I'm a relentlessly yet constructively paranoid Information Security Engineer by day, security researcher and developer by night. I don't do security because it's a job. I do it because I love it.
Proven track record in monitoring current attack trends and locating them in an enterprise environment.
Ability to maintain keep larger security incident trends in mind while keeping focus on smaller incidents.
Enjoy research on security topics, presenting findings, and applying them in real world scenarios.
Ran day to day operations of the CSIRT. Oversaw security implementation in three new datacenters. Technical lead on SIEM expansion, Full Packet Capture expansion, and Malware Sandboxing projects. Maintained relationship with 3rd party MSSP. Mentored other department members. Worked with internal teams as a technical SME.
Developed, documented, and established incident handling process and procedures for company's North and South America footprint. Monitored IDS/IPS, Firewall, SIEM, and DLP systems. Led recovery on security incidents. Interfaced with peer institutions via approved channels to share and process intelligence on attacks. Worked with various internal teams to leverage internal processes to assist with IR process. Shared incident information with peer IR teams in multiple geographic regions. Assisted in managing relationship with multiple MSSPs. Received multiple internal awards for outstanding performance.
Maintained and monitored IDS/IPS, Firewall, and SIEM systems. Handled security incidents as part of IRT. Developed numerous in house security tools for log management and response. Designed and maintained security lab. Part of regional response team for large scale incident coordination.
Lead Security Engineer on large scale VoIP rollout. Designed and set up in-house penetration testing service. Conducted vulnerability assessments on applications developed and used by organization. Provided groups with risk assessments and risk mitigation strategies.
Migrated legacy hospital data collection systems to newer alternatives. Audited various applications for security holes and assisted in developing solutions. Increased staff productivity by migrating numerous Access 97 databases over to C# and SQL based solutions.
Website that raises awareness about possible unintended consequences of publicly posting geo-tagged photos. Featured on the BBC, Fox News Channel, Good Morning America, Forbes.com, New Scientist, New York Times, WBZ, WFXT, WLNE, WNBC, KNBC, along with numerous other local news outlets.
Correlates data on malicious hosts from numerous seperate data sources and provides a centralized list for tracking and analysis.
Discussed Voice over IP (VoIP) security techniques and use of the open source telephony program Asterisk. (ISBN: #1597491519)
Ben Jackson — ben@benjackson.info — +1-508-296-0267