mark teicher - cybersecurity infrastructure and endpoint engineer, Self

Feedback from mark’s ex-colleagues

Let me see

Keep in touch with meI'm using Intch to connect with new people. Use this link to open chat with me via Intch app

Work Background

TBAIndependent Consultant

Sep. 2018Anywhere• Executed research, validation, and evaluation of enterprise-level platforms and technologies within a Cyber Defense Security framework. • Contributed to the architecture and enhancement of Armis Security, facilitating comprehensive reporting through data export into an external database. • Formulated a Requirements Traceability Matrix (RTM) to document business, functional, and technical requirements for new enterprise security platforms/technologies. • Directed the growth of a remote vulnerability scanning program, achieving over 60% reduction in setup times through optimized scan templates. • Accomplished the deployment of over 410,000 security agents across various operating systems, ensuring host based vulnerability scanning is executed. • Introduced a granular scanning system to minimize human error by synchronizing scanning with IP subnet name and addressing. • Enhanced scanning performance by optimizing exclusion processes, mapping exclusions/freeze windows IP addresses and subnets to registered subnet data. • Implemented data normalization for asset discovery, identification, and classification, enriching network-connected devices' visibility. • Collaboratively developed a Security component Agent Proliferation Dashboard (APD) using Splunk, enabling comprehensive compliance tracking. • Created an External Asset Visibility Reporting Splunk Application, increasing external asset visibility and decreasing enterprise costs. • Leveraged BitSight to improve the visibility and identification of external entities, elevating initial scoring from 300 to over 700. • Assisted in the development of cybersecurity strategies and capability planning activities, emphasizing requirements traceability. • Monitored the effectiveness of remote scanning for vulnerability detection to evaluate implementation success and reporting. • Undertook research and validation of new and emerging vulnerabilities, including potential zero-day exploits, against known inventory.

DXC TechnologyManaged Security Services Lead Infrastructure and Endpoint Architect and Engineer

Jun. 2017 - Sep. 2018United States• Served as the Lead Engineer for Managed Vulnerability Scanning Services (MVSS), overseeing aspects such as service delivery modeling, design, and implementation, thereby facilitating a transparent transition between enterprise vulnerability management platforms. • Led the Managed Cloud Workplace Assurance (CWA) project, including business case justification, service delivery modeling, and physical technology modeling, among other responsibilities. • Directed the Managed DLP project, handling aspects such as business case justification, architecture, and design to implementation and operations guide. • Oversaw Managed Endpoint Technologies and Managed Endpoint Threat and Response Detection, focusing on event ingestion and the customization of dashboards and reporting modules in Splunk and ArcSight. • Led Managed Endpoint Detect and Threat Response for Symantec Advanced Threat Protection (ATP), encompassing the business case, security delivery modeling, user acceptance testing, and operational runbook. • Spearheaded File Integrity Monitoring as a Service project, working with tools such as Tripwire and New Net Technologies (NNT) and handled responsibilities such as architecture documentation and user acceptance testing. • Handled the architecture, design, and implementation of Risk Mitigation Management (RMM) as a Service, ensuring full integration with current Security Information Event Management (SIEM) technologies. • Architected and designed Configuration, Assessment, Remediation, Monitoring and Alerting (CARMA) as a Service, integrating it fully with current SIEM technologies. • Managed the Distributed Denial of Service Managed Security Service Offering project, leveraging F5 Domain Name System (DNS) Distributed Denial of Service (DDoS) architecture and ensuring successful implementation of technology. • Served as the Security Technology Lead for new service introductions, executing Proof of Concept (POC) technology reviews for new service offerings.

DXC TechnologySecurity Architect - Security Strategy Risk & Management Consulting

Aug. 2015 - Apr. 2017Camp Hill, Pennsylvania• Achieved status as the most frequently employed security consultant, surpassing 175% in billings. • Undertook the role of Implementation Engineer in deploying HPE ArcSight Enterprise for real-time operational intelligence, serving major brands like AIMIA/Aeroplan and Procter and Gamble. • Enhanced security capabilities and established a robust authentication services framework. • Demonstrated expertise in crafting and implementing enterprise security strategies across diverse environments. • Developed and executed a Rapid Application Deployment strategy, facilitating a smooth SHA-2 migration path for over 187 critical applications. • Designed and launched Network Access Control (NAC) 802.1 Asset Management integration for seamless communication with i-uCMDB and ServiceNow. • Devised and implemented Honeypot as a Service, encompassing all stages from high-level design to transition to production documentation. • Collaborated with Security Operations Management and Client Security Officers to deliver on all security service commitments, covering security architectures, applications, and high-level security architectures across 860 sites in 81 countries. • Showcased technical leadership by swiftly assessing business operational impacts. • Acted as a Subject Matter Expert for Vulnerability Security Scanning, overseeing the transition from current to emerging technologies, and managing all associated architecture, engineering, implementation, and operational documentation. • Addressed all critical and major security issues by applying problem-solving skills focused on Root Cause Analysis. • Regularly liaised with Senior Leadership, including Client Security Officers, Account Delivery Leads, and Service Delivery Leads. • Led the development of technical business requirements, securing executive sponsorship for accelerated Web Application Firewall as a Service deployment.

