Inter-Office Memorandum

Posted by nmall002 on

Date:          August 22, 2023

To:             Nicholas Malley, Intern

Through:   Phil Mellinger, VP/Director Information Security & Information Security Officer 

From:        Craig White, AVP Information Security

Subject:     Internship Report (June 22, 2023 to August 23, 2023)

This report provides a summary of the internship of Nicholas Malley.

During his internship at Tower, Nicholas Malley’s performance was outstanding, and he was a tremendous addition to the Information Security team. Nicholas quickly gained knowledge on our many applications and services, including Cisco Umbrella, Sysmon, Digital Shadows, Splunk, PasswordSafe, Carbon Black Cloud/App Control, and the Tenable Security Center. He also gained insight into Tower’s Security Awareness Training program and the daily operation processes for Physical Security.

For his major assigned projects, Nicholas created four operational playbooks to support the department’s upcoming project to implement a Security Orchestration Automation and Response (SOAR) system (Tines).  The playbooks targeted designing automation of two services and backup processes. Nicholas subsequently presented the completed templates to the entire InfoSec team.  Nicholas also composed an Incident Response Summary Report of a third party vender compromise.  InfoSec provided his synopsis of the vendor compromise to Tower’s President/CEO and the Board of Directors.  Nicholas was responsible for directly supporting InfoSec’s Security Operation Center (SOC) daily processes for investigating, triaging, documenting, and reporting suspicious activities.  To support the SOC processes, Nicholas conducted remediation activities such as regulating the enforcement level of servers to allow file executables to run and support software installations or upgrades, granted temporary approval access requests of employees to support necessary business operations, and validated servers were both operating under the correct version and communicating/connected to the requisite consoles. In addition, Nicholas participated in daily InfoSec team updates and weekly meetings. He also attended weekly triage meetings to identify, prioritize and resolve cybersecurity threats and vulnerabilities across Tower’s infrastructure along with participating in the Information Security Governance Committee.

Leave a Reply

Your email address will not be published. Required fields are marked *