Keep in touch with meI'm using Intch to connect with new people. Use this link to open chat with me via Intch app
Work Background
SOC Analyst
Ingram MicroSOC Analyst
Jun. 2024 - Sep. 2024• Developed and led a proactive threat hunting program, identifying and mitigating previously undetected security vulnerabilities, significantly enhancing the organization's security posture. • Trained an international Security Operations Center (SOC) team in advanced threat detection and incident response, improving detection efficiency and reducing response times by 10%. • Optimized SOC Standard Operating Procedures (SOPs) to enhance workflow efficiency, reducing incident resolution time and improving overall security operations. • Performed in-depth security assessments and gap analyses, identifying critical vulnerabilities and implementing security measures that strengthened cloud security, IAM policies, and real-time monitoring strategies. • Collaborated with internal security teams and external partners, aligning SOC operations with best practices for cloud security frameworks (AWS Security Hub, GuardDuty) to improve visibility, alerting, and compliance.
Principal Security Architect
GridSecurity, Inc.Principal Security Architect
Oct. 2022 - Aug. 2023• Provided strategic leadership in cloud security, guiding teams to implement best practices in IAM, security monitoring, and network securityimproving client security ratings and compliance with NERC. • Reviewed and enhanced security policies and SOPs, streamlining cloud security operations and incident response workflows, leading to increased efficiency and alignment with AWS security frameworks. • Evaluated and led proof-of-concept (PoC) testing for security vendor solutions, driving procurement decisions that strengthened cloud security architecture, IAM policies, and network security. • Conducted gap analyses of security controls, identifying risks and implementing cloud-based security solutions that reduced client vulnerabilities and improved threat detection. • Designed and led company-wide security awareness training, increasing employee compliance with security protocols by 25% and enhancing overall cybersecurity resilience.
AWS Security Architect
MetaBankAWS Security Architect
Apr. 2022 - Oct. 2022• Led security strategy for AWS migration, ensuring a seamless transition with zero security incidents while establishing a strong cloud security foundation. • Collaborated with the SOC to manage AWS-related incidents, optimizing response workflows and reducing incident response times by 15% through proactive threat detection and monitoring. • Configured and optimized AWS security services (CloudTrail, CloudWatch, GuardDuty, IAM, etc.), enhancing visibility, security monitoring, and real-time threat detection. • Hardened Linux virtual machines using CIS benchmarks, improving system security compliance scores by 20%, aligning with industry best practices for cloud security. • Implemented DevSecOps principles into the CI/CD pipeline, integrating security automation and reducing vulnerabilities in deployments, ensuring secure-by-design cloud infrastructure. • Evaluated and integrated third-party security tools, strengthening overall cloud security posture and ensuring compliance with security frameworks like CIS.
Information Security Specialist III
VMwareInformation Security Specialist III
Apr. 2021 - Mar. 2022• Led security reviews with development teams, ensuring applications adhered to cloud security best practices and compliance standards, effectively reducing vulnerabilities and strengthening application security. • Assessed AWS-hosted application architectures, providing strategic security guidance that improved compliance with NIST and SOC 2 frameworks. • Advised on AWS and Kubernetes logging and monitoring strategies, enhancing system observability and reducing incident detection times, ensuring proactive security monitoring. • Designed and implemented threat models for external customer-facing services, identifying potential risks and applying mitigation strategies to enhance security posture. • Recommended and optimized network monitoring strategies using Splunk, improving threat detection accuracy and response effectiveness.
Senior Security Engineer
MUFGSenior Security Engineer
Jun. 2020 - May. 2024• Architected and optimized Web Application Firewall (WAF) security policies, reducing web-based attacks by 15% and strengthening cloud security posture for critical applications. • Led incident response efforts for WAF-detected attacks, coordinating cross-functional teams to mitigate threats and minimize impact, improving threat detection and response efficiency. • Conducted forensic analysis of web traffic using Splunk, Wireshark, and SIEM solutions, developing standardized runbooks that enhanced incident response workflows by 20%. • Managed SSL/TLS encryption and decryption processes, ensuring secure WAF traffic handling and aligning with cloud security best practices for data protection and compliance. • Oversaw Public Key Infrastructure (PKI) operations, managing certificate lifecycle using Venafi to maintain 99.9% uptime for secure communications—a critical component of cloud security architecture. • Collaborated with internal and external teams, aligning WAF, encryption, and IAM security controls with industry frameworks (CIS, SOC 2).
IT Security Architect
Cavco Industries, Inc.IT Security Architect
May. 2019 - Jun. 2020Phoenix, Arizona Area• Established and led the organization's security program, implementing industry-standard frameworks (CIS, NIST, ISO 27001) to enhance security maturity levels and strengthen cloud security governance. • Configured Active Directory with role-based access control (RBAC), improving identity and access management (IAM) security and reducing unauthorized access incidents by 20%. • Led incident response efforts, conducting post-mortems and root cause analyses, which improved response strategies and reduced incident recurrence by 25%. • Performed gap analyses using CIS controls, identifying and remediating vulnerabilities to increase compliance and security posture in cloud and on-prem environments. • Managed network security operations, including Sophos firewalls and endpoint protection, reducing malware incidents and strengthening cloud and perimeter security. • Developed SOPs for vulnerability assessments using AlienVault and InsightVM, streamlining processes and reducing assessment time to improve risk management and remediation efficiency. • Drafted and implemented security policies, collaborating with senior leadership and stakeholders to drive enterprise-wide security culture improvements.
