Michael A Schlosser

Recent Posts

Recent Comments

Archives

Categories

Download Full Resume (PDF)

Download Full Resume (DOCX)

Download Full Resume (TXT)

Mike Andrew Schlosser
Information Security Engineer
1-208-859-5770
mikeasch007@gmail.com
linkedin.com/in/mikeasch007

SUMMARY
Professional and experienced senior-level Information Security Engineer with more than 10 years of Information Technology experience and 7 plus years of Information Security Engineering experience, seeking long-term project to add value in the areas of Information Security Architecture and Engineering implementation, especially Cloud Security, Cryptography, and IAM engineering and analysis. Enthusiastic full-stack expertise in many technical areas, including Applications, DevSecOps, and Data Security. Prefer hybrid and remote roles, although open to relocation for a direct hire, especially senior to lead Information Security Architect or Engineer role in an ideal position.

EDUCATION
Bachelor of Science, Rensselaer Polytechnic Institute, New York, Graduated, May 2013 Boston College, Woods College, Cybersecurity Program, Chestnut Hill, MA, 2016-2017

SKILLS
Cloud Security, IAM, DevSecOps, AWS, Azure, PKI, Application Security, WAF, Security of Cloud, Security as Code, OWASP, Jenkins, Splunk, Linux, Windows, Networking, API, CSMP, EDR, Zero Trust, SIEM, Kubernetes, Docker, Python, Terraform, Purple Team, Red Team, SAML 2.0 SSO, Sailpoint, 3rd Party Risk, Multi-Tier Architecture, SABSA, TOGAF, LINDDUN, STRIDE, Splunk, PAM, Data Masking, Data in Transit, Data Storage, BYOK, Firewalls, Authentication, PAM, SSH, SDLC, Hybrid Cloud, WAF, DLP, IDPS

EXPERIENCE
Lead Security Architect December 2023 – March 2025 ELF ID

  • Developed a cryptographic and digital identity system called ELF-ID, which is a digital security framework that replaces Public Key Infrastructure (PKI) architecture
    with a biometric Natural Key Infrastructure (NKI) based on unique electromagnetic
    signatures of extremely low frequency (ELF).
  • Engineered information stored in distributed Blockchain Ledgers with more secure ”One-Time Pad” (OTP) communication protocols built with EAS (evolutionary) algorithms that permit true distributed and serverless computing.

Senior Cybersecurity Engineer April 2023 – December 2023 Adobe

  • Implemented a Container and Kubernetes Security program and process with various tools including Crowdstrike and internal tools to remediate vulnerabilities and block threats.
  • Engineered and configured container security and cloud native security best practices with various tools for container workloads.
  • Developed best practices in cloud security within the organization for Kubernetes clusters across various environments to remediate vulnerabilities.
  • Tested application security best practices within the organization by collaborating with various project and development teams.
  • Lead a team of security engineers and operations leads to implement security best practices for cybersecurity and internal controls frameworks.

Senior Security Engineer October 2022 – March 2023 HHAexchange

  • Implemented Application Security program and process with various tools including Metasploit and Burp Suite by remediating vulnerabilities and fixing cybersecurity threats.
  • Developed and configured native container security and cloud security best practices with SysDig for GKE and EKS workloads.
  • Lead cloud security best practices within the organization for Azure, GCP, and AWS to remediate vulnerabilities.
  • Designed application security best practices for IAM and AAD (Entra) within the organization with Contrast Cybersecurity tools.
  • Managed a team of security engineers and operations to implement security best practices for HITRUST AND HIPAA.
  • Implemented and managed Microsoft Defender, AAD, IAM, and O365 security best practices.

Senior Security Architect June 2021 – May 2022 Santander Bank

  • Designed secure IAM architecture within digital banking development teams and remediation of vulnerabilities.
  • Developed and configured SysDig CSPM and cloud workload protection with native AWS tools and processes.
  • Ensured analysis that the cloud network configurations maintained the best security practices and hardening guides.
  • Built code and maintained threat models for the digital banking architecture and AWS cloud teams.
  • Responsible for corrective action of security findings in AWS environments.
  • Worked with internal and external developers to ensure that the Santander technology code standards and best practices are continuously met for development and live applications within DevSecOps.
  • Expertise of PCI implementation and compliance review within a financial services environment.

Senior DevSecOps Engineer June 2021 – February 2022 Warner Media

  • Developed Jenkins code pipelines to audit and update networking configurations, firewalls, and secure architecture.
  • Developed and configured CSPM and cloud workload protection with native AWS tools and processes.
  • Deployed python code and contributed to code repository for the network configuration application.
  • Maintained network configurations and the cloud were designed and maintained with the best practices and security hardening guides.
  • Built and maintained Linux and windows systems with Bash, Powershell.
  • Responsible for corrective action of security findings in AWS environments.
  • Developed and provided support for core Continuous Integration and Continuous Delivery pipelines for network services.
  • Worked with internal and external developers to ensure Warner Media CISO and Technology code standards/best practices are continuously met for development and live applications.
  • Key wins deleted 100 monthly working hours for 3 staff members by automating switch, firewall and server maintenance routines, which terminated 25K down days per year across 5K network switches.

