Eric Barreau
Education:
Certificate of Completion
Introduction to Cybersecurity
Springboard
2018 : 2018
Bachelor of Science (B.S.)
Psychology
University of Wisconsin - La Crosse
2012 : 2015
Experience:
2022 : Present
Fortune Brands Innovations
Information Security Engineer
As a Software Support Engineer/Vulnerability Analyst, my duties include :
- Support, maintain and enhance vulnerability management systems and databases.
- Perform technical analysis of new vulnerabilities to assess compatibility.
- Assist internal IT teams with resolving complex technical problems and work on other IT/Security projects as assigned by CTO.
- Assist in producing documentation and training.
- Work with product managers and customers to identify product and support requirements.
- Strive on developing an expertise in vulnerability management and other cybersecurity duties as they pertain to Operational Technology (OT)/Industrial Control Systems (ICS).
2022 : 2022
Verve Industrial Protection
Cybersecurity Engineer / Vulnerability Analyst
2021 : 2022
Gordon Flesch Company
Security Engineer
Cyber security professional with the State of Wisconsin, with professional focus being on governance, incident response, and cloud architecture. In particular, responsibilities and roles include :
- 1) serving on a team that identifies and responds to various information security incidents (e.g., account compromises, phishing campaigns, botnet callback attempts);
- 2) assisting in developing and facilitating a vulnerability management program;
- 3) facilitating an educational/simulated phishing program;
- 4) conducting proactive phishing threat hunting (e.g., keyword, subject line, and sender searches); and
- 5) assisting in routine service requests (e.g., identifying and remediating root cause of persistent account lockouts, distributing and providing education on the use of MFA, and making adjustments to web proxy security tool).
2019 : 2021
State of Wisconsin
Cyber Security Analyst
Cyber security analyst/contractor with a state government agency, with professional focus being on governance, incident response, and cloud architecture. In particular, responsibilities and roles included :
- 1) serving on a team that identifies and responds to various information security incidents (e.g., account compromises, phishing campaigns, botnet callback attempts);
- 2) assisting in developing and facilitating a vulnerability management program;
- 3) facilitating an educational/simulated phishing program;
- 4) conducting proactive phishing threat hunting (e.g., keyword, subject line, and sender searches); and
- 5) assisting in routine service requests (e.g., identifying and remediating root cause of persistent account lockouts, distributing and providing education on the use of MFA, and making adjustments to web proxy security tool).
During previous cyber security education/training through Springboard, developed a broad knowledge base and hands-on skills in : (a) security architecture; (b) security tools and technologies; (c) cyber threats, attack vectors, and types of malware; (d) risk management; (e) identity and access management; (f) cyber compliance standards and regulatory frameworks; and (g) cryptography.
2019 : 2019
Smart Solutions
Cyber Security Analyst
Company: Fortune Brands Innovations
Years of Experience: 12
- Assessing various security tools/products to identify the best organizational fit, developing a thorough understanding of the tool/product features to allow for successful implementation and configuration. Successful engineering projects - implementation and configuration - include next-gen AV, email gateway security solution, and security information and event management (SIEM) tools.
- Leading efforts for developing an endpoint vulnerability management program, including setting up needed network infrastructure (e.g., network-level scanners, endpoint agents, cloud-based scanners), and developing corporate vulnerability management policy and procedures.
- Working as part of an incident response (IR) team, with responsibilities including: (a) performing proactive security threat analysis and enterprise monitoring (e.g., Cofense listing of reported phishing/malicious email, monitoring MS Defender for Cloud Apps); (b) reviewing reported email, engaging in IR procedures when a phishing/malicious email was reported; (c) analyzing suspicious URLs and attachments in various security tools (e.g., VirusTotal, Hybrid-Analysis, Hatching Triage, AbuseIP DB) as identified in email gateway, web proxy and next-gen AV alerts and logs; (d) documenting steps taken during IR scenarios to fully analyze/contain/remediate/recover from security incidents in the form of security reports; and (e) documenting IR procedures to share amongst IR team and assisting with training new IR team members on security tool stack and response scenarios.
- Assisting end users and customers in the form of support tickets with complex technical issues, such as issuing/rotating MFA tokens, troubleshooting compatibility issues with security tools and making needed configuration changes within security tool stack, and persistent account lockout issues.