Summary
Overview
Work History
Education
Skills
Certification
Achievements
Areas of Subject Matter Expertise
Timeline
Generic

John Guthrie

Chickamauga,GA

Summary

Proven leader with a passion for building high performing teams and developing world class talent. Adept at managing highly technical teams and driving for results to accomplish challenging objectives protecting the business from cyber threats.

Interested in obtaining a position where I am empowered to take innovative approaches to have a positive impact on an elite team and challenge myself to learn, grow, and continue to improve myself.

Overview

10
10
years of professional experience
1
1
Certification

Work History

Senior Manager, Global Cyber Threat Management

Reyes Holdings
Chicago, IL
01.2021 - Current
  • Built a best of breed Cyber Threat and Vulnerability Management organization from the ground up consisting of five functional teams including threat intelligence, threat hunting, red team, incident response, and vulnerability management.
  • Utilized a purple team approach to facilitate highly collaborative, cross-team workflows providing validation of implemented detections and controls, identification of vulnerabilities, and configuration recommendations.
  • Develop strategy, roadmap, and budget for all teams to align with technology, product, and overall business strategy.
  • Interface with business units, management, and executive leadership during incident response investigations.
  • Provide after action reports to both technical and non-technical stakeholders.
  • Collaborated with IT and business stakeholders to provide requirements and make security recommendations for projects and initiatives.
  • Performed gap analysis and provided recommendations for tooling improvements to facilitate visibility and reduced MTTR for response teams.
  • Lead a team of three highly technical managers and ten individual contributors.
  • Lead and manage MSSP relationships and personnel driving successful delivery of security services.
  • Performed goal setting, development and succession planning, and performance management.
  • Developed and delivered metrics that matter to executive leadership.

I/S Team Lead

BlueCross BlueShield Of Tennessee
Chattanooga, TN
05.2019 - 01.2021
  • Developed an enterprise threat hunting program from the ground up.
  • Lead a team of 7 senior cyber threat hunters in hunt operations and incident response.
  • Lead vulnerability management program responsible for identification, escalation and reporting to remediation teams.
  • Mentor and train junior team members in both professional and technical disciplines.
  • Conduct host forensics, network forensics, memory forensics, log analysis, malware triage, and malware reverse engineering in support of hunt operations and incident response.
  • Lead the team in creation of automation and alerts for malicious traffic.
  • Interface with business units, management, and/or executive leadership during incident response investigations.
  • Provide after action reports to both technical and non-technical stakeholders.
  • Recommend remediation actions based on incident response investigation findings.
  • Provide consulting, requirements, and use-cases for enterprise security RFPs and/or POCs.
  • Develop strategy, roadmap, and requirements for enterprise detection and response to align with technology, product, and overall business strategy.

Security Engineer III

BlueCross BlueShield Of Tennessee
Chattanooga, TN
03.2017 - 05.2019
  • Performed threat hunting using threat intelligence, log analysis, and enterprise security tools.
  • Automated processes and tuned configurations to alert on malicious traffic patterns.
  • Red Team Operations - Network Penetration Testing, Web Application Penetration Testing, Endpoint Penetration Testing, and risk remediation validation.
  • Configured and maintained Web Application Firewall.
  • Reviewed and approved all enterprise firewall change requests.
  • Audited firewall rule implementations for process and technical accuracy.
  • Provided requirements and participated in technical review and POCs for new enterprise security tools.
  • Provided technical analysis and recommendations for suspected phishing emails.
  • Provided behavioral analysis/reverse engineering of suspected malware samples or suspect sites/links.

