Lawrence Anetekhai
Owings Mill,MD
Summary
6 Years Cybersecurity Engineer highly skilled in Data Loss Prevention, Endpoint Protection, Network Protection, Vulnerabilities Management, Identity and Access Management, Firewall Management and AWS Cloud Services. I have solid experience working in the Banking and Insurance Environments protecting PCI-DSS Data, SOX Data, HIPPA Data, Company's Confidential Information, Customers and Employees Data.
Overview
8
8
years of professional experience
1
1
Certification
Work History
Senior Engineer
Cardinal Health
Dublin, NC
10.2023 - Current
- DLP Endpoint Agent Troubleshooting on client machines
- Trellix DLP Integration with snowflakes for reporting
- Resolved issues with High failure rate in fcagtxe.exe on Windows
- Successfully Upgraded Trellix ePO to Service Pack 1 Update 3, DLP Extension to 11.11.3, Trellix Agent to 5.8 and DLP Product to 11.11.3.1832
- Completed report on Trellix Health Watch for management
- Resolved issues with Outlook latency and Health Check
- Integrated DLP with Splunk and IBM Qradar SIEM with webhooks
- DLP Incident Triage on Symantec Environment from protocols including SMTP, HPPTS, Removable devices
- Integrated DLP with BAS solution (Cymulate) to track DLP effectiveness over time by preventing security drift
- Used BAS solution (Cymulate) to find and fix security gaps in DLP solutions, and misconfigurations of DLP rules
- Performed non-functional testing to check usability and memory utilization of DLP agents before upgrades
- Created subset of users for DLP agent testing within Cybersecurity and Line of businesses before rolling companywide
- Leveraged Aternity Dashboard for granular service health check and general client performance metrics for agents’ deployment in rings
- Performed tuning of Proofpoint DLP Rules to reduce False Positive and improved detection rates
- Worked with DLP Triage analyst and manager to deliver measurable metrics reporting Key Risk Indicators KRIs and Key Performance Indicators KPIs used for reporting to stakeholders and board of directors and continuous improvement of the DLP program
Senior Cybersecurity Engineer
GEICO
Chevy Chase, MD
11.2021 - 10.2023
- Manually deployed Proofpoint ITM SaaS Windows Agents to 200 Test systems for PoC efforts
- Designed Proofpoint DLP Architecture and Deployed the Endpoint agents through SCCM to 46,000 Windows machines, VDIs and macOS Devices
- Created and documented Task for 32 DLP Policies and Rules in Confluence before they were built in Acceptance Environment for migration to the Production Environment
- Configured Endpoint DLP and Email DLP rules to detect exfiltration of Credit Card Numbers, Social Security Numbers, Bank Account Numbers, Driver License and SOX Data in Production Environment
- Tuned DLP Rules and Configurations for efficacy before shift to block and quarantine
- Built DLP Dictionaries, Conditions, Exceptions and Policy routes
- Created Agent Realms, Update policies, Notification policies that were pushed to the Endpoint DLP
- Created Update rings for Endpoint updates managed by the Proofpoint Auto Updater
- Integrated DLP with Splunk and IBM Qradar SIEM with webhooks
- Migrated DLP Policies from Symantec to Proofpoint
- Managed 67 Symantec DLP Servers including, Network Prevent for Email/Web Servers, Discover Servers, Endpoint Servers, Network Servers, and Enforce Server
- Upgraded the Symantec Dev Environment from v15.8 to v16.1
- Upgraded Trellix Agents to v5.8.1.313 and DLP Product to v11.10.1
- 200
- Created Explorations for ease of DLP incident triage and pushed Explorations to dashboard
- Managed CASB for control over approved applications like 0365, box.com, ServiceNow, SDFC and confluence
- Managed CASB to detect suspicious and compromised Cloud Apps
Information Security Engineer
TIAA Bank
Jacksonville, FL
05.2021 - 09.2021
- Configured policies for compliance and regulatory standards such as SOX, HIPPA and PCI DSS
