Summary
Overview
Work History
Education
Skills
Accomplishments
Certification
Timeline
Generic
Craig Durham

Craig Durham

Anaheim,Ca.

Summary

Cyber Security Analyst with extensive technical experience in Network and Internet work design, reengineering, system integration, testing and troubleshooting, with an emphasis on strategic and evolving technology assessment and hands on management. Over 15 years of experience managing/administrating Checkpoint Firewall v.65 to v. Trusted Network Security Engineer with 30 years protecting companies against bad actors who disrupt business operations. Serves as primary safeguard against external threats. Educates colleagues on best practices and network safety protocols. Protects networked assets through both preventive and reactionary measures. Proactive Security Engineer adept at predicting and disrupting intrusion attempts. Pioneers novel network security measures to combat emerging threats. Maintains proven track record of utilizing both education and technological solutions to fortify companies against malicious exploitation and data breaches.

Overview

35
35
years of professional experience

Work History

Senior Information Security Engineer

Pyramid Consulting – Centene Corporation
11.2022 - 11.2023
  • Senior Security Engineer is a key member of a team of security experts providing security platform management and operations expertise to protect Centene Corporation Enterprise
  • Team manages network security on-prem
  • Senior Security Engineer’s role is to provide operational security solutions that would enable success of IT and business initiatives
  • This role will interact with business customers, auditors, third parties, vendors, as well as IT groups across company
  • Responsibilities will include managing initiatives and providing technical expertise
  • Essential Functions
  • Authenticated and authorized vulnerability scanning of a hybrid enterprise across a variety of technologies and environments to determine high risk vulnerabilities to business assets
  • Investigate, recommend, evaluate, deploy and integrate security tools and techniques to improve ability to protect corporate assets and infrastructure
  • Participated in technical risk assessments and security exposure analyses of systems, networks and business applications
  • Keep up to date on new Cyber Security trends and threats
  • Advise on issues and recommend proactive measures
  • Assist in defining and implementing Information Security technologies and/or processes required into corporate frameworks
  • Interact with internal and external clients on security requirements, identify security processes and develops strategies/solutions to security issues while maintaining tight security discipline
  • Develop test plan and implement rigorous testing prior to rollout of new systems into production environment
  • Regularly interacts with senior management and peers in other departments for purposes of gaining cooperation, exchanging technical information, and presenting project plans and reports.
  • Managed relationships with external vendors, ensuring timely delivery of services while maintaining compliance with industry standards.
  • Designed secure system architectures that minimized attack surfaces while still allowing necessary business operations.
  • Conducted regular risk assessments to identify areas of vulnerability and recommend appropriate mitigation strategies.
  • Optimized firewall configurations for maximum protection without sacrificing network performance or functionality.
  • Mentored junior team members in information security concepts and techniques, helping build a strong pipeline of future talent for organization.
  • Implemented robust security measures for protecting sensitive data and preventing unauthorized access.
  • Developed comprehensive information security policies, procedures, and guidelines to ensure a secure environment.
  • Optimized network performance through effective monitoring and troubleshooting of security devices.

Senior Information Security Engineer

First American Financial Corporation
01.2021 - 11.2022
  • The Senior Security Engineer is a key member of a team of security experts providing security platform management and operations expertise to protect the First American Enterprise
  • The team manages network security both on-prem and in the cloud (Azure, AWS, GCP, and OCI)
  • The Senior Security Engineer’s role is to provide operational security solutions that would enable the success of IT and business initiatives
  • This role will interact with business customers, auditors, third parties, vendors, as well as IT groups across the company
  • Responsibilities will include managing initiatives and providing technical expertise
  • Essential Functions
  • Authenticated and authorized vulnerability scanning of a hybrid enterprise across a variety of technologies and environments to determine high risk vulnerabilities to business assets
  • Investigate, recommend, evaluate, deploy and integrate security tools and techniques to improve our ability to protect corporate assets and infrastructure
  • Participated in technical risk assessments and security exposure analyses of systems, networks and business applications
  • Keep up to date on new Cyber Security trends and threats
  • Advise on issues and recommend proactive measures
  • Assist in defining and implementing Information Security technologies and/or processes required into corporate frameworks
  • Interact with internal and external clients on security requirements, identify security processes and develops strategies/solutions to security issues while maintaining tight security discipline
  • Develop test plan and implement rigorous testing prior to rollout of new systems into the production environment
  • Regularly interacts with senior management and peers in other departments for purposes of gaining cooperation, exchanging technical information, and presenting project plans and reports
  • Required to perform duties outside of normal work hours based on business needs.
  • Managed relationships with external vendors, ensuring timely delivery of services while maintaining compliance with industry standards.
  • Designed secure system architectures that minimized attack surfaces while still allowing necessary business operations.
  • Evaluated new technologies for potential integration into the existing security infrastructure, ensuring optimal protection against emerging threats.
  • Optimized firewall configurations for maximum protection without sacrificing network performance or functionality.
  • Collaborated with cross-functional teams to develop enterprise-wide security initiatives, reducing overall risk exposure.
  • Mentored junior team members in information security concepts and techniques, helping build a strong pipeline of future talent for the organization.
  • Strengthened company''s cybersecurity posture by identifying and remediating vulnerabilities in software, hardware, and networks.
  • Streamlined the vulnerability management process by automating routine tasks and providing actionable insights on prioritized risks.
  • Worked with teams to develop company-wide information assurance, security standards and procedures.
  • Coordinated with third-party security information and event management (SIEM) providers to maintain protections and predict threats.

