Raymond Gomez
Yucaipa,CA
Summary
A Cybersecurity professional who shows considerable adaptability to new and emerging threats. An engineer that has delivered security deployments and initiatives with technical competence, while accomplishing a professional persona with the business. Ask me about Security Awareness, D&R, SOAR or how I was able to provide logs from over 5000 workstation, servers and network devices to our SIEM for AI telemetry and correlation.
Overview
6
6
years of professional experience
1
1
Certification
Work History
IT Security Engineer II
Stater Brothers Markets
2021.11 - Current
- Security, Orchestration, Automation and Response
- Manage industry leading SOAR solution to automate Phishing, Malware and Data security alerts to reduce MTTR.
- Create playbooks by integrating security and network solutions, automate actions to reduce Security Analyst process to remediation by 65%.
- Reduce false positive Phishing alerts to 80% by automating investigation and low level remediation's.
- By leveraging a SOAR solution I was able to migrate all security alerts that were once emails, to our ITSM platform for detailed and/or executive summary reports. - SecOps and Threat Response
- Lead Engineer for project to collect logs from over 5000 endpoints and network devices for SIEM telemetry.
- Triage email, malware and network related security alerts/reports notified by our security applications/appliances.
- Using the MITRE ATT&CK framework, I create a narrative of the reported threat to identify adversaries.
- Gather and analyze threat data from system logs, browser data, network analyzers, vulnerability scanners etc. to correlate events.
- Architect an on-premise and cloud email security solutions for a vendor diversity environment.
- Leverage IPS, HIPS, IDS, HIDS, endpoint security, firewalls to investigate and remediate threats.
- Process suspected threat objects through our sandbox application for analysis to provide a verdict.
- Provide mitigation techniques and detailed conclusions to all true positive threats reported by our security appliances.
- Work with client technicians to schedule imaging of compromised workstations and servers.
- Provide analytics for quarterly meetings to showcase and improve security posture. - Endpoint Security Management
- Manage Enterprise Endpoint Security solutions to secure over 4000 endpoints and servers.
- Carefully create host policies to deliver an endpoint agent that does not hinder business functions.
- Configure, schedule and deploy endpoint security agent with the business to ensure a secure and non-disruptive implementation.
- Work closely with security vendors to carry through upgrades and migrations for on-premise and cloud solutions.
IT Security Analyst I
Stater Brothers Markets
2019.12 - 2021.11
- Security Awareness Training
- Developed a security awareness training program for all 18,000 employees including executives.
- Originated interactive activities for Cybersecurity Awareness Month, World Password Day etc. (games, prizes etc.)
- Deployed an Outlook Report Phish button to allow users to report Phishing attempts.
- Continue to educate our organization on present day vulnerabilities using a user centric platform.
- Monthly on-going Security Awareness video training for all users in our organization.
- Enroll new users with Core video training to provision workers with technology usage.
- Test user training by conducting phishing campaign simulations to provide reports to executives. - Incident Response Planning
- Create, organize, and modify IR playbooks for organizational threat vectors.
- Using Visio, I diagram IR workflows on common threats vectors. (Phishing, DDoS, Lost devices etc.)
- Organize meetings to discuss responsibilities for each team, in each stage of the IR workflow.
- Perform table top exercises with the business to test IR playbooks
- Work with client technicians to schedule imaging of compromised workstations and servers. - PCI-DSS
- Integral team member for helping pass a yearly level 1 merchant PCI audit.
- Organize and collect evidence for the QSA to confirm our PCI compliance.
- Update company policies to guarantee compliance with Payment Card Industry Standards.
- Collaborate with Penetration Testing vendors to perform internal and external evaluation. - DNS and Web Security
- Review requested websites by evaluating the SSL encryption, DNS reputation, sandbox review including TCP streams and DNS traffic, process created and registry activity.
- Troubleshoot blocked URL requests by inspecting the TCP headers on the browser to find a solution. - Identity Management
- Reduced time to closure for onboarding and access request tickets by 60% by carefully crafting workflows and forms.
- Grant access to new and existing users using Active Directory with Role-Based Access Control.
- Assess risk for email, web, server, application access requests through our ITSM platform.
IT Field Support Engineer II
Stater Brothers Markets
2019.06 - 2019.12
- Walked clients and internal staff through troubleshooting steps to resolve common software issues.
- Performed onsite installation, modification and maintenance of systems and equipment.
- Disassembled and reassembled complex machinery to repair or replace worn or malfunctioning components.
- Repaired and calibrated systems and equipment post-installation.
IT Field Technician II
Stater Brothers Markets
2018.04 - 2019.06
- Communicated with customers to provide updates, gather information and resolve issues.
- Provided supervisor with report progress, discuss issues and seek guidance.
- Collaborated with other field technicians to resolve complex technical issues.
- Delivered high-quality work by diligently following standard operating procedures.
- Prioritized and managed multiple tasks and projects to meet deadlines and enhance customer satisfaction.
Education
Bachelor of Science - Information Technology - Cybersecurity
California State University - San Bernardino
San Bernardino, CA06.2019
Skills
- Endpoint Security Management
DNS and Web Security Policies
Cybersecurity Awareness Phishing Campaigns
Email Security
Vulnerability Management & Remediation
Data Security/Privacy
Business Relationship Interpersonal Skills
NIST: Incident Response Planning
Security Operations Case Management
SOAR - Playbooks
Proactive Threat Hunting
Firewall, Web and DNS Log Review
Certification
- CompTIA Security+ ce Certification - Current
- Cisco Certified CyberOps Associate - Current
- Palo Alto - Cortex XSOAR: SOAR Engineer Training
- Palo Alto - Cortex XSOAR: Analyst Training
- Malwarebytes Endpoint Detection & Response Fundamentals
- Malwarebytes Incident Response Fundamentals
- Malwarebytes Endpoint Protection Fundamentals
Affiliations
InfraGard Member - Los Angeles Chapter
- InfraGard is a partnership between the Federal Bureau of Investigation (FBI) and members of the private sector for the protection of U.S. Critical Infrastructure. Through seamless collaboration, InfraGard connects owners and operators within critical infrastructure to the FBI, to provide education, information sharing, networking, and workshops on emerging technologies and threats. —all dedicated to contributing industry-specific insight and advancing national security.
Timeline
IT Security Engineer II
Stater Brothers Markets
2021.11 - Current
IT Security Analyst I
Stater Brothers Markets
2019.12 - 2021.11
IT Field Support Engineer II
Stater Brothers Markets
2019.06 - 2019.12
IT Field Technician II
Stater Brothers Markets
2018.04 - 2019.06
Bachelor of Science - Information Technology - Cybersecurity
California State University - San Bernardino