Michael Tan
Quincy,MA
Summary
Results-oriented security analyst skillful in threat hunting, vulnerability management, alert triage, and incident response. Proactive at heading off issues in operations, workflow and production by uncovering trends affecting business success.
Overview
4
4
years of professional experience
1
1
Certification
Work History
Senior Information Security Analyst
Draper Laboratory
06.2023 - Current
- Perform threat hunting daily based on MITRE ATT&CK matrix and various threat intelligence to identify and remediate potential threats and vulnerabilities
- Perform alerts triage on various OSes, including Windows, Macs, and Linux (specifically Ubuntu and RHEL) and setup rules to monitor TTPs and various IOCs in Carbon Black EDR, Trellix Endpoint Security and Splunk
- Co-lead incident response and provide detailed summary of the incident for management’s review
- Educated employees on cybersecurity awareness through phishing campaign and well-structured training programs.
- Administer and co-manage various security appliances, specifically Trellix/McAfee ePO, Carbon Black EDR, Nexpose, Tenable.sc, DigiCert, Ivanti Connect Secure, Splunk, Proofpoint Email Security, FireEye NX, and Zscaler ZIA
- Develop scripts using Powershell mainly for threat hunting and incident response, and Python to automate multiple administration tasks using respective appliance’s API.
- Collaborated with cross-functional teams to develop comprehensive information security policies and procedures.
Information Security Analyst
Draper Laboratory
12.2021 - 05.2023
- Perform threat hunting daily based on MITRE ATT&CK matrix and various threat intelligence to identify and remediate potential threats and vulnerabilities
- Perform alerts triage on various OSes, including Windows, Macs, and Linux (specifically Ubuntu and RHEL) and setup rules to monitor TTPs and various IOCs in Carbon Black EDR, Trellix Endpoint Security and SIEM
- Co-lead incident response and provide detailed summary of the incident for management’s review
- Conduct quarterly phishing campaign
- Administer and co-manage various security appliances, specifically Trellix/McAfee ePO, Carbon Black EDR, Nexpose, Tenable.sc, DigiCert, Ivanti/Pulse Connect Secure, Splunk, Proofpoint Email Security, FireEye NX, and Zscaler ZIA
- Develop script using Powershell mainly for threat hunting and incident response, and Python to automate multiple administration tasks using respective appliance’s API.
Network & Security Engineer
Granite Telecommunication
06.2021 - 12.2021
- Perform analysis of network security needs and contribute to design, integration, and installation of Fortigate firewall.
- Enhanced network security by implementing advanced firewall configurations and intrusion detection systems
Network Operation Technician
Granite Telecommunication
11.2019 - 06.2021
- Troubleshoot and resolve WAN and LAN network issues such as hard down, packet loss, slow speed, networking equipment misconfiguration etc
- For the Dedicated Internet Access circuit (Fast Ethernet, MPLS & T1) in a Network Operation Center (NOC) environment
- Received multiple recognitions from upper management, including Employee of the Week for resolving highly escalated ticket and complicated problems.
Education
B.S. Cyber Security, Network Forensics and Vulnerability Management -
Norwich University
Northfield, VT10.2021
Advanced Individual Training -
U.S Army Quartermaster Corps.
Fort Lee, VA02.2019
Skills
- Incident Response
- Vulnerability Assessment
- Risk Mitigation
- Network Security
- Intrusion Detection
- Virtual private networks
- Phishing Detection
- Endpoint Security
- Security Architecture
Websites
Technical Summary
Secret, GIAC GCIH, CompTIA Security+, Fortinet NSE4, CCNP Enterprise, CCNA, CompTIA A+, AWS Certified Security – Specialty (In progress)
Certification
- GIAC Certified Incident Handler Certification (GCIH)
- CompTIA Security+
- Fortinet Certified Network Security Professional (NSE 4)
- Cisco Certified Network Professional (CCNP)
- CompTIA A+
Timeline
Senior Information Security Analyst
Draper Laboratory
06.2023 - Current
Information Security Analyst
Draper Laboratory
12.2021 - 05.2023
Network & Security Engineer
Granite Telecommunication
06.2021 - 12.2021
Network Operation Technician
Granite Telecommunication
11.2019 - 06.2021
B.S. Cyber Security, Network Forensics and Vulnerability Management -
Norwich University
Advanced Individual Training -
U.S Army Quartermaster Corps.
Similar Profiles
Michael BrownMichael Brown
Travel Expense Administrator at Draper LaboratoryTravel Expense Administrator at Draper Laboratory
Hermann Kaptui Sipowa, Ph.D.Hermann Kaptui Sipowa, Ph.D.
Senior System Engineer, Navigation Analyst at The Charles Stark Draper LaboratorySenior System Engineer, Navigation Analyst at The Charles Stark Draper Laboratory
Ashley TownselAshley Townsel
GEM Research Fellow at The Charles Stark Draper LaboratoryGEM Research Fellow at The Charles Stark Draper Laboratory
Anne MahoneyAnne Mahoney
Assistant Town Administrator at Town of Holbrook, MAAssistant Town Administrator at Town of Holbrook, MA
THOMAS PEREZTHOMAS PEREZ
National Sales Manager, Team Leader at Street CommunicationNational Sales Manager, Team Leader at Street Communication