Joshua T. Strickland

• Provide 24/7 SOC services to small businesses and MSPs, actively triaging alerts and blocking malicious traffic
• Conduct threat hunting within client SIEM environments to identify and respond to potential security threats
• Develop and implement detection mechanisms using Fibratus to monitor kernel-level events for malicious activity
• Configure Fibratus Event Log integration with SIEM systems for enhanced threat detection capabilities
• Build and implement detections to isolate malicious activity and terminate malicious processes
• Create bi-annual reports for clients detailing significant alerts and security activity within their environment

• Configured and managed Fortinet firewalls and Ubiquiti network switches to optimize security and network

performance.

• Handled on-premises and cloud-based identity management using Active Directory (AD) and Entra ID,

implementing Conditional Access Policies and enforcing Multi-Factor Authentication (MFA)

• Developed and executed PowerShell scripts to automate security configurations, including enabling SMB

Signing and restricting LLMNR/NetBIOS to prevent relay attacks and reconnaissance

• Configured DHCPv6 and ICMPv6 rules via scripting to prevent Man-in-the-Middle (MITM) attacks.

• Used PowerShell scripting to manually patch vulnerabilities as needed, ensuring timely remediation of security

threats

• Deployed ThreatLocker for application whitelisting and privileged access management (PAM)

• Implemented and enforced Password Policies, leveraging Entra ID Password Protection for enhanced security

• Set up and maintained Virtual Machines in Hyper-V and ProxMox to deploy security tools such as Vonahi

• Configured CyberCNS (ConnectSecure) for comprehensive vulnerability scanning and patch management

across all client systems

• Conducted security assessments, identifying vulnerabilities and providing detailed remediation plans

• Focused on aligning security measures with NIST standards (800-171, 800-61), creating Incident Response

Policies and Disaster Recovery Plans

• Managed data backups using Datto and Axcient, ensuring data integrity and availability

Configured and managed email filtering solutions with Barracuda, ensuring that Microsoft 365 accounts and

emails were securely backed up and restorable

• Monitored and responded to security incidents using Huntress EDR, remediating breached accounts and

conducting malware investigations

• Utilized Intune for Mobile Device Management (MDM), managing device deployment and Azure integration

without on-premises Domain Controllers

• Developed and enforced security baseline policies in Intune, and conducted security awareness training with

Bullphish, including simulated phishing exercises

• Conducted security audits and scans for clients using Vonahi and CyberCNS, providing detailed reports and

remediation plans.

• Maintained up-to-date knowledge of current cyber threats by reading industry related news, reviewing write-ups

on new malware and TTPs, listening to podcasts, and attending conferences.

• Investigated security incidents by collecting relevant evidence from system logs and analyzing system

configurations to determine root causes of breaches in security measures.

• Installed and configured Domain Controllers, ensuring secure authentication and network policy enforcement

Utilized Datto RMM for remote monitoring and management, automating routine maintenance tasks and system

updates.

• Deployed and configured hardware, set up PCs, and integrated them into existing network infrastructure

• Provided technical support and handled escalations, resolving network and system issues efficiently

Assisted with firewall maintenance, including configuring security policies, updating firmware, and monitoring

logs for potential threats using Fortinet and Ubiquiti.

• Set up Azure Cloud Sync on Domain Controllers, facilitating seamless identity and access management across

hybrid environments.

• Employed Domotz for real-time network health monitoring, diagnosing connectivity issues, and optimizing

network performance.

• Managed service tickets and client projects using AutoTask PSA tool, ensuring timely resolution and client

satisfaction.

• Conducted in-depth technical troubleshooting, resolving network connectivity issues, diagnosing server and

workstation performance problems, and addressing hardware/software conflicts.

• Collaborated with other technicians to implement network improvements and optimize system performance,

including VLAN configuration and network segmentation.

• Used VulScan and Network Detective for comprehensive vulnerability assessments and network health checks.

• Provided front-line technical support for end-users, troubleshooting hardware, software, and network issues

• Managed Active Directory and user identities using CyberQP, Duo, and AutoElevate, ensuring synchronization

with the Microsoft Office 365 Admin Portal

• Rotated domain admin credentials using TechIDManager to bolster security and mitigate credential theft risks

• Administered Windows Server environments, focusing on performance optimization and system stability

Configured and managed Office 365 services, implementing advanced email security measures with

MailProtector

• Employed ConnectWise RMM for comprehensive device management, including scripting for automation and

deploying patches

• Configured and managed firewalls and VPNs using Watchguard, establishing secure remote access solutions

• Provided detailed documentation and support to users, ensuring they were informed of IT policies and

procedures

• Ensured continuous data protection and accessibility using Axcient backup solutions, performing regular

backup verification and recovery tests

• Conducted vulnerability assessments and reinforced defenses with Bitdefender Antivirus, monitoring and

responding to security incidents.

• Managed Active Directory across 15 domains, focusing on security group management, policy enforcement,

and event viewer monitoring.

• Implemented Group Policies to enforce software restrictions and ensure consistent application access across

multiple hotel locations.

• Led Wi-Fi upgrade projects across multiple hotels, deploying modern, efficient, and secure wireless solutions

Configured and managed switches and firewalls using SonicWall features, optimizing network security and

performance.

• Enhanced network security using ZScaler, establishing secure connections with Site-to-Site VPNs and

segmenting networks with VLANs.

• Collaborated with vendors to implement optimal network solutions, integrating platforms like Hyper-V, VMWare,

and Veeam for virtual environments and data backups

• Used PDQ Deploy for efficient patch management and application deployment, ensuring systems were up-todate and secure.

• Conducted detailed vulnerability assessments using Rapid7, addressing potential threats and improving the

overall security posture.

• Administered mobile device management policies using ManageEngine MDM, ensuring secure and efficient

mobile operations.