Bank of AmericaVice President of Network Authentication Services

May. 2011 - Aug. 2015Mechanicsburg, Pennsylvania• Led the successful transition of Router and Switch Authentication Infrastructure, saving significant resources by managing the project within a $30,000 budget and 12-week timeframe, compared to an external proposal of $2.7 million over three years. • Developed, implemented, and documented a Network Operations and Security Operations Runbook, leveraging Hewlett Packard System Automation (HPSA) to automate the majority of configuration transitions. • Collaborated with various teams, including Global Information Security and Executive Management, to define the 2014-2016 Network Authentication Services roadmap. • Engineered the transition of machine data into actionable, real-time network operational intelligence, including the creation of custom dashboards, search queries, and self-service audit analysis. • Served as a Subject Matter Expert in the deployment of Network Access Control (NAC 802.1x) protocols, securing over 1.8 million network endpoint devices from unauthorized access. • Conceptualized and implemented a modifiable, adaptable, and scalable Network Authentication Services Framework, maximizing return on investment while minimizing operational interruptions and total cost of ownership. • Authored over 2,000 pages of comprehensive documentation, including business, functional, and technical requirements, leveraging the ITIL model. • Streamlined router and switch authentication infrastructures and optimized role-based access control policies, including batch credential creation and user attributes inclusion. • Utilized Splunk Enterprise for real-time behavioral analysis in Authentication Services, enhancing visibility and operational intelligence. • Ensured authentication services infrastructure surpassed Global Information Security and Identity Access Management requirements, delivering enhanced security and capability. • Accelerated the deployment of Network Access Control (NAC) across domestic and international facilities from March 2013 to June 2014.

British TelecommunicationsSenior Technical Team Lead

Jan. 2008 - Jan. 2011Mechanicsburg, PA• Led a global team of Security Engineers, surpassing Contractual Service Level Agreements across 860 sites in 81 countries. • Ensured daily operational stability and strict compliance with Security Operations Center protocols. • Utilized technical expertise in global firewall management and various connectivity, including IPSEC, VPN MPLS, Intrusion Detection/Prevention Systems, among others. • Efficiently resolved all Critical and Major Security Issues, applying advanced problem-solving skills. • Swiftly comprehended business operational impacts and provided documented incident handling solutions. • Showcased expert network and security troubleshooting skills in a global context. • Contributed expert knowledge of telecommunications technologies and security infrastructure design. • Served as the Lead Subject Matter Expert on VPN External Business Partnership connectivity and Enterprise Firewalls. • Acted as the Primary Security Incident Management Lead, handling all network security incidents and security malfunctions. • Led the technical review post incidents, including postmortem investigation and root cause analysis reporting. • Generated statistical data related to short-term incidents and chronic network issues. • Headed Security Technology for new Service Introduction and SOC Operational Readiness Testing for new service offerings. • Assessed proposed solutions against global standards and validated service statements and security proposals. • Engaged in high-level communication with customer executives and Service Delivery Management. • Managed operational shifts and coordinated internal Security Operations and Network Operations team communications.