Senior Cloud Security Engineer November 2020 – April 2021 Deutsche Bank

  • Built code and delivered GCP with Terraform and Sentinel. Secure run-time services with policies from Prisma RQL including GKE, App Engine, Organizational Policies, and Docker with secure architecture.
  • Engineered hands-on infrastructure automation, secure software development, and application security testing and governance.
  • Designed hands-on experience with securing Kubernetes and containerization.
  • Provided domain expertise in cloud computing security, compliance, and security best practices.
  • Implemented code tests for industry compliance and security standards such as PCI DSS, ISO 27001, SOC 1, SOC 2.
  • Created Bash and PowerShell scripts and application security tests with Gherkin language and Powershell based security scanning tools.
  • Key wins successfully developed and automated over 500 security policies into code and other checks within GCP.

Senior DevSecOps Engineer April 2020 – September 2020 22nd Century Technology

  • Build code and deliver DevSecOps and DevOpsSec pipelines with Jenkins CI/CD to support development teams building applications in Java, JavaScript, NPM, and Python while deploying to AWS with CloudFormation.
  • Enhanced design and improved integration of API webhooks and code mirrors from various source repository SCM on Azure, AAD (Entra), Bitbucket, GitLab. Integrated and developed from many DevSecOps tools to customize automation for de veloper’s CI/CD and Docker.
  • Developed and maintained security scans with Xray, OWASP and SonarQube and analysis of security controls for SOPs, NIST, and FedRAMP. Deploy secure code to AWS EC2 and utilize AWS services such as Secrets Manager.
  • Created Bash and PowerShell scripting for application security testing with Sonar Qube static code testing for secure architecture.
  • Worked with SOC to respond to incidents and analyze security events.

Senior DevSecOps Engineer September 2019 – February 2020 Bechtel Corporation

  • Developed and engineered Azure, IAM, Terraform, Ansible, AKS deployments, Ku bernetes, Calico, Istio, Helm 3, Azure Cloud Security, SAST, DAST, GitHub Actions, NodeJS, IAM, ForgeRock, PKI, OAuth2, Docker.
  • Improved Configured continuous integration within Azure DevOps yaml files to in clude both CLI version of Twistlock and DevOps extension of White Source and OWASP scanning. Setup and configure Azure ATP and Sentinel on servers and workstations.
  • Enhanced Twistlock integration within CI build scans and Embedded the Twistlock RASP and other static scanning into the yaml so that container images were assem bled, built, and pushed to Artifact repositories fully secured and scanned based on required controls.
  • Developed CI/CD to Protect and defend Kubernetes clusters in AKS through Azure DevOps automation and Kubectl for ease of use for developers to deploy to secure
    environments and secure architecture
  • Engineered and improved the Operate and maintain documentation and process for Kubernetes clusters in AKS through Azure DevOps automation and Kubectl. Ensured best practice and proper guidance from Microsoft, Active Directory (AD).
  • Implemented and managed Microsoft Defender, AAD, and O365 Security as expert in AAD and IAM development.

Software Security Engineer February 2019-July 2019 Chase Bank

  • Worked within digital banking development teams.
  • Implemented PCI compliance and security controls into the software development life-cycle by using SAST, DAST, RASP, OSS, and manual code security scanning within CI/CD pipelines for the build, release, deployment of front-end and back-end code such as AngularJS, Node.js, Java Spring, Kubernetes, Calico, Istio.
  • Administered and analyzed improved automation of CI/CD pipeline of enterprise control standards based on PCI, NIST, SOX, and other internal financial industry standards. Utilized tools BitBucket, Jenkins, and development with Bash, Python, Java, and JavaScript all within hybrid AWS, PCF, Java Spring, NodeJS environments.
  • Developed with primary Cloud experts for automation review and guidance on OWASP, ESAPI, and other framework-based controls and standards. Utilized Cloud SDKs and vendor tools like Splunk SIEM, Hadoop, Kafka for compliance, logging, and monitoring of cloud and primarily application-level security controls.

Information Security Engineer September 2018 – February 2019 Travelers Companies

  • Delivered securely provisioned Symantec DLP, CASB, Bluecoat ProxySG, and other networking tools in a hybrid and cloud environment with AWS.
  • Operated and maintained Symantec DLP, CASB, Bluecoat ProxySG, and other net working tools in a hybrid cloud.
  • Protected and defended environments by investigating incidents by utilizing packet capture tools such as Nmap, Wireshark, and Fiddler. Improved and investigated, supported, analyzed Splunk and ELK alerts and logs for incidents.
  • Supported and stimulated Cloud authentication and authorization processes with documentation for PAM, OAuth2, ADFS, SSO for internal and SaaS services.
  • Developed experienced scripting needed with Python, Bash, and PowerShell for 2FA/MFA, logging, backups, storage.
  • Analyzed daily AV logs and alerts through network devices, responded appropriately by fixing incidents.

