Tim Salvador

Chicago, IL · [email protected]

Certifications

Skills

Network & Security Architecture
  • IP Networking
  • TCP/IP
  • DNS
  • Route53
  • Firewalls
  • Load Balancing
  • Microservices
  • RESTful APIs
  • SaaS/PaaS/IaaS
  • Endpoint Prevention, Detection & Response (EDR/XDR)
  • Security Planning & Development
  • Zero-Trust Architecture
Cybersecurity & Threat Intelligence
  • Incident Response & Forensics
  • Detection & Response
  • SOC Optimization & Management
  • SecOps Automation (SOAR)
  • Risk & Vulnerability Assessment
  • Threat Hunting & Intelligence (OSINT)
  • Deception & Adversary Engagement
  • Dark Web Monitoring
  • Web Application Firewalls (Cloudflare, Akamai)
  • Identity & Access Management (IAM)
  • Security Operations
  • Compliance & Regulatory Knowledge (PCI, NIST, ISO 27001, CIS)
  • Packet Capture & Analysis
  • MITRE ATT&CK Framework
  • Malware Analysis
Penetration Testing & Offensive Security
  • Red Teaming
  • Social Engineering
  • Phishing
  • OSINT
  • Web App Security
  • Exploit Development
  • Reverse Engineering
  • Metasploit
  • Burp Suite
  • Nessus
  • Nexpose
  • OpenVAS
  • SET
  • Wireshark
  • Shodan
  • Responder
  • Velociraptor
  • Kali Linux
  • Nmap
Log Management, SIEM & Threat Intelligence Platforms
  • Log Correlation & Analysis
  • Continuous Monitoring
  • Security Information & Event Management (SIEM)
  • Splunk
  • Elastic Stack
  • Graylog
  • ThreatConnect
  • ThreatStream
  • Cyderes
  • Abnormal Security
  • Syslog-NG
  • Tcpdump
  • Logstash
Cloud Security & Virtualization
  • Cloud Security (AWS, Azure, Google Cloud)
  • CloudTrail
  • S3
  • Cloudflare
  • Akamai
  • Route53
  • Containerization & Orchestration (Docker, Kubernetes, Proxmox, VMware, VirtualBox)
  • Identity & Access Control
  • Remote Access (VPN, OpenVPN, MFA)
Operating Systems & Platforms
  • Linux (Ubuntu, CentOS, FreeBSD, PFSense, Kali Linux)
  • Windows
  • MacOS
  • Android
  • Cisco
  • Palo Alto
Languages & Scripting
  • Bash
  • PowerShell
  • Python
  • Perl
  • Ruby
  • VB
  • HTML
  • PHP
  • CSS
  • JavaScript
  • Git
Defensive Security & Endpoint Protection
  • Bit9/Carbon Black
  • CrowdStrike
  • SentinelOne
  • Cybereason
  • FireEye
  • Malwarebytes
  • McAfee
  • Symantec
  • Proofpoint
  • Protectwise
  • Qualys
  • ThreatStack
  • Vormetric
  • Bluecoat
  • Kace
Digital Forensics & Investigations
  • Autopsy / SleuthKit
  • Velociraptor
  • Cyber Triage
  • Memory, Disk, and Network Forensics
  • Incident Response
  • Root Cause Analysis
  • Breach Investigation
Data Management & Database Security
  • Microsoft SQL Server
  • PostgreSQL
  • SQLite
  • MongoDB
  • Elasticsearch
  • Kafka
  • Log Analysis & Data Correlation
Networking & Infrastructure Tools
  • Active Directory
  • Group Policy Objects
  • IPSEC
  • ISC-DHCP
  • Apache
  • Nginx
  • IIS
  • Bind
  • OpenSSL
  • Postfix
  • Squid
  • Akamai
  • OpenVPN
  • Zabbix
  • Nagios
  • MRTG
IoT & Embedded Systems
  • Arduino
  • Embedded Security
  • Hardware Hacking