- Configured policy to protect source code with Symantec Vector Machine Learning (VML) detection
- Created and designed Exact Data Match policies to detect PII and financial records
- Utilized the Content Enumeration Scan functionality of Symantec DLP to locate undocumented shares residing on the network
- Performed DAR scans on NAS shares and Endpoints with Symantec DLP
- Reviewed results for false positive/true positive and escalated incidents to Data Privacy and HR
- Configured Optical Character Recognition (OCR) on Symantec 15.7 environment to extract and detect sensitive data element hidden in file image
- Configured USB rules to prevent moving confidential data to USB devices from corporate environment
- Configured Symantec CASB to monitor SaaS application, i.e., 0365, Salesforce and Box environment
- Leveraged CASB to detect malware running on corporate network exfiltrating sensitive data and detected malware in files uploaded to the cloud
- Exported policies used on the production enforce server to a local file to prepare for Disaster Recovery
- Experience with deployment of Symantec DLP- Endpoint Prevent, Network Prevent for Email, and Network Prevent for Web, Network Discover
Cyber Security Engineer
Quantitative Scientific Solutions
Arlington, VA
02.2017 - 05.2021
- Made Recommendations for Federation Services SAML web Single Sign-on (SSO), OAuth and related authentication technologies
- Scanned and monitored system vulnerabilities on servers and devices with OpenVAS and Nessus Professional for open ports, sensitive data, weak credentials, and lack of security controls
- Investigated and validated false positive reports from Nessus and OpenVAS using CVE and CVSS before escalating vulnerability for remediations
- Created reports and dashboards with OpenVAS to improve team collaboration and increased vulnerability awareness
- Dashboards and reports improved team collaboration including vulnerability management and patch management, thereby decreasing outstanding vulnerabilities by 25%
- Increased server availability by 33% through configuration of Suricata IDS/IPS for detection and prevention of DDoS attack
- Configured and maintained DHCP Server on Windows
- Intercepted and Interpreted Network Traffic with Wireshark and TcpDump
- Utilized Nessus SC+ to investigate applications that were missing updates and patches or impacted with a known and zero-day vulnerabilities
- Used Crowdstrike Falcon on servers and workstations to prevent and control malware and threats
Education
Bachelor of Science - Industrial Chemistry
Ambrose Alli University
Ekpoma, Edo State, Nigeria05.2004
Skills
- Data Loss Prevention
- Endpoints Defense
- Symantec DLP
- Trellix DLP
- Proofpoint DLP
- Forcepoint DLP
- Zscaler DLP
- IronPort DLP
- CASB
- Aternity
- IBM Qradar SIEM
- Splunk
- Proxy Server
- DMZ Server
- Honeynets
- Tenable Nessus
- Crowdstrike EDR
- Vulnerability Management
- Cyber Kill Chain
- Cymulate
- AttackIQ
- MITRE ATT&CK Framework
- Breach and Attach Simulation
- Confluence
- Azure DevOps
- Jira
- ServiceNow
- Change Control
Certification
- CompTIA Security +
- AWS Solutions Architect
- AZ-900
Timeline
Senior Engineer
Cardinal Health
10.2023 - Current
Senior Cybersecurity Engineer
GEICO
11.2021 - 10.2023
Information Security Engineer
TIAA Bank
05.2021 - 09.2021
Cyber Security Engineer
Quantitative Scientific Solutions
02.2017 - 05.2021
Bachelor of Science - Industrial Chemistry
Ambrose Alli University
Similar Profiles
John NguyenJohn Nguyen
Supv, Warehouse Operations at Cardinal HealthSupv, Warehouse Operations at Cardinal Health
Victor BrownVictor Brown
Warehouse Associate at Cardinal HealthWarehouse Associate at Cardinal Health
Melissa PhillipsMelissa Phillips
Peri OP Lead Buyer at Cardinal HealthPeri OP Lead Buyer at Cardinal Health
JEFFERSON OSORIOJEFFERSON OSORIO
Warehouse Associate at Cardinal HealthWarehouse Associate at Cardinal Health
CHATEARA McCAULEYCHATEARA McCAULEY
LEAD MEDICAL ASSISTANT at SINAI HOSPITALLEAD MEDICAL ASSISTANT at SINAI HOSPITAL