Resume This  resume  is  made  with  CVwizard . com . Basic  information Name Martin  G Nystrom Email  address martin . nystrom @ gmail . com Website xianshield . org blogs . cisco . com/author/martinnystrom linkedin . com/in/mnystrom Objective Build  and  operate  cyber  security  programs  to  protect  customers  and  enterprises Profile Proven  cyber  security  executive  with  experience  delivering  $50M portfolios building  and  leading  customer - facing  security  services and  corporate  InfoSec Commands  advanced  experiential  knowledge  on  security  threats  and  responseAdvises  executive  customers  of  security  threat  and  operational  trends  in  quarterly  briefings •  Compelling  presenter  with  credibility  to  engage  customers  and  win  businessPublished  author representing  rich  cyber  security  experience  in  books papers and  executive  briefings Specialties •  incident  response detection and  investigations •  security  operations •  cyber  threat  intelligence •  application network and  system  security •  designing deploying  and  securing  web  applications Work  experience December  2015  Present Director Cisco  Security  Services Responsible  for  global  delivery  of  rapidly  growing  $55M  managed  security  portfolio including  advanced  cyber  threat  detection  and  security  device  management . •  24x7  delivery  across  global  Security  Operations  Centers  ( SOC in  USA APAC and  EMEAR •  Directs  global  team  of  team  of  senior  security  investigators  to  hunt  threats  using  advanced  threat  intelligence security  telemetry and  advanced  analytics •  Delivers  and  cultivates  rapid  threat  detection  and  mitigation  using  Cisco  Sourcefire  IPS  with  AMP ThreatGrid  sandboxing advanced  threat  intelligence  using  CIF Soltra and  OpenSOC including  Hadoop  for  consuming parsing  and  analyzing  Gbps  at  each  PoP with  all  forms  of  system  telemetry  and  syslog •  Delivers  expert  security  device  management  including  monitoring planned 
This  resume  is  made  with  CVwizard . com . changes patch  management and  architectural  growth •  Specialist  in  cyber  security  for  healthcare  and  public  sector July  2014  December  2015 Senior  Manager Cisco  Security  Services Leads  Managed  Threat  Defense  ( MTD advanced  cyber  threat  detection  for  Cisco  Security  Services •  24x7  advanced  cyber  threat  detection  across  global  Security  Operations  Centers  ( SOC in  USA APAC and  EMEARResponsible  for  rapidly  growing  $5.5M  service  portfolioManages  team  of  senior  security  investigators  to  hunt  threats  using  advanced  threat  intelligence security  telemetry and  advanced  analyticsDelivers  and  cultivates  rapid  threat  detection  using  Cisco  Sourcefire  IPS  with  AMP ThreatGrid  sandboxing advanced  threat  intelligence  using  the  CIF and  OpenSOC including  Hadoop  for  consuming parsing  and  analyzing  Gbps  per  PoP with  all  forms  of  system  telemetryCurates  hot  threats  to  rapidly  respond  and  monitor  for  IOCs  gleaned  from  emerging  attacks conceptual  attacks and  urgent  vulnerabilities  such  as  Heartbleed  and  Shellshock 2011  2014 Senior  Manager Cisco  CSIRT Built  and  led  global  engineering  staff  of  17  security  architects  and engineers delivering  innovative  solutions  against  growing  threats , including  APT . •  Developed  and  coordinated  broad  InfoSec  strategy  to  detect  and  contain  advanced  threats •  Coordinated  all  CSIRT  operations  to  ensure  investigations analysis and  engineering  functions  execute  consistently •  Architected budgeted  and  delivered  new  $1M  portfolio  for  CSIRT , enabling  global  cyber  security  solutions  and  growing  investigations staff  of  60. •  Managed  successful  delivery  of  massive  security  response  portfolio including  Splunk Cisco  WSA Cisco  IPS Sourcefire  FirePower  and  AMP , Cisco  ESA FireEye Passive  DNS  collection DNS - RPZ Cisco  ISE Lancope StealthWatch and  Mandiant collecting  over  20  billion  events  per  day into  1TB  of  growing  events  per  day . 2009  2011 Manager Cisco  CSIRT Managed  security  operations  team 19 - person  global  staff  conducting  24x7  security  monitoring operations and  routine  investigations  for  Cisco's  network . •   Developed  scheduling  and  workload  distribution  to  provide  24x7  monitoring •   Negotiated developed and  managed  $500 , 000  portfolio  of  monitoring  engagements  for  internal  clients •   Coached  staff  to  new  areas  of  responsibility  and  aptitude enabling  senior  engineers  to  take  on  larger  projects •   Motivated  team  with  creative  rewards  and  growth maintaining  0%  attrition  over  years •   Drove  improvements  using  Capability  Maturity  Model  ( CMM by  improving  quality  assurance engagement  clarity •   Assured  security  in  Cisco  cloud  services  initiatives  ( TelePresence  as  service by  providing  risk - based  monitoring  and  response  ( team  recognized  with  " Collaboration  Across  Cisco award ) •   Continuously  operationalized  detection  and  response  infrastructure  for  new  acquisitions data  centers and  PoPs