Senior Information Security Engineer

Alignment Healthcare
07.2020 - 01.2021
  • Contributes to the daily operational aspects of the Information Security Team, primarily from a technical implementation perspective
  • Perform annual HITRUST compliance reviews
  • Perform Risk Assessment on all Third Party vendor services
  • Create and update Compliance policies and procedures as needed
  • Assists with break/fix of tools and automation that are owned by the Information Security Team
  • Works with internal and external customers on a variety of issues, from a simple security review of a mundane and routine ask, to a complex deep dive into a new feature implementation in O365, Azure, or AWS
  • Balances operational work (approximately 70% of the day) to help meet team SLAs, and project work (approximately 30% of the day) to meet assigned team deliverables
  • Contributes to the design, implementation, and documentation of new security tools
  • Collaborates with other internal information technology teams (networking, cloud, traditional architecture, developers, and data scientists) to support internal and external systems
  • Utilizes scripting and DevOps to provide automation and orchestration between:
  • Information security tools, such as the SIEM (Logstash, FortiSIEM, IBM QRadar, Trellis, McAfee, Qualys.);
  • Endpoint protection (Symantec, McAfee, Cylance, CrowdStrike Falcon, etc.);
  • Vulnerability scanners (Rapid7, Nessus, etc.);
  • Patch management (SCCM, Altiris, PDQ, etc.);
  • Other applications(Trellis, McAfee, Firemon;
  • OS’ (Windows, MacOS, Linux, iOS, Android);
  • Cloud platforms (AWS, Azure); and
  • IAM platforms (Active Directory, Okta, Auth0, PingIdentity, SAML, OIDC)
  • Clearly documents designed automation and system relationships
  • Contributes and participates in the Information Security Team daily stand-ups and other meetings as necessary
  • Participates in regular reporting, maintaining accountability and transparency within the Information Security Team
  • Remains current on industry trends in cyber risk with industry standards (ISO 27001/2, NIST, CIS) and regulatory requirements (HIPAA, HITECH, HITRUST, etc.)
  • CrowdStrike Falcon: Implement, administer and maintain application
  • Create and run scans, reports and manage remediation of vulnerabilities.
  • Managed relationships with external vendors, ensuring timely delivery of services while maintaining compliance with industry standards.
  • Designed secure system architectures that minimized attack surfaces while still allowing necessary business operations.
  • Conducted regular risk assessments to identify areas of vulnerability and recommend appropriate mitigation strategies.
  • Supported regulatory compliance efforts by ensuring adherence to relevant laws, regulations, and industry best practices.
  • Developed comprehensive information security policies, procedures, and guidelines to ensure a secure environment.
  • Led efforts to achieve certification in various cybersecurity frameworks, demonstrating the organization''s commitment to securing its systems and data.