Security Architecture
Ditech Holding CorporationSecurity Architecture
May. 2018 - Apr. 2019Phoenix, Arizona Area• Reported directly to the CISO, conducting business unit-specific security assessments and implementing tailored security solutions, improving enterprise-wide security posture. • Performed comprehensive security reviews, identifying vulnerabilities and deploying risk mitigation strategies that strengthened cloud security frameworks and compliance. • Led high-visibility security initiatives, including migrating from McAfee to TrendMicro, resulting in over $250,000 in cost savings while improving endpoint security and threat detection. • Collaborated with compliance teams to assess security frameworks (CIS, NIST, SOC 2), ensuring regulatory adherence and closing compliance gaps. • Installed and configured security software across cloud and on-prem environments, enhancing threat detection, endpoint protection, and cloud workload security. • Performed vulnerability assessments using Tenable and Acunetix, identifying and mitigating risks that bolstered AWS and network security postures. • Worked closely with development teams to design and secure AWS environments, leveraging native AWS security tools (CloudTrail, IAM, GuardDuty, Security Hub) to enforce best practices. • Designed and implemented the company's penetration testing program, establishing robust security testing protocols that identified and remediated critical vulnerabilities.
Senior Information Security Architect
ArcadisSenior Information Security Architect
Sep. 2015 - May. 2018Phoenix, Arizona Area• Led multiple concurrent projects in designing, configuring, and securing SCADA and business networks, ensuring compliance with industry standards (NIST, Purdue Model, CIS) and improving security resilience. • Facilitated stakeholder meetings to assess client security goals and technical requirements, delivering tailored solutions that increased client satisfaction by 20%. • Researched, documented, and successfully implemented over 15 security projects, ensuring solutions met AWS security, IAM policies, and network security best practices. • Collaborated with client IT teams to centralize SCADA architecture, optimizing network efficiency and reducing operational costs by 15%, while enhancing security monitoring and logging capabilities. • Negotiated contracts with ISPs for WAN services and fiber deployments, ensuring secure, reliable connectivity for new facility construction projects. • Procured and managed network security equipment, averaging $100K per project, ensuring cost-effective security infrastructure deployment aligned with cloud and on-prem security requirements. • Served as the primary liaison with vendors, including Palo Alto and Cisco, to integrate enterprise-grade security solutions.
Senior Network/Security Engineer
No Blink Media LLCSenior Network/Security Engineer
Sep. 2010 - Aug. 2015Phoenix, Arizona Area• Served as the customer-facing technical lead, overseeing the design, procurement, implementation, and security of enterprise networks, leading to a 25% increase in client retention. • Led WAN upgrade projects, optimizing network performance and reducing latency by 30%, ensuring secure, high-availability cloud and on-prem connectivity. • Configured secure IPSec VPN connectivity between multiple sites, enhancing data security, remote access, and Zero Trust architectures for distributed environments. • Negotiated and managed ISP service-level agreements (SLAs), ensuring cost-effective network services and achieving 15% cost savings while meeting client security and performance needs. • Led teams in network performance analysis and troubleshooting, resolving latency issues and improving network efficiency by 20%, strengthening security monitoring and cloud traffic management. • Managed regional teams in deploying Cisco VoIP technologies across hundreds of locations in the U.S., standardizing secure communication systems and reducing operational costs. • Directed hardware installation teams, coordinating data center operations, remote server management, and network security configurations, ensuring seamless cloud integration and minimal downtime.
Systems Administrator
Human Resources Administration of New York City (HRA NYC)Systems Administrator
Nov. 2005 - Jun. 2010Greater New York City Area• Managed IT and security operations for three branch locations, supporting 600 users and thousands of residents weekly, ensuring secure, uninterrupted access to public city programs. • Maintained 99% network uptime by proactively identifying and resolving operating system inefficiencies, infrastructure issues, and aging hardware vulnerabilities, strengthening system resilience and cybersecurity posture. • Led two large-scale PC refresh projects, overseeing $750K worth of equipment upgrades, improving system performance, endpoint security, and user experience. • Conducted security risk assessments and participated in the IT Emergency Response Team, enhancing incident response preparedness and security risk mitigation strategies.

Requests

Touchpoint image
5
Looking for a Job
Cybersecurity Architect Role Request
Intch is a Professional Networking App for the Future of Work
300k+ people
130+ countries
AI matching
See more people like Paul on Intch
IT
451129 people
18
Technologist, Project/Program Manager
24
Data Scientist Intern @ Newell Brands
16
Program Manager @ DISH Network
ITTech Support
91947 people
18
Technologist, Project/Program Manager
42
Senior Mining Engineer @ Riot blockchain
16
CEO/Data Engineer and Consultant @ Propeltech Services LLC