Joel Prentice
Lebanon,PA
Summary
Experienced Senior Security Engineer with a keen eye for identifying security vulnerabilities and implementing risk mitigation strategies. Comprehensive knowledge of: virtualization based on Microsoft and VMWare; Linux and Microsoft operating systems and directory management; URL filtering, Malware detection and prevention; Remote access technologies including VPN and RADIUS; Advanced server applications including DNS/DHCP, SQL and PKI; Network monitoring and network management technologies; Switch and Router configuration. Performed penetration testing for risk analysis of environments and new technologies. Provided ad hoc Penetration testing for special projects. Analyzing security incidents, and ensuring compliance with industry standards. Strong focus on team collaboration and achieving measurable results. Dependable, adaptable, and skilled in threat assessment, and incident response.
Overview
9
9
years of professional experience
2
2
Certification
Work History
Security Analyst
E&E Consulting
03.2023 - 09.2025
- Review and remediate SOC alerts in the Rapid7 platform
- Review and remediate phishing emails through the KnowBe4 Platform
- Monitored network traffic for unusual activities and potential threats.
- Documented findings and recommended improvements to strengthen organizational security posture.
- Maintained up-to-date knowledge of emerging threats by attending professional development events and staying informed on industry trends.
- Performed risk analyses to identify appropriate security countermeasures.
- Educated employees on cybersecurity awareness through training sessions, significantly reducing instances of human error-related breaches.
- Conducted regular vulnerability assessments to identify weaknesses and implement appropriate countermeasures.
- Collaborated with IT teams to develop comprehensive cybersecurity strategies, reducing risks from external attacks.
- Managed access controls for sensitive information systems, safeguarding data integrity and confidentiality.
- Implemented multi-factor authentication measures, strengthening overall network defenses against unauthorized access attempts.
- Participated in tabletop exercises simulating cyberattacks, leading to better preparedness for real-world incidents.
- Conducted security audits to identify vulnerabilities.
- Led cybersecurity awareness training sessions, increasing employee understanding of potential security threats and preventive measures.
- Coordinated with third-party security information and event management (SIEM) providers to maintain protections and predict threats.
- Applied Center for Internet Security (CIS) benchmarks to verify performance of ongoing security measures.
Senior Security Engineer
Appalachia Technologies, LLC
08.2019 - 03.2025
- Built out Cyber Security Frameworks for NIST CSF, HIPAA, NIST 800-53, and NIST 800-171
- Preform NIST Cyber Security Framework assessments
- Perform NIST 800-53 assessments
- Perform HIPAA and PCI assessments
- Conduct internal / external and web application penetration tests
- Built the data security program from the ground up
- Led security architecture design for critical infrastructure, enhancing system resilience and compliance.
- Managed incident response protocols, reducing response time to security incidents significantly.
- Developed and implemented security policies, ensuring alignment with industry standards and best practices.
- Conducted vulnerability assessments and penetration tests, identifying weaknesses in systems and applications.
- Mentored junior engineers, fostering skill development and promoting knowledge sharing within the team.
- Collaborated with cross-functional teams to integrate security solutions into existing workflows effectively.
- Evaluated emerging security technologies, providing recommendations to enhance overall security posture.
- Spearheaded risk assessment initiatives, prioritizing threats and implementing mitigation strategies across the organization.
- Established effective cybersecurity awareness training programs for employees, reducing human error-related incidents significantly.
- Assisted in developing business continuity plans, securing critical operations during unforeseen events or disasters.
- Evaluated emerging security technologies and made recommendations for implementation in alignment with company objectives.
- Conducted regular audits of IT infrastructure, ensuring compliance with industry standards and regulatory requirements.
- Reduced risks of cyber attacks by routinely conducting vulnerability assessments and penetration testing.
- Increased efficiency in incident resolution times by automating repetitive tasks through scripting languages such as Python or PowerShell.