DevOps Systems Security Engineer February 2018 – October 2018 NASA Ames Research Center

  • Securely provisioned cloud deployments with vulnerability testing and performed remediation of automated provisioning issues.
  • Oversaw and govern the securing of AWS and Azure cloud computing infrastructure with open-source tools and vendor tools for incident response, auditing, monitoring, logging, and security threats.
  • Securely provisioned infrastructure automation scripts with Ansible and Terraform. Implemented tools such as AWS-IR, Cloud Custodian, and Stream Alert.
  • Refined operations and maintain malware detection and remediation duties for on premise devices. Utilized foot-printing and reconnaissance techniques for troubleshoot ing and security support.
  • Monitored, analyzed, and engineered network monitoring with tools such as Nagios, Zabbix, and Zenoss.
  • Protected and defended systems by vulnerability scanning and system hardening on Linux and Windows. Used expert knowledge of Cryptography and PKI to deploy client credential authentication.
  • Utilized access control tools such as AWS IAM, Firewall, RBAC, and AWS Security best practices.
  • Integrated Privilege Access Manager, PAM, Docker, Kubernetes, and ADFS for cloud and on premise IAM synchronization.
  • Configured CA PAM for use with AWS accounts and user logins. Work with IT and app teams to configure PAM setup.

Information Security Engineer November 2017 – January 2018 Wells Fargo

  • Worked within digital banking network security team.
  • Securely provisioned vendor tools for DLP, Cloud Data Protection, Tokenization, and Encryption duties for corporate security. Platform end-to-end encryption and security based on company best practices and guidelines.
  • Revamped and oversaw BYOK bring your own key for Salesforce, AWS, and SaaS applications key management life-cycle. Utilized file integrity, hashing, and other forms of data control and security for audit tracking.
  • Upgraded and securely provisioned deployment and configuration of Transport Layer Security, TLS 1.2/1.3 implementation, PKI certificates to servers. Worked with Data Loss Prevention, DLP, Proxy, CASB, SOC, and incident response.
  • Developed, analyzed, and investigated logs with tools such as Splunk, Syslog, QRadar SIEM, ELK, and custom scripts in Bash. Created Splunk reports and visualizations.

DevOps Systems Engineer December 2016 – May 2017 Optum United Health Group

  • Securely provisioned DevOps security and support for application developers, and networking. Developed tools for vulnerability scanning and remediation like Nessus, CIS, NIST, and OWASP scanning.
  • Analyzed and investigated with use of Network Security tools such as NetFlow, Fiddler, and Wireshark for security analysis. Designed and deployed systems for running Security Onion and Kali OS to on-premises Debian servers.
  • Operated and maintained use of Java Key Store, RSA, Certs, OpenSSL, SSO, Con tainers for securing application stacks while working closely with the Security Op erations Center (SOC).
  • Developed and analyzed Endpoint Security checks with vendor tools and responded to alerts from client agents through Puppet Foreman services. Integration of agents with AWS EC2 servers.
  • Protected and responsible for OS Hardening with CIS Benchmarks using manual and automated methods. Developed, operated, and maintained code for server automation with Puppet scripts and Foreman manager UI tool.
  • Administered and supported Active Directory (AD), Group Policy, and PAM for access and authorization services. Networking setup and data center work to provision and setup Hadoop servers on Dell hardware servers.

Cloud Applications Engineer March 2016 – November 2016 Siemens Mendix

  • Improved and administered Mendix product support and diagnosed technical customer product issues with the PaaS development platform. Reduced SLA time as a top performer by completing many SaaS support cases.
  • Securely provisioned Mendix cloud services with RSA, PKI, Application security monitoring agents, TVM, CI/CD, REST API Security, Docker, SAML Federation, HTTPS, OAuth2 for integration with services on AWS, Cloud Foundry.
  • Developed and Securely provisioned and implemented cloud services after threat analysis reports were issued by hardening, service port scanning, fingerprinting, using Wireshark to analyze applications network issues and JVM tools to analyze Java stack issues of applications for internal and external parties.
  • Development and responsible for customer DevOps Cloud deployments for customers through Mendix with AWS, Azure, Cloud Foundry, Rackspace, OpenStack, and Bluemix integration.

Systems Support Engineer March 2015 – February 2016 Man Group Numeric Investors

  • Performed and spearheaded production support L1/L2 tasks for AWS, server builds, software security, email servers, file transfer support, python development, and server support in a 24/7 fast-paced financial environment.
  • Implemented secure Windows servers, Active Directory support, Linux CentOS servers with security patches, software installs, maintained GPO, AD, LDAPS, SNMP, DNS, SSL/TLS, SFTP with internal and external parties.
  • Established DevOps with IBM Tivoli and BMC Control-M suite to build, test, and deploy code for application services and functions in Python and SAS code. Worked with Java application and .Net applications frameworks.
  • Maintained and developed AWS deployments for financial applications in Java with tools such as Ant, Maven, and CI/CD Jenkins with full stack services such as PostgreSQL, MongoDB, and Apache web servers.

Applications Support Engineer January 2014 – June 2014 Amazon

  • Securely provisioned and formulated tests for Firefly OS and Fire phone with application functional standards.
  • Performed Front-end application security tests, user data governance review and re porting, UI support, UX testing, and QA/QC testing based on industry standards NIST, ISO and results provided by lead engineers.