Home About Contact

Jonathan Davis

CLOUD SECURITY

Download PDF

jonathan@securingthecloud.org

501-765-3925

Professional Summary

Technically sophisticated and dedicated cloud security specialist with 20 years of experience administering, monitoring, maintaining, and operating security solutions for high profile corporations and securing their cloud computing deployments to protect sensitive data. Cybersecurity specialist aligning architecture plans and processes with security standards and business goals using experience in supporting, developing, and testing security framework for cloud-based software. Expertise in systems engineering design, configuration, and implementation of virtual data centers and building of scalable, highly-available cloud security infrastructure across multiple platforms. Skilled project leader and communication skills; able to direct multiple tasks effectively and readily master innovative security software and tools.

Skills

  • Cloud Security
  • Cybersecurity Administration
  • Defense in Depth
  • Policy & Procedure Development & Implementation
  • Firewall Provisioning
  • Troubleshooting & Issue Resolution
  • Security Testing
  • Security Design
  • Information Protection and Technology Solutions
  • Governance, Risk and Compliance
  • Cloud Computing Architecture
  • Information Security
  • Subject Matter Expertise
  • Information Technology Security
  • Information Security Engineering

______________

Industry Certifications

CASP+ | CCSP | CYSA+ | CISSP | CCSK

Cloud Certifications

AWS Certified Solutions Architect (SAA-C02) | AWS Certified Sysops Administrator (SOA-C02) | AWS Security Specialty (SCS-C01)| Azure Administrator (AZ-104) | Azure Security Engineer (AZ-500)

______________

    

Professional Experience

Secureworks

Senior IT Security Advisor

Oct 2017 - Present

  • Formulate, implement, and operate written controls to secure cloud-based systems. Utilize cloud-based APIs when appropriate to write network/system level documentation for securing cloud environments.
  • Assess cloud environments to ensure security best practices and/or regulatory controls are being implemented for all cloud services such as Azure, o365, and AWS to monitor CloudWatch, CloudTrail, NSG Flow Logs, GuardDuty, AWS WAF, and Azure Firewall.
  • Support clients with ensuring least privilege for all user accounts in AWS IAM and Azure AD/RBAC with Privileged Identity Management (PIM).
  • Aid clients with proper setup of MFA using Conditional Access Policies.
  • Setup Customer Managed Keys in AWS KMS and Azure Key Vault to protect Storage Accounts and Disk Drives with proper encryption.
  • Audit and configure NSG and Firewall rules for appropriate virtual network segmentation and protection of frontend websites.
  • Review alert trends and help translate alerts into plain English to help customers better understand what’s being alerted on in their environment.
  • Meet with customer CISO, CTO, and Security Director’s on a set cadence to provide program utilization review, security guidance, and deliver strategic recommendations that will help improve their security posture.

Johnson Controls

Network Security Consultant

Mar 2017-Oct 2017


  • Contracted to support the merger of Johnson Controls with Tyco International. Integrated Johnson Controls Cisco Firewalls and Firepower solutions with Tyco’s Mcafee NSM/ePO solution.
  • Met weekly with CISO and CTO from both companies to consolidate policies and procedures. Successfully tuned policies and integrated all systems in the same pane of glass using a SIEM solution.
  • Provided thought leadership, use case creation of a commercial SIEM solution and comprehensive defense development covering a wide array of other security appliance applications and platforms.
  • Responsible for project planning, configuration, and system implementation. Configured policies for Virus Scan Enterprise, Data Loss Prevention (DLP), McAfee Agent, and Host Intrusion Protection (HIPS) to support Corporate Security Policy.
  • Configured and monitored various other security appliances, including email gateways, DLP solutions, Endpoint Protection platforms, application whitelisting setups, IPS solutions, and firewalls.

Atos

Network Security Engineer

Mar 2013 Mar 2017


  • Designed, created, and implemented policies for IDS and IPS devices for multiple fortune 500 clients which included clients in the financial sector, energy, oil\gas, and medical.
  • Fostered and cultivated collaborative working relationships to effectively establish connectivity and open firewall rules between devices.
  • collaborated with application and infrastructure teams to design and architect infrastructure (network, OS, databases) and applications to protect against attackers.
  • Responded to audits from SOX, HIPAA, PCI, as well as internal security audits. Understood and followed NERC CIP requirements.
  • Ensured adequate security solutions and controls are in place throughout client's Cloud platform, services, and solutions. Developed an AWS security roadmap which included the AWS Services and 3rd party tools to be utilized in the AWS Cloud for Security monitoring.
  • Manage and coordinate major rollouts for McAfee, SourceFire IPS. Fortigate, Cisco Firepower Next Gen Firewalls, Fireeye Advanced Malware, and Cisco ACS TACACS.
  • Met with clients on a regular basis to go over security posture and make improvements. Developed security toolsets to exploit newly found vulnerabilities in order to perform real-world attacks.

SAIC

Security Systems

Jan 2002 Mar 2013


  • Primary HIPS Engineer with the responsibility of designing and creating policies, granting exceptions and exclusions to policies for Host Based Intrusion Detection using McAfee ePO.
  • Functioned as a Tier III engineer\architect for Identity management and Active Directory. Determined access levels and set policies\processes.
  • Closely collaborated with security architects in developing security frameworks for the enterprise. Provided thought leadership on security strategy, monitoring, alerting, reporting, and blocking
  • Acted as a quality assurance by conducting annual penetration tests; scan and test all applications using IBM Rational Appscan software.
  • Met with clients to provide guidance and direct technical engineering support teams and developers on mitigating risks found during risk assessments.
  • Provided subject matter expertise in network configurations from a security angle as well as fix any issues. Collaborated with functional-area specialists and security specialists to design, configure and/or develop security solutions