Michael Smith

• Built and managed SIEM platforms for federal government customers that processed over 12 billion events per day.
• Supported customer portal and reporting platforms. Worked with team to convert from ArcSight to Elastic solution (Elastisearch, Logstash, Kibana, Elastic Security, RedPanda). Managed Nagios XI platform.
• Partnered in the design and implementation of FedGov encryption and security requirements.
• Worked with SOC team to create customer-specific rules, Incident Response Plans and procedures.
• Created and maintained documentation for platform.

• Built and managed SIEM platforms for Federal Government (MTIPS Program) and Commercial customers (AT&T SETA/TMLA/MSS).
• Worked with multiple SIEM products including ArcSight, Trustwave, QRadar, LogRythm, and Splunk.
• Worked directly with commercial customers to design and implement on-site and remote SIEM components.
• Designed custom reporting for internal and external customers.

• Implemented Trustwave Security Information Management (SIM) Platform for AT&T Federal customers.

o Developed customized reporting and workflow for U.S. Courts including multiple device types and enforced data separation for 250 end user groups.

o Managed Trustwave lab implementations for AT&T Chief Security Office.

• Managed global Sourcefire Network Intrusion Detection (NIDS) system.

o Determined network requirements for sensor placement to provide best coverage/cost balance and maintain compliance with legal requirements in Europe, Asia, and Latin America.

o Automated troubleshooting and management of 150+ globally distributed Sourcefire Sensors.

o Managed policies and rule databases, wrote NIDS rules, kept all devices current, etc.

• Acted as second level incident investigation support for Global Security Operations Center.

o Performed advanced alert assessment.

o Developed procedures and workflow for Security Operations Center incident escalations.

o Developed and managed various initiatives to improve operations of Security Operations Center.

• Implemented and managed Intellitactics Security Information Management (SIM) system.

o Worked with Intellitactics to enhance reporting and high traffic flow capacity. Managed all aspects of a global multi-tier implementation.

o Developed a reporting system that correlated security events from NIDS, firewall, and proxy devices along with vulnerability data.

o Developed MySQL procedures to pull data from proprietary vulnerability management database for integration with Intellitactics.

o Worked with Intellitactics to integrate their product with the Archer ticketing system.