Patrick Hughes

Education: Bachelor's Degree

Management Information Systems and Services

State University of New York Empire State College

2013 : 2019



English

The Ohio State University

1994 : 1999

Experience: 2022 : Present

Moody's Corporation

Senior Cybersecurity Engineer

2022 : 2022

Strategic Financial Solutions NY

Lead Information Security Engineer

-Matured security program across multiple vectors.

-Revamped and managed Splunk environment. Set up new log source ingestions (Cisco Umbrella, Meraki,

-Salesforce, Office365, Keeper, OneLogin, SentinelOne); created alerts and reports. Trained personnel in

Splunk use.

-Created and managed user security awareness programs. Implemented test phishing campaigns (quarterly

basis) and customer-facing security training; deployed Phish Alert button into users’ Outlook.

-Deployed MFA for +800 users in Office365 environment. Developed user documentation; worked with

infrastructure team on enforcement and audits.

-Follow trends in threat intelligence; remediate new and ongoing threats. Consult on deployment and use of endpoint AV solution.

-Developed IT security roadmap; aligned organizational goals.

2021 : 2022

Strategic Financial Solutions NY

Information Security Analyst

Expertly provide cyber security related project planning and execution support to the on-site program manager.

Perform technical cyber security related planning and effectiveness analyses for the active IT infrastructure design. Formulate and design cyber security related design specifications. Develop and deliver consistent, high quality cyber related services and products. Provide cyber security related quality assurance check on delivered services and products. Identify opportunities for improvement and makes constructive suggestions for change.

• Proficiently Upgraded and revamped existing Qradar platform that provided more actionable intelligence, including the creation of custom alerts and daily reports, custom dashboards, and training.

• Adeptly implemented Nessus Security Center and created a regular security scanning schedule for the server range that decreased vulnerability numbers by 20% and improved patching schedule from a 90 to a 60 day cycle.

• Upgraded Qradar hardware to allow for longer event retention as well as better performance.

• Executed internal phishing program utilizing Cofense's PhishMe, resulting in 20% increase in end-user phishing awareness.

2017 : 2021

Nuvance Health

Information Security Analyst

Supported a complex security architecture that includes, next generation firewalls, web filtering, network access control, vulnerability management, log monitoring, endpoint protection, and forensic analysis. Designed, implemented, and supported new security technologies. Proactively threat hunted and performed malware analysis. Created multiple ongoing reports and dashboards used for security monitoring.

• Partnered with the Infrastructure Team to install Carbon Black Response to 10K+ individual endpoints covering all machines in the organization, allowing for upgraded malicious detection processes based on hash values and isolate machines where required.

• Effectively created reporting and dashboards in Splunk analytics driven SIEM; decommissioned legacy Oradar platform.

• Implemented and administrated POC systems for security orchestration, to include Phantom, Demisto and Resilient.

• Created and maintained Cyber Security WIKI documenting multiple systems and general “how-to” documentation.

• Member of FSISAC and InfraGard for security knowledge sharing and action.

2016 : 2017

OppenheimerFunds

Cyber Security Engineer

Company: Moody's Corporation

Years of Experience: 26

Spoken Language: English