Network Security Administrator

National Seating & Mobility
Chattanooga, TN
12.2014 - 03.2017
  • Configured and maintained DMVPN network made up of primarily Cisco devices with 150 remote offices, 1500+ users, multiple data centers, and multiple sites with 200+ users.
  • Configured and managed Cisco ASA Firewalls with remote access VPN.
  • Configured and managed access control system for multiple large office sites.
  • Configured and managed KEMP Loadmaster load balancers for internal web application.
  • Managed and maintained 100+ enterprise servers. (CentOS, Ubuntu, and Windows)
  • Provided configuration and networking for open source Asterisk phone system.
  • Worked with Kaspersky and Malwarebytes Anti-Virus/Anti-Malware.
  • Managed projects for all new locations and acquisitions. (e.g., contract acquisition, telecom support, low voltage cabling, voice/data setup).

I/T Security Consultant

Rodney Susong MD
Chattanooga, TN
01.2012 - 12.2014
  • Network administration
  • Cloud based web application support and troubleshooting
  • Email server/client configuration and management
  • Open source phone system configuration and management
  • Anti-virus configuration and management
  • Desktop support
  • Malware infection remediation

Education

B.S - Cybersecurity and Information Assurance

Western Governors University
Salt Lake City, UT
2019

A.A.S - Information Systems Technology, Web Programming

Chattanooga State Community College
Chattanooga, TN
2014

Skills

Host Forensics

  • FTK
  • SANS SIFT
  • KAPE

Network Forensics

  • Wireshark
  • Tshark
  • Tcpdump
  • BPF
  • Moloch
  • Zeek/Bro
  • Snort/Suricata

Memory Forensics

  • Volatility
  • Rekall

Log Analysis

  • Splunk
  • SOF-ELK
  • Kibana
  • Graylog

Malware Reverse Engineering

  • RemNux
  • FLARE vm
  • Static analysis
  • Behavioral analysis
  • Code level analysis
  • Ghidra

Scripting

  • Powershell
  • Python

Security Detection and Prevention Tools

  • WAF (Imperva, Netscaler)
  • IDS/IPS (IBM, Suricata, Stealthwatch)
  • EDR (MDE, Digital Guardian)

Certification

GCFA - Certified Forensic Analyst
GREM - Certified Malware Reverse Engineer
GCIA - Certified Intrusion Analyst

GCIH - Certified Incident Handler

GDAT - Certified Defender Advanced Adversaries
SSCP - Systems Security Certified Professional
CCSP - Certified Cloud Security Professional

Achievements

Achievements

  • Top 10 - 2021 DEFCON OpenSOC Tournament
  • SANS DFIR Netwars Challenge Coin Winner
  • SANS Cyber Defense Netwars Challenge Coin Winner
  • SANS GCIA Intrusion Analyst Challenge Coin Winner
  • SANS GCIH Incident Handler Challenge Coin Winner
  • SANS GDAT Defeating Advanced Adversaries Challenge Coin Winner
  • SANS GSOM Security Operations Manager Exam Development SME Participant (standard setting)





Areas of Subject Matter Expertise

  • Managing Technical Resources
  • Executive presentation and communication
  • Vulnerability Management and Remediation
  • Purple Team Exercise Coordination and Execution
  • Red Team Engagement Coordination and Execution
  • Penetration Testing Coordination and Execution
  • Tabletop Exercise Coordination and Execution
  • Incident Response Coordination and Execution
  • Threat Intelligence Coordination and Execution
  • Threat Hunting Coordination and Execution
  • MITRE ATT&CK Mapping
  • CIS Hardening
  • NIST
  • HIPAA
  • PCI DSS

Timeline

Senior Manager, Global Cyber Threat Management

Reyes Holdings
01.2021 - Current

I/S Team Lead

BlueCross BlueShield Of Tennessee
05.2019 - 01.2021

Security Engineer III

BlueCross BlueShield Of Tennessee
03.2017 - 05.2019

Network Security Administrator

National Seating & Mobility
12.2014 - 03.2017

I/T Security Consultant

Rodney Susong MD
01.2012 - 12.2014

B.S - Cybersecurity and Information Assurance

Western Governors University

A.A.S - Information Systems Technology, Web Programming

Chattanooga State Community College

Similar Profiles

CREATE PROFILE
John Guthrie