Cybersecurity Consultant
Ontario Ministry of Education/Cyberstack
Total years of experience :4 years, 10 Months
• Part of an architect team, focusing on developing cybersecurity solutions for K-12 institutions
• Position subject to confidentiality agreements
• Results driven position; flexible, unique, constantly changing. Very high pressure/stress at times
• Focuses into researching for a wide variety of cybersecurity architecture areas o Needed to quickly familiarize with a product or key architecture point o Included: DDoS, EDR/XDR, SIEMs/SOARs, Vulnerability Managers, Patch Managers
• Required familiarity with SASE infrastructure (as defined by Gartner)
• Required familiarity with MITRE's ATT&CK, DEF3ND, and NIST's RMF frameworks o Very familiarized with tools surrounding off of MITRE's ATT&CK (i.e. CAR, CALDERA, CASCADE, etc)
• Was responsible for designing security validation tests for clients o Made use of pentesting tools and techniques
• Responsible for maintaining VM labs for testing purposes.
• Was regularly part of meetings with clients, and vendors
• Position required Reliability and Secret Level Clearances, and is subject to the CSE Act.
• Part of a 24/7/365 team conducting live monitoring for GoC clients.
o Immediate team was as large as 10 members, which worked in conjugation with multiple other teams across GC.
• Kept up to date with new and emerging threats via feeds
• Triaged incoming events via SEIM, EDP, and WEP
• Conducted investigations into abnormal behavior and malicious activity
o This required use of various analysis tools, including packet tracers and logs.
• Regularly worked with other teams to complete objectives or joint investigative work.
• Utilized a variety of tools (packet tracers, loggers, wireless scanners) to conduct analysis of information and data.
• Revolved around long and flexible - and at times, on call, - hours.
o 12 hour shifts were the norm; but often times it could be extended beyond that.
• Assisted in analyzing vulnerability scans
• Demonstrated ability to quickly adapt to new situations, tools, and software
o As is true with all large enterprises over extended periods of times, protocol and tools are required to change to adapt to new threats.
GIS B.A.