Matthew Greenwood
Details
Information Systems
University of Washington - Michael G. Foster School of Business
2014 : 2018
A large, federated organization like UW with hundreds of IT departments of varying maturity is an immense challenge to defend and requires continuous collaboration with a large group of stakeholders. I contribute to the writing and editing of the Cyber Intelligence Report, which is distributed each week to several hundred individuals consisting of IT administrators and leadership. The Report informs its recipients about weekly cyber operations and shifts in the threat and vulnerability landscape that have the potential to create impacts to confidentiality, integrity, and availability of UW systems and data. Additionally, I assist in crafting communications and presentations to mixed technical and non-technical audiences describing notable cyber events or providing security recommendations.
I have worked extensively in an incident response role, specializing in providing network forensics including the analysis of log, netflow, and pcap data for security investigations. In support of my work in this capacity I have taken the SANS FOR572 : Advanced Network Forensics course.
Over several years in the Office of the CISO I have had the opportunity to lead several security engineering projects providing enterprise-wide benefits. In the absence of an efficient mechanism to block domains from the organization's network, I developed a tool to work with existing DNS infrastructure, creating an RPZ blocklist fed with external high-risk domain lists, and able to updated in real time by security operations staff. Another tool I had the opportunity to develop uses SSL Certificate Transparency Logs to monitor millions of public domain registrations daily for the presence of domain spoofing attempts that may be used in targeted phishing.
2018 : Present
University of Washington
Information Security Analyst
Served in a Security Operations role, monitoring and acting on incoming alerts and requests. Largely focused on analyzing anomalous authentications and account access, as well as responding to phishing campaigns, external compromised device notifications, and some tools engineering.
2016 : 2018
University of Washington
Student Staff Lead, Office of the Chief Information Security Officer
Skills
Analytical Skills, Bash, Communication, Cybersecurity, Cyber Threat Hunting (CTH), Cyber Threat Intelligence (CTI), Data Structures, Email Security, Firewalls, Identity & Access Management (IAM), Information Security, Information Security Management, Information Technology, Internet Security, IPS, IT Risk Management, IT Security Operations, Java, JavaScript, Linux, Linux System Administration, Log Analysis, Malware Analysis, Netflow, Network Forensics, Networking, Network Security, Packet Capture, Perl, PHP, Programming, Python (Programming Language), Risk Management, Security, Security Analysis, Security Consulting, Security Engineering, Security Information and Event Management (SIEM), Shell Scripting, Social Networking, SQL, Threat & Vulnerability Management, Threat Analysis, Threat Assessment, Threat Intelligence, Vulnerability Assessment
About
I have had the opportunity to work in a highly complex environment and tackle diverse challenges in my time as an Information Security Analyst at the University of Washington, an organization with hundreds of thousands of constituents and threats that range from the mundane to the extremely sophisticated. I have honed a variety of skills in my career in support of the Cyber Intelligence program at the UW, including network forensics, threat hunting, and development of enterprise-scale tools for cyber defense. While technical defenses are important for protecting organizations, people are the last line of defense and an organization cannot effectively defend itself without security professionals willing to communicate and collaborate throughout the enterprise. A risk-based approach to cyber security is essential to prioritize efforts into defending against threats that have the capability and intent to cause disruption to an organization.
Thanks for checking out my profile! Feel free to connect or send me a message at matthew.greenwood4@gmail.com.