Howard Miller

Contact Information:Email: hmiller550@gmail.com

Seattle Area, WAArcSight Certifications:

AESA , ACIAOther Certifications:

COMP TIA Security+, Netscreen Network Certified Internet Specialist JNCIS-FWV Firewall/VPNTechnical Training:

ArcSight Certified Security Analyst (40 hrs-2005), AESA 5.0 (former ACSA), Fiber optics, MCSE, Linux, PHP, JAVA programming.ArcSight Activate Training - 4/13/15, 5 Day Training and Workshop

Federal Experience: 4 years, Primarily MilitaryDoD 8570.01-M Certs:IAT-II

Security Clearance: Secret (Applied for TS May 2013)Education: Business Management/ Electronic Technology Engineering, Utah Valley State University-2005Summary of Qualifications

Design, layout, install, performance monitoring and content authoring for ESM 3.5-5.0, 6.0c, 6.5 and 6.8 ArcSight SIEM Manager.

Logger Filters, Searches and Reports. Connector Appliance with local and remote software connectors. Flex connector authoring and design. Providing onsite commercial customers, federal, military and local government representatives

and SIM program manager with consulting, design and best practices using SIM technologies Linux OS install, system health, ArcSight Linux preparations. Providing software and component customization services to enhance and support ’s mission,

such as connector parser overrides, categorization tools, multiuser database tracking of ArcSight full packet capture requests and visualization development

Extensive knowledge and experience with installing and maintaining ArcSight Enterprise Security Manager, Oracle database or CORR, Connectors, Forwarders, Logger, Connector Appliances

Skilled in ArcSight SIM layout design, creating dashboards and reports, understanding methodologies and engineering of SIM components and system installation, configuration, integration and troubleshooting.

Extensive and growing knowledge of hidden attacks and social engineering and detections using SIM technology

Performs routine Use case development and implementation of use cases for analysts, government representatives and team leads; develop workflow, stages, rules, active lists, dashboards and data monitors, reports, variables

Expertise in the areas of network/computer security, incident analysis/handling/reporting, detection/logging systems, system/tool integration, JAVA software development, and security related to known and un-known threats

Extensive knowledge of other tools used by analysts for detection and analysis; proficient in tools such as full packet capture technologies and remedy reporting system

Knowledge of global network defense/assurance organizational structure/roles/capabilities

Relevant Work Experience

Microsoft, Redmond, WA (Contractor), ArcSight Nov 2013 – Present

ArcSight ConsultantPresent Extended Contract Ends 6/15/15

Create content based on use cases for Microsoft users and clients. Maintain Three ESM 6.0 Managers, 5 ConAps and over 100 connectors Performed daily health checks and system alert modifications and enhancements. Build Flex connectors/parsers for existing connectors. Designing of worldwide tiered ArcSight solution. Special SIEM related projects. Developed ArcSight manager log monitor content.

ArcSight Inc. Cupertino, CA Nov 2005 – Nov 2013

ArcSight, Professional Services - Nov 2008 – Nov 2013 Extensive build out of rules and alert logic use cases for customers worldwide. Plan and implement hardware and content moves from a competitive SIEM’s to ArcSight ESM

6.0c. Install of Arcsight ESM 6.0c and Loggers and connectors. Configured connectors for Diode transfer for one way traffic. Built out categorization and zone files. Flex connectors, parsers, XML, Database, Log, CEF Backup local SIEM content to safe network shares, disaster recovery planning. Mapping customer’s custom malware server database to ArcSight CEF fields and configure

connector to deliver events to ArcSight 6.0c manager. Provide consulting on other methods to deliver events and also content suggestions and documentation of solution.

SOC – DISA: supported the global and regional network defense missions. Local responsibilities include: Local government requests, such as network design to fulfill local and global network defense measures and goals, Also support on-scene ArcSight technologies / analysis / engineering / integration of devices feeds to the ArcSight SIEM, encourage and recommend new feeds to enhance correlation, detection of hidden attacks and reporting; examine/resolve operational issues; design, test, deploy, configuration, analysis, correlation content; explain complex system capabilities to analysts/leadership; provide detection strategy and integration advice; coordinate/collaborate with PEO-MA program manager and engineers, global ArcSight embeds, and contracted system support organizations; configure systems to meet operational

needs; conduct internal research to identify feature/bug/resolution information; develop/maintain software to transform external data into system-usable formats.

ArcSight, Technical Support - Nov 2005– 2008Senior Technical Support Engineer

Technical Support Engineer, supporting customers on ESM, Loggers, Connector Appliances and Connectors.

Juniper Networks, Sunnyvale, CA July 2004 – May 2005Technical Support EngineerProvided support of internet security systems; Firewalls, IDPs (IDS) and security management software (NSM) with an average of 35 cases per month on medium to large firewall systems, clusters, IDS systems, management systems, routing, VSYS, VLAN’s, creating and configuring PKI certificates for login and VPNs, hub and spoke and regular IPsec VPNs, JNCIS-FWV

McKechnie Aerospace, Reno NV Nov 2000-July 2004Network AdministratorResponsible for seventeen servers and 75 users at five locations in the U.S. and Europe. Installed and maintained Microsoft NT 4.0 and Windows 2000 servers. Managed over fifteen technical proposals, project management and implementations. MS Exchange server. Installed and maintained Cisco routers, PIX and firewalls. Designed and implemented Windows XP professional upgrades. VERITAS and Legato Backup Software. Tape backup autoloader tape systems. Telephone and voice mail systems.

Quintus Resorts, Minden, NV July 1998-Nov 2000 Network Engineering SupervisorMicrosoft terminal servers, Citrix Metaframe, and remote thin clients using various thin client hardware, Compaq servers using RAID 5 storage. Designed, Installed WAN connections using Cisco routers. Project management & technical proposals. Veritas Backup Software. Linux Servers, POP3 and Send-mail.

Anglo Gold Mining, Elko, NV May 1995 -July 1998 MIS Coordinator Design and Installed Campus Wide Networks in large mine areas using Fiber Optics, routers, channel banks, NT servers, RAID, Backup Systems and Microwave Transmissions. Maintained router WAN links and operations on 27 mines throughout the U.S.Maintained fifty users’ windows 98SE, Novell 4.x and 5.x servers. Veritas Backup Software. UNIX workstations and servers.

Managerial References:

Nathan Ng – - Direct contact while at DISA SOC Nathan.ng@disa.milRay Patterson ArcSight Pro Services Director (left ArcSight) Raymondmpatterson@gmail.comKevin Doty, Direct report at ArcSight for SOC Kevin.Doty@HP.com