Michael Scott

• Performs engineering tasks to maintain operational readiness of endpoint protection solutions to include Installation, configuration, and audits of endpoint protection solutions including CrowdStrike, Trellix, and Windows Defender.
• Responsible for and performs Incident detection and response
• Review and consult on product, solution, and client change-control requests
• Working with clients to understand their end goals and help them create a plan to achieve them
• Participates in an on-call rotation
• Drafting, maintaining, and being involved in the evolution of client and product documentation

Responsible for the following CrowdStrike products.

• Endpoint Security - AV scans, prevention policies, USB device control and Firewall policies.
• Exposure Management - Asset management, passive and active discovery, network scanning, assessment configuration, vulnerability management as a whole, Application Management, and Account Management.
• Host setup and management -Monitoring sensor health and RFM status. Deployment of sensors and troubleshooting issues with installs, Response policy management, User and IP Allowlist management.
• Identity Management - Responsible for detections, incidents, configuration, analysis, dashboards and policy.
• Cloud Security - Configuring settings, integrations, container management, policies and compliance.
• Next-Gen SIEM - Responsible for Case Management, Monitoring and investigation, Log Management, and Fusion SOAR Workflows
• MISC - API clients and key management, Notifications, advanced event search and queries.

• Assists customers with implementing CrowdStrike falcon EDR to include installation of sensors, policy creation, user account creation, MFA setup, detection and incident reporting.
• Responsible for maintaining software and process documentation for Endpoint solutions to include SOPs, Change Requests, and client facing documentation.
• Monitored network activities for 30+ clients to quickly detect and resolve operational and security issues within the CrowdStrike console.
• Certified Falcon Administrator
• Reviews and responds to eSentire alerts, Workflow alerts, and client ticket alerts for Endpoint solutions
• Conducts regular Endpoint security reviews of client configurations and provide recommendations to improve client security environments. This includes user account access, firewall settings, USB device protection settings, sensor policies, prevention policies, risk registry entries, patching and maintenance settings and external reporting tool settings.

• Expert with ePolicy Orchestrator, Agent, DLP, ENS (full suite), Policy Auditor, DXL, and ACCM
• Have completed multiple onsite visits for upgrades and brand new builds, performing audits across the entire product suite, testing and implementing new products to include ENS and ATD, writing documentation for clients regarding day-to-day procedures, troubleshooting processes and health checks for the suite
• I have assisted clients with prepping for CCRI / CCROI inspections as well
• I was also responsible for creating and tuning policies for each product
• Fully certified for all available Carbon Black components
• This includes EDR, App Control and Cloud based versions of the product
• 8 months on contract time assisting a customer with day to day operations for App Control
• Writing documentation, reviewing and creating policies and rules, installing agents to endpoints, verifying connection statuses, maintaining the database, and conducting weekly status calls for the client to showcase what has been happening in the environment both daily and weekly

• HBSS Team lead for the Defense Commissary Agency located in Fort Lee supporting the McAfee ePO Suite of products
• I was responsible for product installs and tuning for HIPS, VSE, DLP, Policy Auditor and the McAfee Agent
• Documentation also had to be created from start to finish since the site had old out of date documents
• The entire process took roughly nine months, but I was able to go from 30 percent of the organization having 1-2 products installed to having all products installed to 95+ percent of all assets
• I managed 6000+ clients and over 30,000 appliances
• After the 9-month period I went through a major inspection and the command was able to pass with no issues to remedy
• Managed schedules, accepted time off requests and found coverage for short shifts.

• HBSS Technician for GDIT at Langley Air Force Base in Hampton Virginia
• Daily tasks included product deployment for McAfee products, Uninstalling / reinstalling products
• Troubleshooting errors and issues with policies and products
• Verifying proper maintenance and care of the HBSS servers and Databases
• Contacting customers and working their Remedy tickets
• Ensured base SADRʼs were connected and always pulling latest DAT files
• Managed the daily tasks for the servers and the product tasks
• Maintained over 130k Assets on one server alone

• HBSS SME1 working for Aermor LLC at NCDOC Suffolk
• Worked with the McAfee ePO as an administrator and help desk technician
• Daily tasks included - Creating system tree's for each ship and setting permissions based off of SOP's
• Contacting ships to ensure ship SADR's were active and sending information to shore based server
• Performing dashboard creation and query creation
• Implementing DISA Stigs and ensuring compliance with CTO's and IAVA Bulletins
• Ran queries for ship's assets and created exceptions for ship assets as well
• I was also the weekend Shift Supervisor from October 2015 to June 2016
• I was responsible for all work during the weekend and for training new personnel on the shift

• Information Assurance Technician and Network Administrator onboard USS Abraham Lincoln
• Managed Active directory, created and set permissions for user accounts
• Utilized Symantec Antivirus for machines on the network and was an administrator for the program
• Generated top 10 network users daily for the command
• Managed and updated the HBSS suite from 3.0 to 4.0 then to 4.5 used DISA stigs to ensure I was keeping the program in accordance with current system setup for DOD
• Performed monthly backups of HBSS and once the command went into the yards, performed shutdown of HBSS suite
• Kept and filed user access forms and created accounts for each user