- Monitored threat intelligence feeds regularly to stay informed about potential risks, proactively addressing vulnerabilities before they could be exploited.
- Authored security and vulnerability reports, detailing logged incursions and suggesting remediation efforts.
- Created standardized incident response program to outline immediate and consistent remediation of security breaches.
Systems Administrator
Eurofins Lancaster Laboratories
01.2017 - 01.2019
- Validate computer systems handling laboratory data
- Ensure data security as per 21 CFR Part 11 compliance
- Ensure that all laboratory computers met 21 CFR Part 11 compliance
- Perform monthly audits of all laboratory machines to meet 21 CFR Part 11 compliance
- Built Compliance training for 21 CFR Part 11 compliance
- Speak with FDA auditors to ensure machines are adhering to 21 CFR Part 11 Compliance
- Administered user accounts and permissions, ensuring compliance with internal policies.
- Managed system updates and patching processes to ensure optimal performance and security.
- Developed documentation for system configurations, improving knowledge sharing among team members.
- Evaluated new technologies and tools, recommending solutions that align with organizational goals.
- Trained junior staff on best practices for system administration, fostering a culture of continuous learning.
- Managed user access rights to maintain a high level of information security while ensuring appropriate levels of accessibility for authorized personnel.
- Supported the implementation of new technologies by providing technical expertise and training to colleagues as needed.
- Oversaw file system and storage upgrades while safeguarding data integrity and redundancy.
- Secured sensitive data from unauthorized access, meticulously managing user permissions and access controls.
Education
Master of Science - Cloud Computing Architecture
University of Maryland Global Campus
05-2023
Bachelor of Science - Cybersecurity Cyber Operations
Utica University
06.2019
Skills
- Network Security
- Ethical hacking
- Security Standards
- Communication
- Identifying Compliance Issues
- Endpoint security
- Intrusion detection
- Identity and Access management
- Risk mitigation
- Incident response
- Security awareness training
- Security information and event management
Certification
- EC-Council CEH
- eLearnsecurity eCPPT
- eLearnsecurity eJPT
Timeline
Security Analyst
E&E Consulting
03.2023 - 09.2025
Senior Security Engineer
Appalachia Technologies, LLC
08.2019 - 03.2025
Systems Administrator
Eurofins Lancaster Laboratories
01.2017 - 01.2019
Bachelor of Science - Cybersecurity Cyber Operations
Utica University
Master of Science - Cloud Computing Architecture
University of Maryland Global Campus
CORE COMPETENCIES
Security Assessment | Security Protocols | Penetration Testing | Authentication and Access Control | Project Management | Web Application and Browser Security
ADDITIONAL EXPERIENCE
Speaker PA Chamber 3w's of Pentesting '23
Speaker Bloomsburg University 'Bloomcon' '23
Speaker Bsides Harrisburg '20 '22 '23
Speaker CCA Back to School Cyber Awareness '24
Speaker/Round Table Appalachia Advance '24
Similar Profiles
Ramanathan VenkatramanRamanathan Venkatraman
Test Manager at GDS Consulting Ernst & Young Global Consulting ServicesTest Manager at GDS Consulting Ernst & Young Global Consulting Services
Gina M. BlissGina M. Bliss
Founder at Penn Family Pharma Consulting, LLC – Bliss Compliance ConsultingFounder at Penn Family Pharma Consulting, LLC – Bliss Compliance Consulting
Anagha PaulAnagha Paul
Managing Partner at Adar Consulting, previously an affiliate of Rise One ConsultingManaging Partner at Adar Consulting, previously an affiliate of Rise One Consulting
Evelyn SaylorEvelyn Saylor
YOUTH WORKER at Bethany Children's HomeYOUTH WORKER at Bethany Children's Home
LIANNE BRANDT-NOLANDLIANNE BRANDT-NOLAND
Pharmacy Technician at Rite AidPharmacy Technician at Rite Aid