Sygate Technologies acquired by SymantecSenior Security Consultant

Jan. 2002 - Jun. 2003Fremont, CA• As of 2023, 185 million devices have installed Symantec/Sygate Endpoint Security across 175 countries. • Symantec Endpoint Protection formerly Sygate Enterprise Protection has been available to consumer and enterprises since 2003, the latest version is for onpremise and Symantec Endpoint Green was recently released in 2021 for Cloud Endpoint including Symantec Enterprise Suite. • Co-developed technical quality assurance for Endpoint Protection and Network Access Control solutions. • Pioneered the step-by-step process for product evaluation, inclusive of remote demonstration capability and opportunity tracking. • Innovated a partner development program, implementing a novel revenue/commission from strategic partnerships. • Co-authored EnforceU Educational Courseware, providing fee-based user training to approximately 200 Fortune 1000 companies globally. • Instrumental in generating a significant growth in annual services revenue, achieving $1.4 million at a 30% margin within a year. • Provided Professional Services including assessment, design and implementation of Endpoint Protection, Network Access Control and EnforceU Educational Services. • Served as Quality Assurance architect, producing a policy enforcement/secure endpoint centrally managed security solution within a constrained budget. • Led a junior quality assurance team, establishing a structured environment instrumental in timely product releases. • Played a key role in the market launch of the world's first large scale, centrally managed host-based firewall, Intrusion Prevention Solution, and Network Access Control solution for global enterprises. • Collaborated with the Director of Professional Services, streamlining the technical sales process through cross-departmental integration.

ICSA Labs (an independent subsidiary of Verizon Business)Senior Security Consultant

Oct. 2004 - Oct. 2008Mechanicsburg, PA• Led technical scoping for emerging technology customers, overseeing aspects such as resource costing, architecture, product testing and evaluation, certification, and report production. • Conceptualized and designed Network Access Control (NAC) implementation and Managed Security Services (MSS) using Cisco-based products. • Collaborated in the development of an Anti-Spam capture and replay mechanism utilizing TCPreplay, FWTK components, postfix, procmail, qmail, vmail, and maildrop. • Successfully reverse-engineered open-source Mail Transport Agents (MTAs), enabling the capture of received mail and its appropriate filtering for realistic spam effectiveness scoring. • Pioneered the Anti-Spam Product Developer’s Consortium, driving its growth from inception to a revenue of $374,000 within 13 months.

AvayaSenior Security Consultant

Aug. 2003 - Oct. 2004Highlands Ranch, CO• Forged strategic alliances with SecureLogix, Network Associates, and RouteScience, enhancing product and services delivery standards. • Jointly devised a service delivery methodology for a Managed SecureLogix ETM Managed Telephony/Voice Service Offering within a Network Operations/Secure Operations Center. • Collaborated with esteemed engineers, Dr. Thomas Porter and Anton Rager, in launching WEPCrack - an 802.11 WEP RC4 weakIV attack tool. This included the creation of a Wireless Assessment Toolkit (WAT) compatible with a modified Linux OS and GPS Unit for comprehensive mobile wireless assessment and penetration testing. • Served as the Lead Developer for the Telecommunications Adapter of the US ARMY Net Crop Reporting System, enabling report submissions of significant outages and service degradation to the CONUS Theater Network Operations and Security Center (C-TNOSC). • Participated in the formation of the Army Network Operations and Security (ANOSC), an integrated platform for collecting aggregated telecommunications event notifications from numerous US ARMY Theater Situational Awareness projects.

IBM -(NetworkICE acquired by ISS, ISS acquired by IBM)Network Engineer

Jul. 2000 - Apr. 2001San Mateo, CA• Integral team member in the development and successful deployment of an innovative Network Intrusion Detection software solution, the BlackICE Guard. • Designed and enhanced a unique network driver, resolving existing resource constraints and attaining network protocol analysis speeds of up to 148,000 packets per second without packet loss. • Made substantial contributions to the integration of the Protocol Analysis Module (PAM) and TRONS parser, facilitating the interpretation of Snort Intrusion Detection rules for consumer and enterprise software on both Microsoft Windows and Linux platforms. Managed and maintained the NetworkICE BlackICE advICE Web pages, ensuring seamless user interface and up-to-date information.

Predictive SystemsSenior Security Consultant

Jan. 1997 - Jan. 2000Santa Cruz, CA• Instrumental in the establishment and growth of a Western Region Information Security practice, successfully increasing revenue from inception to over $12 million within two years, partially through securing contracts with Fortune 100 accounts. • Actively contributed to regional profit and loss, operations, and technical services, resulting in 15% of security revenue and 23% of national income. • Managed a team of consultants directly under the Vice President of Information Security, conducting training and cross-training programs for new hires across regional practices. • Developed an Open-Source SNMP network management system, effectively managing over 40,000 IP nodes and 500,000 dial-up access ports daily. This system later transitioned into a commercial technology solution for managing network nodes across various network edge technologies. • Review of business operations modeling in comparison to standard Internet and firewall methodologies for State of Massachusetts Information Technology Division, Enron Corporation, and Global Crossing, ICG Communications, Union Bank of California, Houghton-Mifflin Publishing, Putnam Investments, and UMC.