Cliff Price
Education:
Bachelor of Science (B.S.)
Cybersecurity
University of South Florida
2020
Experience:
As a leading provider of managed cybersecurity services, ECS provides a highly tailored and customized offering to each customer. Our team is responsible for protecting both ECS's Commercial Managed Cybersecurity Service Practice as well as our own internal cybersecurity program.
2022 : Present
ECS
Senior Cybersecurity Engineer
Responsible for all facets of information security, including continuous vulnerability scanning and mitigation of discovered risk, security awareness training, and implementation and tuning of the infrastructure necessary to safeguard the confidentiality and integrity of Clerk data.
● Implemented, configured, and administrated Zscaler Private Access (ZPA) as a VPN alternative to provide users internal application access independently of network access
● Established a monthly workstation scanning program to determine risk on non-server assets
● Resolved long-standing issues with external email tagging causing some messages not to be tagged and for tags to be duplicated organization-wide
● Implemented Proofpoint Threat Response Auto-Pull (TRAP) to automatically respond to user-reported emails and pull all copies of malicious ones from mailboxes across the entire organization
● Restored non-functional scheduled backups on all firewalls
● Configured, tested, and enabled automatic enrollment for phishing remediation training to streamline the process of user education in response to clicking a suspicious link
● Identified an NTP server misconfiguration on firewalls that was causing log timestamps to lag behind actual time, previously resulting in the idea that logs were being processed slowly
2020 : 2022
Hillsborough County Clerk of Court & Comptroller
Security Administrator
Leveraged institutional knowledge from the service desk to aid senior staff by drafting and updating policies and procedures. Day-to-day responsibilities included responding to alerts and availability issues, security awareness training, and certificate lifecycle management. In addition, I created and maintained the quarterly user access audits as part of our PCI DSS compliancy, partnering with system owners to better understand and more effectively review user and system access. Also performed digital forensic investigations and assisted with equipment/HDD recycling and chain-of-custody management as needed.
● Developed and expanded user access audit program from a single system to a total of 8, including extensive documentation that was reviewed quarterly by internal and external auditors
● Collaborated with other engineering teams to drive implementation of Netwrix Auditor, a change, configuration, and access auditing tool that was useful in expanding audit processes
● Created regex-based solution which brought user-reported executive email impersonation attempt misses to 0% and reported on these in real-time
● Worked with the networking team to redesign a portion of our network to resolve a non-repudiation issue
2019 : 2020
PODS
Security Analyst
Delivered enterprise-level hardware and software support to 3000 remote and on-site users. Worked with a variety of tools including Active Directory, Exchange, Dynamics AX, SCCM, ControlUp and Citrix XenApp. Interned with the Information Security team beginning in August 2018 to prepare for internal transition.
● 53% more productive than other Service Desk Analyst IIs (avg. tickets/month)
● Authored, trained, and distributed PowerShell-based tools to my team to handle repetitive tasks
● Created AutoHotkey-based tool to automate ticket creation in real-time to speed up call flow
2015 : 2019
PODS
IT Service Desk Analyst II
Provided day-to-day support for a user base of 400 through triaging and resolving hardware and software issues and handling common Active Directory tasks. Quickly familiarized myself with Altiris and SAP to ease workload for existing help desk personnel and studied networking and IP telephony to support in-house call center business, The Office Gurus.
● Independently unboxed, imaged, and deployed a 200+ workstation call center
2015 : 2015
Superior Uniform Group
IT Intern
Company: ECS
Years of Experience: 8
Spoken Language: English
● Web Filtering: Zscaler Internet Access (ZIA), Sourcefire
● Vulnerability Assessment: Tenable.sc, Tenable.io
● Email Security: Proofpoint, Mimecast
● Endpoint Protection: CrowdStrike Falcon, FortiEDR/enSilo, Symantec Endpoint Protection (SEP)
● Firewalls: Check Point, Cisco
● SIEM: LogRhythm, Alert Logic
● Security Awareness: Proofpoint Security Awareness Training (PSAT), Wombat, KnowBe4
● Other: Zscaler Private Access (ZPA), MaaS360, Thycotic Secret Server, Netwrix Auditor, Imperva, Okta, Tufin SecureTrack, NNT Change Tracker, Axonius Asset Management, FTK, EnCase, Ixia and Gigamon network taps, Wireshark, Fiddler, Nmap
● Programming/Scripting: Powershell, SQL, Python, C, C++, Java, HTML, CSS, Javascript