Skip to main content

Victor Montoya's Personal Site

My Resume

  @page { size: 8.5in 11in; margin: 0.5in } p { margin-bottom: 0.1in; direction: ltr; line-height: 115%; text-align: left; orphans: 2; widows: 2; background: transparent } a:link { color: #0000ff; text-decoration: underline } a:visited { color: #800000; so-language: zxx; text-decoration: underline }

VICTOR MONTOYA

Gilbert, AZ | victor.montoya at gmx.com| (five two zero) 234-7800

SUMMARY OF QUALIFICATIONS

  • 14 years of working as a Security Analyst and Engineer

  • 7+ years of network and enterprise level system administration experience

  • 4+ years of experience of, Active Directory, Exchange support and Change Management

EXPERIENCE

Senior Security Analyst 2019 – Present

Arizona Department of Revenue

  • Work as the Senior Security Analyst at the Arizona Department of Revenue’s (AZDOR) Security Operations Center (SOC). I

  • Provided continuous monitoring, via Spunk System Information Event Management (SIEM), of network traffic, Active Directory, endpoints, servers, routers and switches for malicious activity.

  • Deployed new security tools into the AZDOR enterprise, namely Microsoft’s Windows Credential Guard and a Honeypot.

  • Completed forensic analysis of process trees deemed suspicious by the Crowdstrike endpoint security system.

  • Developed Incident Response processes as well as completed Incident Responses to suspected comprises all the way to completion.

  • Forensically analyzed phishing emails.

  • Wrote numerous lessons learned reports on incidents I responded to, security violations I investigated and the results of security tabletop exercises I organized.

  • Completed Wireshark packet analysis of traffic flagged as malicious by our Palo Alto firewall.

  • Reviewed and approved vulnerability scans as well as mitigation plans from system administrators on vulnerabilities that they cannot close.

  • I have successfully completed all these duties working from home since 2019.

Security Engineer 2017 – 2018

Phoenix Staff

  • Completed Engineering and Functionality Troubleshooting on 8 Cisco ASA Firewalls for the Arizona DES (Department of Economic Security) enterprise.

  • Managed DES’ McAfee Webgateway Web Proxy

  • Completed Vulnerability Scanning and Remediation for DES enterprise of 10,000 network nodes using Tenable Vulnerability Scanner.

  • Completed end to end Incident Response

  • Deployed new security application to the enterprise like Forcepoint cloud based web proxy solution and Forescout an IT (Information Technology) asset and network management system.

  • Configured DNS Records to migrate public facing Web Servers behind CloudFlare Web Application Firewall (WAP)

  • Began rebuilding of McAfee Nitro SIEM (Security Information and Event Management) system.

  • Deployed and administrated Secureworks SaaS (Security as a Service) solution.

  • Administration of Cisco ICE (Identity Service Engine) identity access management and configuration management system.

Security Network Manager II 2015 – 2016

Dell Inc.

  • Administrator of McAfee ePO (ePolicy Orchestrator) an Enterprise Security Endpoint Orchestrator on the Honeywell enterprise.

  • Created and managed policies for the security components administered by the Security Orchestrator such as SiteAdvisor (a web content filtering program), Drive Encryption, Host Intrusion Prevention System (HIPS), Virus Scan Enterprise (VSE), Linux Anti-Virus, Macintosh Endpoint Protection (MEP [a security suite for Macintoshes]) and Management of Native Encryption (MNE [centrally manages built in drive encryption programs like BitLocker and FileVault]).

  • Deployed patches and updates to the security components.

  • Began training on McAfee Application Control (MAC).

  • Worked on Honeywell Enterprise that consisted of 100,000 workstations and 10,000 servers.

Security Analyst 2012 - 2015

Phacil Inc.

  • Lead Administrator of the ePO Security Orchestrator for the Immigration and Customs Enforcement (ICE) agency.

  • Troubleshot issues of all the security components administered by the Security Orchestrator such as the Firewall, HIPS, VSE, and DLP (Data Loss Prevention). This all facilitates ICE’s Cyber Incident Response Team (CIRT) operations.

  • Analyzed event logs, firewall and HIPS policies, and performed McAfee Tag administration.