Experience

Incident Responder Manager

Illinois Tool Works Inc

  • Automated system log monitoring, SIEM operations, and network traffic analysis, increasing detection accuracy by 40% and reducing manual investigation efforts by 50%.
  • Directed incident response and threat monitoring teams, leveraging automation to enhance real-time detection, accelerate forensic investigations, and improve breach response times.
  • Implemented a new incident tracking system and developed proactive detection rules, streamlining resolution efficiency and cutting threat response times by 30%.
  • Mentored security team, fostering a collaborative environment that improved detection capabilities, incident response times, and forensic analysis outcomes.
  • Established and enforced security policies aligned with NIST and ISO 27001, ensuring regulatory compliance and effectively mitigating security risks.
  • Conducted comprehensive security risk assessments for new technologies and third-party vendors, identifying critical threats and ensuring alignment with industry security protocols.
  • Optimized security monitoring workflows and integrated SIEM tools (e.g., InsightIDR), enhancing threat hunting and improving incident response times by 35%.
  • Performed penetration testing and proactive threat hunting, uncovering vulnerabilities and strengthening security posture across endpoint, network, and cloud environments.

April 2024 - October 2024

Senior Information Security Manager II

Groupon Inc

  • Led Security Operations, Cloud Security (AWS | GCP), and Application Security teams, enhancing incident response times, broadening detection coverage, and strengthening overall security posture.
  • Engineered and executed robust security controls, improving security posture by 70%, mitigating cyberattacks by 50%, and ensuring 100% compliance with industry standards (ISO 27001, NIST).
  • Devised continuous monitoring and detection rules using Chronicle Backstory, enhancing security visibility across cloud, network, application, and endpoint environments.
  • Architected cybersecurity frameworks, achieving an 85% improvement in critical system protection and a 20% reduction in security downtime through proactive design and risk mitigation.
  • Migrated on-prem security tools to a cloud-based platform with a code repository, optimizing security operations and reducing costs by over 80%, driving operational efficiency.
  • Streamlined web application firewalls, improving threat detection accuracy by 90% and reducing false positives by 75%, strengthening the organization’s defense mechanisms.
  • Integrated security tools, enhancing threat detection and response, improving monitoring efficiency, and proactively mitigating 95% of risks before exploitation.
  • Spearheaded incident response, forensics, and threat intelligence strategies, optimizing triage, analysis, and remediation efforts to safeguard organizational assets.
  • Oversaw security compliance initiatives, conducting ISO 27001 audits, risk assessments, and vendor security reviews, ensuring regulatory alignment and reducing security gaps.
  • Orchestrated security awareness programs, reducing phishing-related risks by 50% through targeted training and simulated attack scenarios, improving employee vigilance.
  • Directed penetration testing and web application security assessments, identifying vulnerabilities, enhancing secure coding practices, and driving continuous security improvements across the development lifecycle.

March 2020 - July 2023

Sr Security Analyst III (CSIRT)

AbbVie Inc.

  • Led Incident Response (Blue Team), Forensic Analysis (Green Team), and Penetration Testing (Red Team), reducing incident resolution time by leveraging proactive threat hunting, intelligence gathering, and remediation strategies.
  • Championed penetration testing and vulnerability scans, identifying critical vulnerabilities in 95% of tested systems and driving remediation efforts to mitigate security risks.
  • Engineered security detection methods for AWS, enhancing SOC triage visibility and significantly improving incident response capabilities.
  • Conducted Wi-Fi network testing, credential enumeration, and malware reversing, identifying Indicators of Compromise (IOCs) and strengthening threat detection and hunting capabilities.
  • Performed application security assessments, AV evasion testing, and lateral movement exercises, reducing the organization’s attack surface and improving overall security posture.
  • Executed proactive threat hunting and incident response, preventing security breaches and reducing Mean Time to Resolution (MTTR).
  • Analyzed security logs and network traffic, providing actionable insights that enhanced threat detection and response strategies across the organization.
  • Coordinated red team assessments and managed external audits, ensuring compliance with GDPR and industry standards.
  • Created and enforced internal security policies and procedures, improving incident response and operational security.
  • Leveraged Burp Suite, Metasploit, and custom scripts for penetration testing, vulnerability management, and security assessments, increasing the effectiveness of security operations.