This  resume  is  made  with  CVwizard . com . 2005  2009 Information  Security  Investigations  Manager Cisco  CSIRT Investigated mitigated and  provided  subject - matter  expertise  for  dozens  of  security  incidents •  Lead  and  drove  improvements  to  information  security  monitoring  and  incident  response •  Developed  strategy  for  broader  team ensuring  project  portfolio  alignment  with  strategic  objectives  Conducted  global  threat  summit  with  diverse  IT  staff drove  projects  to  mitigate  identified  threats  Tested  and  drove  improvements  to  Cisco  products  ( CS - MARS CS - IPS others by  regularly  engaging  engineering/marketing  based  on  deployment  experience •  Developed  standardized  incident  response  handbook  for  global  investigative  staff coordinated  input  and  approval  across  HR Legal and  internal  auditors •  Selected  to  attend  Cisco  Global  Technical  Leader  Program 2008 2002  2005 Security  Architect Cisco  InfoSec Provide security  direction  for  Cisco  projects Specializing  in  web  security consult  with  IT  project  teams  to  provide secure  architecture  for  large  projects Write  policy  and  standards  documents  to  address  secure  programming  and deployment . •  Developed  web  auditing/remediation  team  to  address  web  security  vulnerabilities . •  Served  as  architect  for  web  services  security  Developed  database  security  strategy  Delivered  series  of  " Nerd  Lunch presentations  to  security  staff  on  database web  services and  web  securityAuthored  for  O'Reilly  Media  SQL  Injection  DefensesDeveloped  and  delivered  Secure  Web  Programming  in  Java  course  for  global  development  staff  Provided  on - call  incident  response  support troubleshot  high  impact  incidents deployed  firewall  changes investigated  security  incidents 2000  2002 IT  Engineer Cisco  IT Provided  technical  direction  to  team  of  engineers Acted  as  consultant  to  business  clients  in  exploring  concepts  for  new  applications Provided  architectural  guidance  to  Sales  IT  Architecture  Team Sized  and  delivered  tool  enhancements  and  integration  efforts Develop  ed  and  articulated  technical  vision Mentored  engineers  through  coaching training and  guiding  through  technical  challenges Delivered  series  of  presentations  to  e - commerce  staff  on  internationalization queuing and  b2b  data  exchange  via  XML . Developed  Partner  Business  Central  portal  into  e - channels  applications  that  allow  Cisco  partners  to  select compare and  configure  Cisco  products then  interact  with  Cisco  distributors  for  pricing availability and  ordering Product  built  in  Java using  XML/XSL CORBA and  Oracle allows  data  exchange  with  business  partners  using  XML  over  HTTP Enabled  RosettaNet  integration  for  standardized  message  exchange  with  Cisco  business  partners . Publications  and  Presentations Seven  Most  Damaging  Attacks 2015 Lessons  Learned  in  Intrusion  Detection Cisco  Live  Management  Sessions 2015 Real  World  Threat  Hunting
This  resume  is  made  with  CVwizard . com . Keynote CONFidence  Conference Krakow Poland 2015 Deconstructing  Incident  Response RSA  Conference 2015 Security  Monitoring Proven  Methods  for  Incident  Detection  on  Enterprise  Networks ( co - author ) O'Reilly  Media 2009 Required  reading  for  Network  Forensic  Analysis  course  at  Boston  University  ( 2010 ) SQL  Injection  Defenses O'Reilly  Media 2007 Education Master  of  Engineering North  Carolina  State  University Master  of  Engineering  in  Computer  Science Bachelor  of  Arts Iowa  State  University BA Business  Administration  in  Management  Information  Systems  ( MIS ) Certifications Certified  Information  Systems  Security  Professional  ( CISSP ) specialization Information  Systems  Security  Architecture  Professional ( ISSAP ) Cisco  Certified  Network  Associate  ( CCNA ) Awards  and  Honors Manager  of  the  Year  ( Cisco  IT ) 2012 Collaboration  Across  Cisco  Award 2010 for  teamwork  in  securing  infrastructure  for  Cisco's  TelePresence  during  COP15