Aaron Smith

Information Security Engineer

Certifications

CISSP

AWS Certified SAA

AWS Certified CP

AWS Certified Security

GCIH

Security+

Splunk Certified Admin

Splunk Certified Power User

Education

MS Information Systems

University of Utah
2010

BA Information Systems

University of Utah
2008

BA Finance

University of Utah
2008

Languages

  • English (Native)
  • Spanish (Professional)

Interests

  • MTB
  • Snowboarding
  • Cloud Security

About Me

Information Security Engineer with 11+ years experience driving security initiatives to keep companies more secure. Proven ability to increase profitability by implementing solutions and align company security to adhere to major compliance frameworks.

Work Experience

Security Engineer

January 2019 - Current
AdvancedMD
  • Primary role in security implementation with recent AWS migration. WAF, Cloudtrail, GuardDuty, Security Hub deployment and SIEM Collection.
  • Successfully deployed SWG Solution (Zscaler) to help protect devices and Intellectual property from Phishing/Malware campaigns and other bad actors.
  • Helped deploy wireless Network Access Control (NAC) solution (Aruba Clearpass) to secure devices on Corporate Network.
  • Help with HiTrust Compliance Initiative by properly deploying Splunk to gather and alert on SIEM information.

Security Engineer

November 2015 - January 2019
Domo Inc
  • Increased SIEM visibility 100% by properly scoping/deploying Splunk Enterprise; this allowed Domo to more effectively alert on security events of interest across Corp, Dev, and Prod.
  • Cut employee phishing email click-thru by 60% after deploying and tuning commercial phishing and awareness platform.
  • Saved countless man-hours by scripting integrations to update SIEM, Firewall and other Domo security information.

Network Security Engineer

November 2012 - November 2015
Blue Coat Systems
  • Secured 30+ Global Data Centers by scoping, deploying, and maintaining a distributed vulnerability scanner (Tenable Security Center/Nessus).
  • Increased Blue Coat Cloud sales at least 3x by driving Blue Coat to an ISO27001 Cert and SSaE16 attestation.
  • Prioritized vulnerability scan results to mitigate threats based on severity and CVSS scores.

Security Engineer

July 2012 - November 2012
Progrexion
  • Shaped company solutions to leverage industry best practices.
  • Identified security issues and risks and implemented mitigation plans to increase security.
  • Implemented and maintained SIEM and Web Filtering solutions (ArcSight, Barracuda Web Filter) to discover vulnerabilities and malware on systems.

Data/Malware Analyst

June 2010 - July 2012
Blue Coat Systems
  • Extensive use of Linux command-line tools to improve URL classification (regex, grep, sort, awk, etc).
  • Saved hundreds of man-hours by using scripting languages (Python, Ruby, Perl) to automate processes in categorizing websites/IPs/subnets.