Cybersecurity professional that has provided multiple tier support and consulting services for a Gartner recognized managed security service provided. Familiar With: - Intrusion Analysis - SIEM Engineering - Malware Analysis - Security Operations - IT Security Metrics

SIEM Manager @ ☛ Led onsite SIEM consulting engagements ☛ Managed processes for the Proficio Security Operations Center ☛ Trained and managed analysts in the Proficio Security Operations Center ☛ Built SIEM use cases for MSSP offerings ☛ Monitored SIEM for advanced threats through correlation leveraging heuristics and threat intelligence ☛ Tuned, enhanced, and filtered several products logging to multi-tenant SIEM. ☛ Provided technical support in client facing meeting to discussed current threats and SOC detections ☛ Provided Arcsight administration support by troubleshooting issues with ESM performance or issues with the connector appliances Software: Arcsight ESM, PaloAlto NGFW, Fortigate UTM, Websense, Juniper Netscreen, McAfee EPO, Cisco ASA, TippingPoint, Imperva WAF, Websense, Symnatec Endpoint Protection, Sourcefire, FireEye From July 2014 to Present (1 year 6 months) Greater San Diego AreaProfessional Services Consultant @ ☛ Performed onsite customer engagements to optimize McAfee SIEM solutions in a variety of environments including healthcare, education, and government contractor environments. ☛ Worked with existing data sources logging to the deployed SIEM to meet client use cases. ☛ Performed technical writing for McAfee Professional Services for its SIEM services solution. Software: McAfee SIEM (Enterprise Security Manager - ESM, Enterprise Log Manager - ELM, Receivers, Advanced Correlation Engine - ACE), McAfee Web Gateway - MWG, PaloAlto NGFW, Fortigate UTM, Websense, McAfee EPO, Cisco ASA, Sourcefire From March 2014 to July 2014 (5 months) Cybersecurity Engineer @ Achievements: ☛ Provided technical sales presentations to potential MSSP clients. ☛ Took open and closed sources of threat intelligence and applied operational use case around the context of relevant threats identified. ☛ Participated in offsite consulting engagements that provided monitoring and content development to external security operations. ☛ Led collaboration meetings with MSSP clients to deploy operational use cases to the Leidos Security Operations Center. ☛ Assisted in transitioning use cases, monitoring, and workflow for the multitenant Leidos Security Operations Center to a different SIEM product (Arcsight ESM to McAfee ESM). Technologies: Security Information and Event Management, Intrusion Detection/Prevention Systems, Unified Threat Management Systems, Next Gen Firewalls Software: Arcsight ESM, McAfee ESM, Splunk, Sourcefire 3D, PaloAlto NGFW, Fortigate UTM, Blue Coat ProxySG, FireEye, McAfee EPO MWG NSM NTR and Solidcore, Bit9, FireEye, Tripwire, Stealthwatch, Ironport, and Checkpoint Firewalls. From September 2013 to March 2014 (7 months) Greater San Diego AreaNOSC Security Engineer @ Provided Tier 3 support for the the Network Operations Security Center for a Gartner recognized Managed Security Service Provider. Achievements: ☛ Managed performance metrics for NOSC personnel. ☛ Enhanced the security analyst training program. ☛ Served as trainer for security analysts. ☛ Led collaboration meetings to create use cases for NOSC monitoring around specific threats. ☛ Tuned SIEM (security information and event management) correlation rules and data sources. ☛ Tuned and optimized corporate intrusion detection systems. ☛ Provided consulting to tune customer SIEM deployments. ☛ Built and monitored SIEM content that detected advanced persistent threats on commercial and federal networks. Technologies: Security Information and Event Management, Intrusion Detection/Prevention Systems, Unified Threat Management Systems, Web Application Gateways, Sandboxes Software: Arcsight ESM, Nitro ESM, Sourcefire 3D, Snort, Fortigate UTM, Dragon Enterasys, Blue Coat ProxySG, PaloAlto NGFW, FireEye, Splunk, Juniper Netscreen, Zenoss, McAfee NTR, FireEye, McAfee EPO, Arcsight Logger, Tripwire, Cisco ASA, HBGary Active Defense From August 2011 to September 2013 (2 years 2 months) Greater San Diego AreaInformation Security Analyst @ Provided consulting services for Aramco Services Company to build up the on site security operations center. Achievements: ☛ Participated in a 24x7x7 security operations center as a security analyst. ☛ Performed SIEM engineering by building McAfee ESM content around multiple data sources. ☛ Helped build the SOC (security operations center) personnel metrics program. ☛ Assisted in process documentation for the SOC. ☛ Performed security analyst monitoring in a 24x7x7 environment. Technologies: Security Information and Event Management, Intrusion Detection/Prevention Systems, Host based intrusion prevention systems, web application gateways, email gateways Software: McAfee (NitroSecurity) ESM, Sourcefire 3D, FireEye, Ironport, McAfee Web Gateway, PaloAlto NGFW, Juniper Netscreen, McAfee EPO From November 2012 to February 2013 (4 months) Houston, Texas AreaCyber Security Analyst @ Evaluated threats to the integrity and performance of commercial and federal networks via analysis of data provided by various types of network security hardware and software. Achievements: ☛ Participated in a 24x7x7 security operations center as a security analyst. ☛ Assisted SIEM engineering in building out threat intelligence capabilities within the SIEM. ☛ Monitored logs from over two dozen types of network and host based devices in Arcsight ESM. ☛ Detected advanced persistent threats on corporate networks using heuristic based monitoring. ☛ Assisted in building the Network Operations Security Center training program. ☛ Created the Network Operations Security Center Security Analyst metrics program. Technologies: Intrusion Detection/Prevention Systems, Security Information Event Management Systems, Unified Threat Management Systems, Web Application Gateways, Sandboxes Software: Arcsight ESM, Splunk, Zenoss, Nagios, Fortigate UTM, PaloAlto NGFW, Enterasys Dragon IDS, Bluecoat ProxySD, Snort, Sourcefire, Arcsight Logger, Juniper Netscreen, VirtualBox, Wireshark, NetWitness, From January 2009 to August 2011 (2 years 8 months)

Master of Science in Engineering Management with a focus in Information Assurance, Network Security Management, Business Intelligence, Cryptography, Enterprise Systems Architecture @ The George Washington University From 2010 to 2013 Bachelor of Science Business Administration Information Systems, System Developement Lifecycle, Database Management Systems, Business Application Programming @ San Diego State University-California State University From 2006 to 2008 San Dimas High School Bryan Borra is skilled in: Network Security, Computer Security, ArcSight, Information Assurance, Malware Analysis, SIEM, Intrusion Detection, Technical Writing, Networking, IDS, Penetration Testing, Vulnerability Assessment, Information Security, Firewalls, Snort, McAfee, IPS, Wireshark, Security