Security Analyst II

Opus Bank
04.2019 - 07.2020
  • Reporting to the FVP of IT Security and Compliance, supporting daily IT Security operations includes performing technical tasks on systems owned and managed by the team
  • The IT Security Analyst will support and maintain the Bank’s information technology security environment as well as work with vendors and internal staff to identify and troubleshoot security issues
  • The analyst will provide first & second level security monitoring and analysis and address information security alerts and events
  • Responsibilities
  • Monitor server logs, firewall logs, intrusion detection logs, and network traffic for anomalous and suspicious activity
  • Interpret activity and make recommendations for resolution and/or prevention
  • Make recommendations to improve the security posture of the organization through the implementation of new technology or through modification of existing configurations
  • Manage and maintain security systems and their corresponding or associated software, including intrusion detection systems, Network Access Control, Antivirus, Web Application Firewall, and SIEM
  • Keep current with emerging security issues, trends, and tools
  • Assist with Security Awareness activities including employee awareness training and internal phishing campaigns
  • Assist with vulnerability management program including internal and external penetration tests, vulnerability scanning, and vulnerability remediation efforts
  • Assist with gathering IT security metrics to measure the effectiveness of the security program.
  • Provided safety reports and data analysis to building managers to inform security processes.
  • Outlined and maintained security patching schedule to efficiently address ongoing system issues.
  • Streamlined incident response procedures for quicker threat mitigation and improved system uptime.
  • Coordinated incident response efforts across multiple departments, fostering teamwork in resolving complex issues effectively.
  • Developed plans to safeguard computer files against modification, destruction, or disclosure.
  • Designed secure infrastructure solutions in collaboration with the IT team, minimizing vulnerabilities from outdated or misconfigured systems.
  • Participated in tabletop exercises simulating cyberattacks, leading to better preparedness for real-world incidents.
  • Completed vulnerability scans to identify at-risk systems and remediate issues.
  • Maintained up-to-date knowledge of emerging threats by attending professional development events and staying informed on industry trends.
  • Collaborated with IT teams to develop comprehensive cybersecurity strategies, reducing risks from external attacks.
  • Performed risk analyses to identify appropriate security countermeasures.
  • Analyzed log files for anomalies, identifying potential intrusions or malicious activity before significant damage occurred.

Cyber Info Assurance Analyst

Northrop Grumman
04.2015 - 03.2019
  • Provide technical leadership and vision in developing and performing security controls risk assessments of programs, environments, applications, and assets throughout the company
  • Select, configure and maintain applications and devices to support vulnerability scanning, penetration testing, and other technical testing of security controls
  • Review security related regulations and controls such as DoD 8500 Series, NIST 800-53, NIST 800-171, OSSTMM, and others to determine how to leverage within Northrop Grumman
  • Participate in tiger teams as a risk subject matter expert to ensure risk is considered in recommendations to senior leadership.

Perimeter Security Engineer

Northrop Grumman
03.2010 - 04.2015
  • Provide support to all Northrop Grumman Enterprise Point of Presence (EPOP) firewall rule-based elements for internal and external customers at all locations, with focus on fulfilling requirements for firewall updates
  • Requirements include analysis, evaluation and documentation of customer requirements and providing a standard EPOP firewall rule-based infrastructure
  • Implement, manage and maintain Checkpoint firewalls to support EPOP’s for Northrop Grumman
  • Administrate and troubleshoot firewall rulebase for Checkpoint firewalls and Cisco ASAs
  • Perform quarterly rule-based validation on Checkpoint firewalls
  • Maintain and manage Firemon application used to pull statistical data from Checkpoint firewalls and Cisco ASAs
  • Perform Enterprise Security Services responsibilities to oversee the management of the NGC Enterprise firewalls per approved NGC Policies, Procedures and Work Instructions
  • Primary responsibilities include development and support of the EPOP firewalls for NGC and providing assistance, guidance and recommendations for network design reviews and audit support
  • Good technical background and troubleshooting skills are required in the above-described areas with broader technical skills a bonus
  • This position includes a high degree of direct customer interface requiring excellent interpersonal, communication and diplomacy skills
  • Complete status reports and management data calls within requested timeframes and with appropriate quality.

Senior Network Infrastructure Engineer

Northrop Grumman
03.2004 - 03.2010
  • Provide Network Engineering support to all Northrop Grumman operating elements and external customers at all locations in fulfilling their requirements for designing Widearea (WANs), Local area (LANs) and Metropolitan area networks (MANs)
  • Analyze, evaluate and document customer requirements to provide a standard network infrastructure
  • Develop cost analysis, design packages, bill of materials, project schedules and design reviews for all assigned projects
  • Provide network documentation (CN's, Network Diagrams, SnowCat updates, Cisco Equipment database) on all assigned projects and 3rd level network troubleshooting and restoration where needed and when applicable
  • (Provide Network Engineerig support to customers for all firewall/networking support

