Jayme Smith

Information Security Engineer at Nextiva

Battle Ground, WA, United States

Details

Education: Completed Coursework towards

Computer Network Systems

ITT Jobs in USA

2010 : 2011

Experience: 2019 : Present

Nextiva

Information Security Engineer II

Member of the Cyber Threat Intelligence team which is responsible for creating, tuning and maintaining all content deployed into customer SIEMs.

SIEM configuration and management for 35+ customer environments

Custom report, alert and parser creation and tuning per customer requests

Periodic environment reviews for each customer

Development, tuning and updating of packet, log and endpoint parsers, rules, dashboards and other custom content

Creation of security & compliance reports for logs, packets and endpoints

Owning and managing content release and testing schedules

Interface between R&D and Security Operations Center regarding in house scanning tools and newly developed alerts

Continually research and analyze malware, security threats, vulnerabilities and related IOCs

Provide actionable intelligence and apply applicable alerts to packet, log and endpoint solutions

Implement, tune and manage Mimecast email gateway for customer environments

Implement ,tune and manage Carbon Black endpoint protection for customer environments

Assist Engineering team with troubleshooting SIEM issues

2019 : 2019

DATASHIELD

Threat Content Engineer

Served as the only Security focused IT member for a rapidly growing specialty hospital with 650+ users. Created processes to improve user onboarding, terminations and the overall security posture of the organization.

Deployed and maintained the Enterprise Phishing & Security Awareness Training program from Knowbe4.

Identified and implemented tracking of security KPIs.

Performed user provisioning and deprovisioning in the production environment.

Managed user access requests and licenses in AD, O365, share drive, security cameras and other IT systems.

Developed and maintained IT Security Incident reporting process and templates.

Interacted with C-level executives to obtain approval for access to sensitive information.

Performed periodic system and user audits.

Configured and administered Mimecast email security and encryption.

Identified and tracked security projects and their priority level.

Managed firewalls and switches

2018 : 2019

Veritas Collaborative, LLC

IT Security Administrator

Ran scripts and analyzed vulnerability assessments from critical production servers and scanned documents into the evidence repository. Collected and maintained evidence for CIP compliance.

Performed Patch Management in a production environment and adhered to monthly patching cycle.

Complied with change management processes for critical assets in production.

Verified configuration of devices on a monthly basis in compliance with the security program.

Deployed assets and conducted configuration and decommissioning.

Participated in backup and recovery exercises for critical network assets.

Performed network monitoring tasks and analyzed security logs.

2016 : 2017

Duke Energy Corporation

IT Compliance Analyst

One of two analysts recruited to replace a team of five at Arizona Public Service (APS). Revamped all processes, procedures and templates related to Critical Infrastructure Compliance (CIP) to improve efficiency and communications throughout the entire organization within 6 months. Performed quarterly and annual compliance related audit activities for an organization with over 6,000 employees.

Evaluated access requests to critical areas and assets owned by the CIP compliance team and determined approval or denial. Performed permission reviews quarterly and revoked access when necessary.

Created a Role Based Access Control Matrix to assist in cleaning up permissions.

Participated in developing and distributing security awareness training within the organization.

Ensured that all users with access to critical assets completed required annual security training. Revoked access where users did not comply with the security policy.

Led the Cyber Security Program including 11 different federally regulated IT security standards that had to be adhered to. Worked with the IT security team and physical security team to manage physical and logical access to critical areas and assets.

Collaborated with teams throughout the organization that worked with the equipment to identify gaps in security and strategies for improvement. Utilized feedback to recreate processes and documents to align with internal staff needs and capabilities.

Key contributor to evaluating and choosing a software vendor for change control. Participated in deploying software and building process flows to ensure compliance and communications.

Participated in Cyber Incident Response Planning and Emergency Exercises. Reviewed vulnerability assessment and port scans.

Reviewed and approved Change Management requests for Critical Assets. Kept evidence of changes for future audits and updated baseline information for critical systems.

2014 : 2016

Arizona Public Service (APS)

IT Security Compliance Analyst

Company: Nextiva

Years of Experience: 13

Skills Access Control, Active Directory, Carbon Black, Cisco Meraki, Content Development, Critical Infrastructure Protection, cyber-security, Cyber Threat Intelligence (CTI), DLP, Email Encryption, Email Management, Email Security, Encryption, Endpoint Security, Identity & Access Management (IAM), Information Security, Information Security Awareness, IT Audit, IT Security Best Practices, IT Security Operations, LogRhythm, Microsoft Azure, Microsoft Excel, Microsoft Exchange, Microsoft Office, Mimecast, NetWitness, Network Administration, Network Security, Office 365, Phishing, Process Review, Query Writing, Regulatory Compliance, Security+, Security Engineering, Security Information and Event Management (SIEM), Security Monitoring, Security Operations, ServiceNow, Software Implementation, System Administration, Threat Modeling, U.S. Health Insurance Portability and Accountability Act (HIPAA), Vulnerability Assessment, Vulnerability Management, Vulnerability Scanning, Webroot, Windows, Windows Server, Networking, Customer Support, Tier II, Email Clients, CIP, Process Improvement, Process Flow Documentation, Program Development

About I have over eight years of progressive experience in IT and have worked in a wide variety of

capacities such as escalation management, network troubleshooting and

maintenance, compliance, and IT security. I received my Security+ certification

from CompTIA in 2018 am currently working towards the Mile2 C)PTE certification. I plan to apply the knowledge I obtain through certification along with my IT Security experience to continually improve the security posture for organizations.

In my most recent position, at Veritas Collaborative, I worked as an IT Security Administrator where I created work flows, managed firewalls, and did a complete overhaul of user accounts across all IT systems. Previous to Veritas, I was one of two analysts chosen at Mosaic451 to revamp the IT operations and develop new IT processes and procedures for the organization. I was a key contributor in evaluating and choosing a software vendor for change control and I optimized security through access

controls.

In addition to my compliance and security experience, I have also excelled in customer service

environments and received rapid promotions, earning advanced access to tools and

privileges. At AT&T, I was a go-to person for training and managed escalated calls.

I have completed coursework in Computer Network Systems at ITT Technical Institute and

I am proficient in a wide range of technologies, networks and software systems.