  • Deployed Windows Patches using IBM’s Big Fix deployment tool, and completed Big Fix maintenance tasks.

  • Enforced government system policy and processes and formulated response/recommendations to customers. Such as deploying custom signatures in response to security incidents and carrying remediation actions to compromised servers.

  • ICE enterprise I worked consisted of 40,000 workstations and 2,000 servers.

Customer Support Representative Tech II 2011 – 2012

Stara Technologies, Gilbert, Arizona

  • Provided System Administration of LAN (Local Area Network) and Servers running on the PGST (Persistent Ground Surveillance Tower).

Information Assurance Analyst 2010 – 2011

TASC, Ft. Huachuca, Arizona

  • Reviewed network and system vulnerability scans. Wrote POA&Ms (Plan of Action and Mitigation) Reports that detailed the amount of risk a detected vulnerability posed, and how it was mitigated. Certified that Classified IT DoD (Department of Defense) systems complied with multiple security operation standards and policies.

Computer Security Analyst II 2009 –2010

Northrop Grumman, Ft. Huachuca, Arizona

  • Performed Tier 1 triage in a CIRT for security incidents along with routing and tracking of all security related inquires and other issues.

  • Completed analysis of traffic that tripped signatures in the NIDS (Network Intrusion Detection System) for RCERT-CONUS (Regional Computer Emergency Response Team-Continental United States). Reviewed security events and logs created by NIDS for evidence of ports scans, SQL injections, zero day attacks, Linux based attacks, brute force attempts, and signs of bot net infections.

  • Coordinated with multiple government departments and agencies to gather information regarding intrusion events, threat indications and warning information. Prioritized multiple tasks and formulated responses and recommendations to on site administrators reacting to the security events. Studied and applied government intelligence and systems processes. Also participated in COOP (Continuation of Operations Plan) exercises.

  • Continually tracked methodologies, tactics and techniques of hackers to complete network even analysis and threat analysis duties. Used BMC Remedy System throughout the incident response process.

Functional Analyst II 2006– 2009

Mantech, Ft. Huachuca, Arizona

  • Executed interoperability testing for all HAIPE (High Assurance Internet Protocol Encryption) devices in use by the DoD.

  • Built a Classified LAN (Local Area Network) from the ground up.

  • Performed all network and system security on this Classified LAN.

  • Interoperability testing included packet analysis, LAN/WAN and voice/data performance using a SmartBits analyzer. Completed this testing with two other remote sites through secure remote access tunnels.

  • Additionally held the responsibility of Security Officer. Maintained at all time a Chain of Custody for the extremely sensitive CIKs (Cryptographic Ignition Key) that were in use for this testing.

  • Classified domain comprised of: Active Directory Domain Controller, Microsoft Exchange Server, 40 HAIPEs (VPNs), 15 workstations, VoIP server, 10 Tandberg VTCs, and Sectera Edge Classified smartphones.

EDUCATION AND CERTIFICATIONS

Metasploit Certification

Rapid 7

Linux Essentials Certification 7

LPI (Linux Professional Institute), LPI000374283 lpi.org/v/LPI000374283/r29ncqwk5c

Lifetime Certification

Security + Certification

CompTIA, Candidate ID SR3462611 Registration Number Q51DTT54F1

Lifetime Certification

Business Administration, Associate Degree

Cochise College, Sierra Vista, Arizona

SKILL SUMMARY

Host Intrusion Detections System (HIDS), Linux, Management of Native Encryption, Drive Encryption, Security7 Information and Event Management (SIEM), McAfee ePolicy Orchestrator (ePO), McAfee Application Control (MAC), Windows Server 2003/2008/2012, IIS 6.0,Microsoft Exchange Server, Blackberry Server, Cisco IOS, Wireshark, Cisco VoIP, Microsoft Office Suite, Retina (Network Vulnerability Scanner), System Vulnerability Scanner, HAIPE (High Assurance Internet Protocol Encryption) Devices, Switches, Routers, Smartbits (Network Performance Analyzer), Wi-Fi, BMC Remedy, McAfee WebGateway, Tenable, Cisco ASA, Forcepoint, Forescout, Crowdstrike, Splunk

2022-12-19
https://vmotnoya.github.io/posts/my-first-post/