Craig Durham
Education:
MSM
Information Security
Colorado Technical University
2008 : 2011
MBA
Information Technology Management
Colorado Technical University
2010 : 2011
BS
Information Technology
University of Phoenix
2002 : 2007
Experience:
• Contributed to the daily operational aspects of the Information Security Team, primarily from a technical implementation perspective.
• Lead Engineer on Project to introduce new Firewall Management Application to Environment. This includes manage the point of concentp process to deployment of new tool. Work with Vendors as needed. Create all documentation for new tool. Provide training to staff as needed.
• Performed quarterly Firewall Rules review and clean-up
• Performed periodic vulnerability testing and assisting in remediation efforts.
• Setup Endpoint Data Loss Prevention for safeguarding sensitive data information and maintained compliance.
• Created and update technical procedures as needed.
• Assisted with break/fix of tools and automation that are owned by the Information Security Team.
• Cyber-attacks identification, monitoring, implementation of cyber-attacks prevention, and alerts security controls.
• Worked with internal and external customers on a variety of issues, from a simple security review of a mundane and routine ask, to a complex deep dive into a new feature implementation in O365, Azure, or AWS.
• Assisted in planning the company’s cybersecurity risk management framework, laws, and policies.
• Balances operational work (approximately 70% of the day) to help meet team SLAs, and project work (approximately 30% of the day) to meet assigned team deliverables.
• Developed technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
2021 : Present
First American Title
Senior Information Security Engineer
Reporting to the Director of IT Security Compliance, primary lead on Vulnerability management systems includes performing technical tasks on systems owned and managed by the team. This includes primary lead on Rapid7 – InsightVM, Thycotic – Secret Server, Crowdstrike – Falcon, KnowBe4, and Varonis.
Responsibilities
• Contributes to the daily operational aspects of the Information Security Team, primarily from a technical implementation perspective.
• Assists with break/fix of tools and automation that are owned by the Information Security Team.
• Works with internal and external customers on a variety of issues, from a simple security review of a mundane and routine ask, to a complex deep dive into a new feature implementation in O365, Azure, or AWS.
• Balances operational work (approximately 70% of the day) to help meet team SLAs, and project work (approximately 30% of the day) to meet assigned team deliverables.
• Contributes to the design, implementation, and documentation of new security tools.
• Use appropriate tools and applications to manage and support Vulnerability Management and Privilege Access Management (PAM) process.
• Collaborates with other internal information technology teams (networking, cloud, traditional architecture, developers, and data scientists) to support internal and external systems.
• Utilizes scripting and DevOps to provide automation and orchestration between :
• information security tools, such as the SIEM (InsightVM);
• endpoint protection (CrowdStrike Falcon);
• vulnerability scanners (Rapid7, Nessus, etc.);
• patch management (Avanti.);
• other applications;
• OS’ (Windows, MacOS, Linux, iOS, Android);
• cloud platforms (AWS, Azure); and
• IAM platforms (Active Directory, Okta, Auth0, PingIdentity, SAML, OIDC).
• Clearly documents designed automation and system relationships.
2020 : 2022
Alignment Healthcare
Senior Information Security Engineer
Reporting to the FVP of IT Security and Compliance, supporting daily IT Security operations includes performing technical tasks on systems owned and managed by the team. The IT Security Analyst will support and maintain the Bank’s information technology security environment as well as work with vendors and internal staff to identify and troubleshoot security issues. The analyst will provide first & second level security monitoring and analysis and address information security alerts and events.
Responsibilities
• Monitor server logs, firewall logs, intrusion detection logs, and network traffic for anomalous and suspicious activity.
• Interpret activity and make recommendations for resolution and/or prevention.
• Make recommendations to improve the security posture of the organization through the implementation of new technology or through modification of existing configurations.
• Manage and maintain security systems and their corresponding or associated software, including intrusion detection systems, Network Access Control, Antivirus, Web Application Firewall, and SIEM.
• Keep current with emerging security issues, trends, and tools.
• Assist with Security Awareness activities including employee awareness training and internal phishing campaigns,
• Assist with vulnerability management program including internal and external penetration tests, vulnerability scanning, and vulnerability remediation efforts.
• Assist with gathering IT security metrics to measure the effectiveness of the security program.
2019 : 2020
Opus Bank
Security Analyst
provide technical leadership and vision in developing and performing security controls risk assessments of programs, environments, applications, and assets throughout the company. Select, configure and maintain applications and devices to support vulnerability scanning, penetration testing, and other technical testing of security controls. Review security related regulations and controls such as DoD 8500 Series, NIST 800-53, OSSTMM, and others to determine how to leverage within Northrop Grumman. Participate in tiger teams as a risk subject matter expert to ensure risk is considered in recommendations to senior leadership.
2015 : 2019
Northrop Grumman Corporation
Cyber Security Analyst
Provide support to all Northrop Grumman Enterprise Point of Presence (EPOP) firewall rule base elements for internal and external customers at all locations, with focus on fulfilling their requirements for firewall updates. Requirements include analysis, evaluation and documentation of customer requirements and providing a standard EPOP firewall rule base infrastructure. Perform Enterprise Security Services responsibilities to oversee the management of the NGC Enterprise firewalls per approved NGC Policies, Procedures and Work Instructions. Primary responsibilities include development and support of the EPOP firewalls for NGC and providing assistance, guidance and recommendations for network design reviews and audit support. Good technical background and troubleshooting skills are required in the above-described areas with broader technical skills a bonus. This position also includes a high degree of direct customer interface that requires good interpersonal, communication and diplomacy skills.
2003 : 2015
Northrop Grumman Corporation
Senior Information Security Engineer - SSCP, Security+
Company: First American Title
Years of Experience: 27
Spoken Language: English
Access Management - Cyber Threat Intelligence – IT Operations Management
Strategic Planning & Analysis
Information Systems
Endpoint Detection
Security Controls
Risk Assessment & Mitigation
Testing Methodologies
Test Plan Design
NIST 800-53 FISMA
NIST 800-171 DFARS
Cross-Team Collaboration Technically sophisticated and accomplished professional with extensive experience leading cyber security and network intelligence operations for the protection of computer networks and information.
Adept at implementing new procedures and technologies to strengthen security posture, enhance operational efficiency, and control costs.
Demonstrated success in developing security standards, assessing/mitigating potential risk, and analyzing complex information.
Analytical planner deft at analyzing and isolating business challenges, as well as devising solutions to resolve issues.
Articulate communicator, skilled in building and strengthening relationships across functions to drive cohesive, strategic operations.