Sammy Kerfan
Experience:
2022 : Present
Cash App
Senior Information Security Analyst
● Designed and developed new automation tools for vulnerability management programs.
● Stood up new security infrastructure to replace legacy infrastructure components.
● Lead incidents to resolution and hosted post-incident reviews with C-level attendees after.
● Monitored security tools and handled incoming alerts and identified threats quickly.
2021 : 2022
BlackLine
Information Security Engineer
● Managed core infrastructure including data centers, hypervisors, email, AD, VoIP, and more.
● Automated tasks with PowerShell for Windows systems, and Python for Linux systems.
● Served as an incident responder for any security incidents that arose. Worked swiftly to
re-secure affected systems/services, performed detailed audits afterwards to validate initial
findings, and created lessons learned for future improvements to company security posture.
● Developed detection signatures based on prior incidents and newly released vulnerabilities.
● Organized regular end user security awareness training and testing for all staff.
● Handled the technical requirements and logistics of multiple large acquisitions.
2019 : 2021
DDN Storage
Security/System Administrator
● Analyzed centralized logs and correlating data to look for suspicious activity (Splunk).
● Drafted incident reports and escalated urgent and high-risk situations when appropriate.
● Collaborated with diverse SMEs to understand and address complex incidents impacting us.
● Researched and reviewed threat vectors, determining if they were acceptable or unacceptable
according to the bank's policies, standards, and risk appetite.
● Provided recommendations for risk mitigations to improve our security posture.
2017 : 2019
Bank of America
Information Security Specialist
● Designed and developed guard service scheduling app (PHP, MySQL, Bootstrap).
● Managed systems in AWS, Active Directory, GPOs, permissions, users, and devices.
● Overhauled company security policies to better protect company data and assets.
● Took lead on the logistics of migrating IT resources during the company's HQ migration.
2015 : 2017
guardNOW Security Services
Developer/System Administrator
Company: Cash App
Years of Experience: 10
Spoken Language: English