supply and distribution company including:
• Change Management: Implemented Tripwire Enterprise for network device change management and compliance
• Cloud Access Security Broker (CASB) implementation and operation: Implemented Netskope's Active CASB and DLP platform
• Cloud application discovery, DLP for General Data Privacy Regulation (GDPR) compliance in 2018
• Threat analytics: Redseal threat analytics platform, network modeling, security analysis, compliance
• Vulnerability management: Qualys vulnerability management platform, network discovery, vulnerability scanning, analysis, remediation
• Security Incident and Event Management: Logrhythm SIEM - Log analysis, incident response, investigations, monitoring, alerting and reporting
• Network security: Cisco Firepower IPS systems, Cisco Meraki edge security appliances
• Regulatory compliance: NIST 800-171/DFARS compliance activities related to Controlled Unclassified Information, GDPR
• Security consultation: Consult with various groups on information security requirements and standards for acquisition and global Web development teams
• Security awareness and training: wrote weekly security blogs, developed training modules, participate in corporate anti-phishing initiatives
• Leadership: Lead small team of four individuals to provide vulnerability management, SIEM, threat analytics and change monitoring
• Mergers and acquisitions: Lead security implementations for acquired companies; lastly lead security implementation for major corporate merger with Avantor Corp

• Senior security resource leading initiatives for a multi-billion-dollar energy company including:
• Datacenter transition to Amazon Web Services (AWS): Information security technologies related to cloud-based services, Logrhythm logging and monitoring, Safenet EC2 encryption and key management, AWS security and network groups, AWS Linux and Windows systems security
• Cloud Access Security Broker (CASB) implementation and operation: Implemented Skyhigh Networks encryption proxy to encrypt data at rest in cloud applications such as Service Now
• Implemented Skyhigh Networks 'shadow IT' cloud analysis, anti-malware, and reporting tools
• NERC-CIP power industry critical infrastructure protection standards: Technology implementations to secure Talen's Generation Management Systems - Logrhythm logging and monitoring, Bit9 (Carbon Black) anti-malware platform, Nessus vulnerability scanning, Leidos Industrial Defender network security and compliance appliances and systems
• NERC-CIP policies and procedures
• NERC-CIP audit preparation - cyber security testing, evidence collection, compliance monitoring
• SOX compliance activities: SOX compliance assessments on new business information system implementations
• Technology implementations to support SOX compliance controls (database monitoring, logical access controls)

• Compliance analyst leveraging Security Assurance for the Federal Reserve (SAFR) program
• Assessed Bank IT initiatives' security compliance against SAFR program, based on NIST 800-53
• Participated in audits of system and application compliance with SAFR program
• Security awareness: Wrote security awareness articles for regular publication in Bank IT newsletter

• Served as primary source of strategic and tactical information security, compliance, risk innovation, and direction
• Maintained and promoted process and technology roadmaps pertaining to information security and compliance
• Identified information security trends
• Conducted proofs of concept of information security solutions and systems
• Risk Management: Successfully assess information security risks and impacts for business initiatives in close cooperation with business and technology stakeholders
• Develop risk and control framework based on SANS Top 20 security controls and NIST special publications
• Project Management & Leadership: Lead penetration testing activities and remediation for enterprise assessments and as part of American Water's system implementation methodology
• Security Assessment: Led PCI compliance assessment and enterprise-wide information security program assessment based on DHS CSET and industry best practices
• Compiled results with corresponding risks and mitigation steps for presentation to management
• Participated in internal audits of information security systems and practices
• Accomplishment: Led security assessment activities related to large enterprise SAP implementation including vendor management, findings analysis and issue remediation

• Transformed security and compliance group with below-par reputation into integral corporate resource
• Selected, mentored, developed top talent, doubling department size
• Maximized team productivity leading simultaneous security technology enhancements: web filtering software implementation that reduced workstation rebuilds, security request system replacement with system recognized by Operational Excellence Team, consolidation of five 24/7 operation centers into two, and SCADA facilities relocation
• Increased department capacity for company-wide consultation and facilitated 3,000+ security requests per year utilizing advanced triaging capabilities
• Leveraged NERC CIP, and SOX compliance expertise to create, modify, and implement security control activities as well as policies, standards, and documentation framework, resulting in auditor praise and achieving audit success where others failed
• Implemented Managed Security Service Provider services along with necessary policies, standards and procedures

• Led effort to replace PPL meter reading systems for 150 substations with 'wire line' meter reading technology
• Oversaw two major network infrastructure implementations, upgrades, and enhancements involving VPN and Dense Wave Division Multiplexing systems
• Managed managed external vendor relationships while establishing VPN with customized security considerations as part of automated meter reading deployment
• Implemented and deployed 'reverse' VPN technology to support vendor communications from various corporate locations
• Built third-party extranet environment for business partner access to key applications requiring VPN technology upgrade