Summary
Overview
Work History
Skills
Education
Affiliations
Current Certifications
Training
Skills Technologies
Timeline
Generic

Joey Prestia

Security Architect
Payson,Arizona

Summary

Hands-on Cloud Security Engineer with 8+ years securing large-scale AWS environments at an enterprise level. Deep expertise in hardening AWS accounts, shifting security left through CI/CD pipeline protections, reference architectures, automated golden-image vulnerability scanning, cloud-native detection and response, centralized logging and identity correlation, and Linux hardening to PCI DSS and SOX standards. Proven track record of designing, implementing, and operationalizing security controls that reduce risk and accelerate secure delivery.

Overview

15
15
years of professional experience
1
1
Language

Work History

Principal Information Security Architect

Choice Hotels International
07.2022 - Current
  • Member of architecture review board overseeing local and third party integrations with corporate assets
  • Member of technical advisory board providing oversight and governance of new technologies
  • Member of reference architecture team reviewing and providing security requirements to newly designed and existing reference architectures ensuring security is baked in to the platform.
  • Review incoming projects and proposed integrations for security concerns.
  • Provide security requirements and guidance as needed to support modern security practices.
  • Streamline architectural review process resulting in faster time to delivery of projects
  • Develop framework for revising security policies and standards.
  • Lead team on drafting and reviewing to align policies and standards to NIST CSF 2.0 framework
  • Serve as SME to facilitate migration to certificate based device and user identity authentication

Sr. Security Engineer

Choice Hotels International
09.2017 - 07.2022
  • Team lead managing, mentoring and adjusting workloads to ensure projects met or exceeded deadlines.
  • Supported corporate objective to migrate data center assets to AWS cloud and provide security requirements/guidelines in various aspects of move.
  • Implemented Wazuh FIM in AWS support FIM of AWS assets and later led migration from Tripwire FIM and integrate with the CI/CD pipeline.
  • Automated management of assets in Sensage SIEM to prevent manual tasks required to maintain currency in SIEM.
  • Developed process to correlate logins to corporate users in AWS to meet compliance and security requirements.
  • Implemented Qualys automated API scans to scan golden AMI's in CI/CD pipeline in AWS.
  • Provide production support for enterprise tools and systems such as RSA DPM, Sensage, Wazuh.
  • Create and maintain technical documentation as well as provide training/mentoring on various items to team members.
  • Upgraded corporate DPM tokenization solution without downtime.

Security Engineer

Choice Hotels International
01.2015 - 09.2017
  • Work with Qualys Vulnerability Management, Hexis AP SIEM, RHEL 5, 6, 7 Server Security.
  • Stabilization of information security tools.
  • Provide 24x7 support for mission critical RSA DPM services and serve in on call rotation.
  • Train team members in Linux operating system.
  • PKI management, support teams with SSL certificates by issuance and assistance with implementations in production environments.

Adjunct Instructor

Estrella Mountain Community College
10.2012 - 05.2016
  • Teach Red Hat Linux systems administration and Linux security classes
  • Red Hat Linux Systems Administration I, II, III, IV

Senior Unix Systems Administrator

Choice Hotels International
12.2013 - 01.2015
  • Manage and support 1300+ Red Hat servers, RHN Satellite Sever.
  • Built and implemented Saltstack configuration management which is used in managing and deploying automated infrastructure and PaaS.
  • Worked on IaaS/ PaaS core team to enable the company to be able to deliver automated infrastructure.
  • Work with SOX and PCI audits and auditors to provide evidence and documentation of how our infrastructure is built, configured and covered by security controls implemented.
  • Maintain OS security standards for Linux configuration detailing build and security specifics.
  • Worked to develop and implement solution to improve the accuracy of Qualys scans where Java was not being detected by the Qualys vulnerability scanner.
  • Qualys vulnerability remediation for Linux.
  • SAN Storage migration.
  • Maintenance of Linux Technical Standards, Security Standards, and various operating procedures documentation.

Unix Systems Administrator

Choice Hotels International
12.2010 - 08.2013
  • Manage and support 500+ Red Hat servers.
  • Maintained and implement Postfix email marketing server farm on Linux producing up 4 million emails a day.
  • Administer email marketing systems and domain.
  • Worked with InfoSec team to configure Tripwire controls for RHEL 4 and 5 to correctly audit compliance of RHEL 4 and 5 servers.
  • Worked to develop patching cycle for Linux environments to enhance security compliance and vulnerability remediation.
  • Was member of data center migration team which migrated all Linux servers successfully to new data center.
  • VMware Administration including, SAN Storage migration, Build RPM software.
  • Became Linux team lead.

Skills

  • Security Architecture Review & Design

  • Reference Architecture Development

  • Secure Integration & Risk Assessment

Security information and event management

  • Policy & Standards Development

  • Cloud security tooling

  • System hardening

  • Architecture Review Board (ARB) & Technical Advisory Governance

Education

Estrella Mountain Community College, Avondale, Arizona. 8/2007 - 5/2009

  • Associates of Microsoft Network Technology
  • Associates of Cisco Network Technology
  • Associates of Linux Network Technology
  • Graduated with honors.
  • 4.0 GPA.

Affiliations

  • ISC2 - Member
  • GIAC Advisory Board – Member
  • SABSA Institute - Member

Current Certifications

  • Information Systems Security Architecture Professional (ISSAP)
  • Certified Information Systems Security Professional (CISSP)
  • Certified Cloud Security Professional (CCSP)
  • AWS Certified Solutions Architect – Associate
  • SABSA Chartered Architect - Foundation (SCF)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Security Essentials Certification (GSEC)
  • CompTIA PenTest+ ce Certification

Training

SABSA Advanced A1 - Risk, Assurance & Governance Training Course, 09/24

Skills Technologies

Cloud & Infrastructure Security

  • AWS Security (CI/CD Pipeline Security, Golden AMI Scanning, Logging Correlation)
  • File Integrity Monitoring (Wazuh, Tripwire)
  • Vulnerability Management (Qualys VM, Automated API Scanning)
  • Cloud Migration Security Controls
  • Linux Hardening & Compliance (RHEL 5/6/7, PCI/SOX)

Security Tools & Platforms

  • AWS - Security Hub, Guard Duty, Config, SCP's, Cloud Trail, IAM, EC2, Security Groups, etc.
  • SIEM (Sensage, OpenSearch)
  • Endpoint Detection & Response (CrowdStrike)
  • Data Protection & Tokenization (RSA DPM)
  • PKI & SSL Certificate Management
  • Configuration Management (SaltStack, Puppet)

Timeline

Principal Information Security Architect

Choice Hotels International
07.2022 - Current

Sr. Security Engineer

Choice Hotels International
09.2017 - 07.2022

Security Engineer

Choice Hotels International
01.2015 - 09.2017

Senior Unix Systems Administrator

Choice Hotels International
12.2013 - 01.2015

Adjunct Instructor

Estrella Mountain Community College
10.2012 - 05.2016

Unix Systems Administrator

Choice Hotels International
12.2010 - 08.2013

Similar Profiles

CREATE PROFILE
Joey PrestiaSecurity Architect