Senior Network Engineer

Northrop Grumman
03.2003 - 03.2004
  • Develop, implement, and maintain effective, reliable and secure voice and data communications systems, including voice and data communications network hardware and software technology, to meet business requirements
  • Define, analyze and evaluate business requirements, identify appropriate technical solutions, coordinate people and activities, manage people, costs and/or budgets, and vendors, solicit other technical requirements and impacts, and provide project management
  • Perform systems design, testing, prototyping, and performance analysis
  • Develop systems and processes using various computer programming languages and tools
  • Develop and implement documentation, training, and process instructions
  • Maintain data integrity and systems security
  • Enhance technical, customer service, and business skills
  • Provide team leadership, peer training, and other assistance as needed.

Education

BS - Information Technology

University of Phoenix
Phoenix, Az

MSM - Information Security

Colorado Technical University
Colorado Springs, Co

MBA - Information Systems

Colorado Technical University Colorado Springs

Skills

  • 80
  • Palo Alto, and Cisco ASA appliances This included configure, install firewall appliances, administer firewall rules on Checkpoint and Cisco ASA devices and troubleshoot firewalls as needed Manage security applications: Rapid7, Fireeye, Firemon, Algosec, Xpanse, Splunk and others as needed SME on various products that support native encryption, FRP, HIPS, DLP, Move, TIE, ATD, ATP, ENS, Firewall, Web Control, Application Control and VSE engines, native drive encryption, drive, and removable media encryption etc
  • Security Architecture
  • Threat Modeling
  • Security Training
  • Vulnerability Management
  • Malware Analysis
  • Compliance Auditing
  • Intrusion Detection
  • SIEM Management
  • Incident Response
  • Security Policies
  • Network Security
  • Patch Management
  • Endpoint Security
  • Risk Assessment
  • SIEM Provider Management
  • Firewall Installation
  • Port Security Knowledge
  • IP Addressing and Subnetting
  • Incident Logging Oversight
  • BYOD Program Implementation
  • Network Security Management
  • Security Issues Troubleshooting
  • Security Assurance
  • Security Needs Assessment
  • Vulnerability Assessment

Accomplishments

  • CERTIFICATIONS:
  • MCP, SSCP; Security+;

Certification

  • Comptia Security+
  • ISC2 SSCP

Timeline

Senior Information Security Engineer

Pyramid Consulting – Centene Corporation
11.2022 - 11.2023

Senior Information Security Engineer

First American Financial Corporation
01.2021 - 11.2022

Senior Information Security Engineer

Alignment Healthcare
07.2020 - 01.2021

Security Analyst II

Opus Bank
04.2019 - 07.2020

Cyber Info Assurance Analyst

Northrop Grumman
04.2015 - 03.2019

Perimeter Security Engineer

Northrop Grumman
03.2010 - 04.2015

Senior Network Infrastructure Engineer

Northrop Grumman
03.2004 - 03.2010

Senior Network Engineer

Northrop Grumman
03.2003 - 03.2004

BS - Information Technology

University of Phoenix

MSM - Information Security

Colorado Technical University

MBA - Information Systems

Colorado Technical University Colorado Springs

Similar Profiles

  • Sirisha Bachina

    Sirisha BachinaSirisha Bachina

    Oracle RAC/Goldengate/Cloud DBA at AT&T Services, Inc (Indotronix International Corporation & Pyramid Consulting)Oracle RAC/Goldengate/Cloud DBA at AT&T Services, Inc (Indotronix International Corporation & Pyramid Consulting)

  • Sherrie Baykowski

    Sherrie BaykowskiSherrie Baykowski

    Customer Service Representative at Pyramid ConsultingCustomer Service Representative at Pyramid Consulting

  • Araceli Alvarez

    Araceli AlvarezAraceli Alvarez

    Care Management Support Coordinator II at Pyramid Consulting, LLCCare Management Support Coordinator II at Pyramid Consulting, LLC

  • RICO BOYKIN

    RICO BOYKINRICO BOYKIN

    LTL Truck Driver at Lee Jennings Target ExpressLTL Truck Driver at Lee Jennings Target Express

  • Gary Pagdilao

    Gary PagdilaoGary Pagdilao

    RN – CLINICAL INSTRUCTOR at Chaffey CollegeRN – CLINICAL INSTRUCTOR at Chaffey College

CREATE PROFILE
Craig Durham