Mike Daniels – Enterprise IT Consultant

Miked.daniels@gmail.com

Boulder, CO 80301

 

EXPERIENCE              

I am an Enterprise IT Consultant.  Let me introduce myself.  

 

I began my career at IBM after college.   After my first week on the job I was promoted from the help desk to a Tier 4 System Administrator.   I quickly became the team lead and went into architecture and security.    I wore many hats during this time, from Technical Account Lead, Senior Architect, Data Center Manager (including six 100,000 square foot data centers in Boulder), Programmer, Scripter, Change Management Lead, System Admin, QA lead, Document and Process organizer and creator, and one of my favorite rolls, Security.

 

I followed my passion of computer security and eventually became a consultant so that I could utilize my IT and business skills across a variety of areas of the IT industry.   

 

For the last four years, I have worked as a security consultant for many companies doing SIEM planning, SIEM architecting and SIEM installation.  I help companies learn how best to use their SIEM in order to manage their logs and collect enormous amounts of data.  I help improve or create SOC’s and helpdesks.  I have worked on projects where we used the SIEM to collect data for science experiments, as well as for monitoring the security status of the network.   I teach companies how to use their SIEM to achieve and retain their PCI, ISO 27001, HIPPA and other compliances.   I do this by working with my clients to create and put these security practices in place.   I start with a gap analysis of the entire security infrastructure; hardware, software, processes and procedures.   I suggest fixes to all issues I find.  We work together to create a project plan.   I show my clients how to build and plan and expand their SOC, MSSP, or Help Desk.  My solutions include penetration testing, gap analysis and training at every level to all people about security in companies.   I am a self-starter and highly motivated individual and enjoy working with a good team of people focused on getting the job done.  

 

 

 

 

 

Global Logic              02 / 2013 – 02 / 2014

Security Consultant to CTO and IT staff

 

I helped the company plan, install and begin integrating SIEM technology into their IT department.   I started with a gap analysis and general audit to create a project plan.  I then began to work with the IT department on all levels to help them with security.   I lead the rollout by teaching the users of the system what their roles were.   I produced the process and procedure documentation for all of the involved parties.   I worked with their teams to show them how to address alarms and made suggestions on how best to create a SOC.   

 

This position included reviewing firewall rules, reviewing and making suggestions to better utilize the current implementations of existing tools, updating SIEM rules, updating SIEM content, configuring the SIEM, working with all teams to set logging levels correctly, and place agents correctly. 

 

LogRhythm               08 / 2012 - 12 / 2012

SIEM Analyst/Engineer

I wanted to learn a second SIEM, so when I had the opportunity, I teamed up with LogRhythm and learned their products.   I became a Certified LogRhythm Engineer while working with their support staff.  I taught the customers good security practices and also how to best use a SIEM.   I was asked to fix and troubleshoot their system problems, identify choke points in their networks and show them how to use and configure dashboards.   Using this information from customers and also doing internal software beta testing, I helped to identify bugs and problems with the LogRhythm software.   I would monitor the forums and help answer questions for our customers and when needed, I would write parsing rules (REGEX) for the customer.   I worked with our clients to upgrade their systems.  

 

 

Hewlett-Packard --  Arcsight / Alchemy Security              09 / 2011 - 07 / 2012

ArcSight Engineer

 

In this position, I was lucky enough to be involved when HP and Arcsight merged.   I worked with one of Arcsight’s primary outsourcers to help them with installations and to help grow their business model.    While there I trained for my Arcsight certification.  I helped architect and deliver solutions for our clients.   

 

IBM               01 / 2000 - 2011

Delivery Architect/Chief Engineer

 

In this role, I was client facing and was the technical focal for multiple accounts.   I was the technical point of contact for the client and the delivery teams.   I helped to architect solutions, check the solutions of other architects, sign off on projects and ensure that all of our plans were checked before going out the door.   This included RCAs for security breaches and other website downtime, headcount availability, putting together teams, creating project plans and helping the delivery team understand the technical aspects of our plans.  

 

As a side role during this time I helped to develop one piece of IBM’s billing software.  I worked on the deployment side with the customers to tailor installations to their environment by writing install scripts to do this automatically.    The software was rather complex and at the time state of the art.   I wrote a piece of software to install software and configure it on either UNIX or Windows machines remotely.   We were able to roll out thousands of servers quickly and identically and could immediately identify any issues we had with our deployment.       

 

 

IBM               10 / 2000 - 03 / 2011

Technical Project Management

 

I worked alone or alongside other project managers and/or sales teams to help them work out the details for the technical aspects of different projects.   I reviewed the requirements and worked with the client’s technical representatives and project teams to complete these deliverables.   This work included moving client infrastructures between data centers, with little or no downtime.   Planning for primary/backup/geo-balanced/clustered infrastructures which included everything from cloud storage infrastructures, backend web apps, front end web sites, secured closed networks, database servers, and credit card processing.   I helped in the planning for upgrades and changes for future, current and emergency needs.   For many clients, we would stress test their website for load and other bugs that pop up only when there is a heavy load on the system by using software like Loadrunner to determine the issue and plan from there.    A great example was a Fortune 500 company that had bet on their online delivery of services; they learned it was more popular than they had expected and did not have the systems to handle the predicted load.   The bug would only pop up at 50k hits per second.   After working with their software development teams and managing the relationship between them and the software partners, I was able to identify the problem and relay the issue to the customer.   By fixing the problem, we helped the company take the lead in their market and now almost 10 years later they still hold the top spot.   

 

IBM               01 / 2003 - 12 / 2010

Security Analyst

 

I helped to develop IBM’s server security policies.  This work started in single server environments, and continued as we moved towards cloud application and storage services.  

 

I began by identifying strategies to lock down the servers in a uniform manner.  I wrote the process and procedures for what at the time was a cutting edge solution.  I then wrote the scripts and compiled programs to help us with a uniform lock down system.  I also wrote a set of programs at the time to patch every server in our farms of tens of thousands of servers.  These processes are still used today.  

 

I worked with our clients to help identify security breaches and to produce the RCAs (Root Cause Analyses) after troubleshooting the breach with our team and the client.  I delivered this to our project team and to the customer with suggestions on how to fix and prevent this in the future.     

 

SKILLS