August 2018 - February 2020

Threat Exposure Manager

Uptake Inc.

  • Directed frontline security operations across IPDRR, reducing threat response time and strengthening security resilience.
  • Engineered cloud security detection and monitoring frameworks, optimizing response times and improving security visibility.
  • Established an agile and scalable detection and response framework, reducing malware, exploits, and SPAM-related threats, while boosting real-time threat detection and risk mitigation.
  • Fortified security posture through proactive penetration testing, cloud monitoring, and vulnerability management, remediating critical vulnerabilities.
  • Optimized SIEM solutions, increasing threat detection and reducing incident response times.
  • Mentored and guided teams on TTPs, improving efficiency and enhancing response capabilities.
  • Deployed and managed enterprise-grade security tools, strengthening network and endpoint coverage.
  • Led comprehensive risk and vulnerability assessments, providing strategic recommendations that strengthened security posture and ensured vendor compliance with industry standards.
  • Developed and tested incident response plans, ensuring operational readiness by leading tabletop exercises.
  • Simulated APT attacks, coordinated penetration tests, and improved security awareness and organizational preparedness.

June 2015 - June 2018

Security Analyst

Cleverbridge Inc.

  • Engineered network security controls, reducing security incidents by 25% within the first 90 days.
  • Spearheaded vulnerability assessments, penetration testing, and web application security reviews, identifying and remediating critical vulnerabilities.
  • Proactively monitored security advisories, conducting risk analysis and deploying mitigation strategies to reduce risks.
  • Led NetOps Risk Management and executed PCI audits, reducing PCI-related risks and strengthening compliance.
  • Developed and optimized incident response protocols, performing triage, forensic analysis, and continuous security monitoring.
  • Championed security awareness training, improving employee engagement and reducing human error-related incidents.
  • Assessed third-party vendors’ security compliance, fortifying the supply chain’s overall security posture.

August 2010 - May 2015

ISP Field Support Technician Lv.2 / Network Engineer

onShore Networks Inc.

  • Designed, installed, and managed secure DSL, Cable, Ethernet, and Wireless networks across 97 locations, supporting ~9,000 users while optimizing reliability and security.
  • Configured and deployed routers, switches, access points, and analog phone gateways (Cisco, Allied, Overture, Mikrotik, Ubiquity, Mediatrix, C9 Networks, Versa Technology) with a focus on network security and performance.
  • Provided Level 2 ISP support, troubleshooting voice services, T1 installations, and network connectivity issues while identifying vulnerabilities and strengthening infrastructure resilience.
  • Engineered and deployed secure Point-to-Point and Point-to-Multipoint wireless solutions (IEEE 802.11a, proprietary 60GHz), enhancing data transmission security and mitigating interference risks.
  • Implemented and maintained Wi-Fi networks with encryption standards and access controls to prevent unauthorized access and ensure compliance with security best practices.
  • Diagnosed and resolved network issues, performing root cause analysis and implementing security-focused remediation strategies.
  • Conducted building audits, topology tracing, and infrastructure documentation to ensure proper segmentation, reduce attack surfaces, and enhance network security.
  • Installed and secured phone wiring blocks, data cabling patch panels, and communication systems to prevent unauthorized access and mitigate eavesdropping risks.
  • Supported field technicians with secure network configurations, threat mitigation strategies, and deployment of hardened infrastructure components.

2008 - 2010

Proud Father and husband

The Salvador Family

Enjoying every moment and creating memories with my family of 5

March 2023 - Current

Education

DePaul University

Masters of Science (MS)
Computer, Information and Netwok Security (CINS)

Affiliations: DePaul Sec Daemons, DePaul Linux Community, ISACA – DePaul

2011 - 2012

DeVry University

Bachelor of Science (BS)
Telecommunications and Network Management

Graduated with Honors – Cum Laude

2003 - 2006
Nifty tech tag lists from Wouter Beeftink