Paul Dyer

Enterprise Security Analyst

• Plan and implement enterprise security policies using technical and governance controls to ensure data confidentiality integrity and availability
• Provide guidance and support to the IT team on security-related matters, including security policies, procedures, and controls
• Efficiently analyze and prioritize multiple security alerts from the tool stack to prevent potential security breaches and ensure compliance with industry regulations.
• Perform administration, maintenance, and troubleshooting of firewalls, IDS/IPS, and other security technical controls
• Collaborate with cross-functional teams to identify and mitigate security risks associated with new projects and initiatives.
• Analyze logs using proprietary SIEM or open source tools to identify threats and suspicious activity, with the goal of reducing false negatives
• Conduct vulnerability testing, risk assessments, and security log reviews to maintain both security and regulatory requirements
• Operation of security technical controls, documentation, standards and processes to ensure operating environment is compliant with company policies and requirements
• Conduct periodic threat hunting efforts to aggregate security information, assess possible undetected threats, and take steps to mitigate threats.
• Respond to and resolve security incidents, including conducting root cause analysis and implementing measures to prevent recurrence.
• Assess and select appropriate security controls for cloud environments, ensuring compliance with industry standards and best practices.
• Document and maintain security standard operating procedures (runbooks) documentation, helping fulfil requirements needed in preparation for audits

Information Security Analyst

• Plan and implement enterprise security policies using technical and governance controls to ensure data confidentiality integrity and availability
• Manage user awareness training program leveraging SaaS tool to provide phishing testing and training to all firm colleagues reducing user clicks rates on phishing emails
• Respond to, aalyze, and triage multiple security alerts from the security tool stack, averting potential security breaches and ensuring compliance with industry regulations
• Perform administration, maintenance, and troubleshooting of firewalls, IDS/IPS, and other security technical controls
• Responsible for DLP tools and configuration for over 1,500 user endpoints. Project closed data leakage gap via external USB devices this reduced confidential data exfiltration by more than 75%
• Utilize proprietary SIEM or open-source tools to analyze logs, identify threats, and detect suspicious activity.
• Conduct security log reviews, vulnerability testing, and risk assessments to meet regulatory requirements and maintain a secure environment.
• Operation of security technical controls, documentation, standards and processes to ensure operating environment is compliant with company policies and requirements
• Perform periodic threat hunting activities to collect security information, identify potential undetected threats, and take appropriate measures to mitigate them.
• Participate in the research, selection and deployment of automated web application security tooling for integration into developer workflow, ensuring security best practices are consistently followed
• Monitor the cyber security landscape and keep aware of current Security Threat Intelligence
• Document and maintain security standard operating procedures (runbooks) documentation, helping fulfil requirements needed in preparation for audits

Systems Administrator

• Managed and maintained Dell physical servers and virtual server infrastructure
• Performed Active Directory account provisioning and user on-boarding, created a repeatable process which improved security and efficiency
• Managed data backup program, successfully transitioned from physical to network storage
• Triage and troubleshoot network connectivity problems on the local network
• Ensured virtual and physical servers adhered to corporate patch policies, ensuring production servers were updated in a timely manner
• Assisted network engineers in maintaining and configuring local layer 3 switches, NAS / iSCSI storage devices
• Conducted asset management program and maintained documentation leading to a reduction in asset & data loss
• Troubleshoot escalated Level 2 and Level 3 CSD calls while providing excellent customer service
• Administered Salesforce SaaS messaging platform for users reducing time spent calling the vendor support
• Provided additional remote only Administrator support for two other smaller offices, saving the company on hiring costs for onsite staff

Information Technology Analyst

• Provided internal and external end-user phone support
• Supported and troubleshot network printers
• Repaired desktops and laptops including memory and hard drive components
• Setup and configured IP telephones
• Conducted asset management and related documentation
• Imaged and deployed hardware assets reducing asset build time and errors
• Performed mobile device management

Boston University