Jason Oberschmidt

• Support EFX's comprehensive efforts to detect and respond to emergent cyber-threats.
• Designs and deploys technical countermeasures to combat identified vulnerabilities and malicious attackers.
• Create and implement custom Proxy, HIPS, NIPS, and/or DLP rule sets in order to further protect the enterprise.
• Manage and implement network and security tools to support incident response
• Implement controls to identify new attack TTPs and mitigation techniques in support of daily operations and strategic program support and development
• Compile metrics and reports in support of CTC program objectives and priorities
• Develop and refine use-case scenarios for new and existing analytical tools
• Support CTC specific activities for day to day operations
• Partner with internal subject matter experts (SOC/Threat Resistance/Investigations) to aide in interdicting active threats
• Enrich team value by sharing knowledge

- Develop integrations, playbooks and other content for SOAR platform.
- Knowledge resource for tools such as FireEye Hx, Endgame, Splunk, Carbon Black and CrowdStrike Falcon
- Projects to develop and increase analyst workflow, knowledge and capability for new services and tools.

• Identify malicious threat actors, thwart hackers, and prevent data breaches as a security advocate for clients on a 24x7x365 threat intelligence center (TIC) team
• Perform highly detail-oriented work that involves conducting security threat analysis and working with clients to provide remediation strategies and guidance
• Validate and characterize threats and collaborate with others, as needed, and perform daily incident detection and response operations, collect host-based artifacts, and perform forensic analysis to determine if the asset has been compromised
• Identify compromised computers using logs, live response, and computer centric evidence sources and form accurate and precise real-time host-centric analysis, including live response, digital forensics, malware analysis, log-centric analysis, and security information and event management (SIEM), as needed
• Provide input on new detection strategies and remediation guidance to clients, analyze and assess security incidents, and escalate to client resources, appropriate teammates, and internal teams for additional assistance
• Present analysis to other analysts for review, fine tuning, and feedback, work with the threat intelligence team to fine tune signatures, and assist the incident response team with the incident response process
• Improved Alerting Process through rule tuning and live monitoring resolutions.

-Support the desktop environment.
-Performed routine maintenance, installation, troubleshooting, and repair of various types of computer equipment.
-Installed, configured, and troubleshooted peripheral products including printers, scanners, and media drives.
-Provided technical assistance to end-users.
-Ordered and stocked peripheral supplies and hardware components, that were subject to approval.
-Assisted with the installation of network, server,phone and cell phone equipment.
-Installed and configured PC software applications.·
-Effectively identifying , diagnosing and finding effective solutions to problems related to computer hardware and software.

-Developed plans to safeguard computer files against modification, destruction or disclosure.

-Monitored computer virus reports to determine when to update virus protection systems.

-Recommend improvements in security systems and procedures.