Ryan Fortress

Solutions Architect, Cortex XSOAR

• Wrote multiple integrations with XSOAR / XSIAM including OpenCVE and Ollama
• Created an advanced Threat Intelligence workflow that ingests blogs as Blog Reports. IOCs are automatically parsed from the blogs and associated with the report. In addition, using Ollama I was able to use local LLM models to identify any adversaries, threats, campaigns and more and have them automatically associated with the other threat intelligence.
• Driving high technical validation and PoV win rates in Cortex XSIAM, XSOAR and Xpanse
• Architect solutions that will help our customers strengthen and simplify their security posture

Senior Tech Alliance Engineer

• Hosted webinars with partners to bring to market new integrations. (Siemplify, Axonious, Intsights)
• Gaveg theater presentations at major conferences like RSA with Technology Alliance Partners like Siemplify.
• Wrote several integrations to help progress partnerships when roadmaps prevent Engineering from acting quickly. (ThreatConnect, Zscaler, Node-RED, ServiceNow, Proofpoint, Sumologic, etc.)
• Evanged VMware Carbon Black at major industry conferences including Black Hat 2019, Zscaler Zenith Conference 2019, Splunk .Conf 2019, RSA 2020, VMworld 2019, 2020 & 2021.
• Helped drive strategy with priority Partners that help enable the VMware Intrinsic Security message. This includes a complete XDR framework with Proofpoint (email, CASB and DLP), VMware Lastline (NDR and Sandboxing), Recorded Future (Threat Intellegence & Vulnerability), and Sumologic/LogRhythm (SIEM/SOAR).
• Created an intenal resource to enable the Sales team in their engagements with customers. The site allows the user to see all VMware Carbon Black integrations across all product lines, filter by product, category and use case, and have in a few clicks all collateral (integration overview, demo video, joint solution brief, joint sales deck, links to blogs/external messaging, and competitive differentiators) at their disposal.

Senior Tech Alliance Engineer (Carbon Black)

• Acquired by VMware October 2019.

Senior Sales Engineer

• Delivered demos, trials, and workshops based on ThreatConnect’s Cyber Threat Intelligence and Orchestration Platform to the top threat intel teams for some of the largest energy, finance, health and retail customers in the world.
• Evangelized ThreatConnect and Threat Intelligence Platforms at major industry conferences including RSA 2017/2018, Black Hat 2016/2017/2018, Splunk .Conf 2017, CanSecWest 2017, and many more regional events.
• Worked with new and existing customers to provide guidance on developing and automating Cyber Threat Intelligence programs.
• Authored multiple field integrations to support complex sales which directly lead to exceeding annual sales quota every year.
• Left due to acquisition.

Customer Success Engineer

• Interpreted customer pains and prodvide creative solutions. This included writing custom integrations between ThreatConnect and other security software (SIEMs, firewalls, HBSS, etc.) in Python.
• Interfaced with customers to bring their security operations to a higher level by incorporating their analytical process into ThreatConnect and automate many time consuming tasks and lowering MTTR.
• Provided training to customers on threat intelligence methodologies/best practices and how to use the advanced features in ThreatConnect to get the most accurate and detailed information on existing intelligence to help lower risk and expedite attribute of attacks.
• Managed some of the most difficult customer's expectations, feature requests, and bug reports.

Security Developer

• Developed a SEIM (Phoenix) that replaced ArcSight for the Military Health Systems NSOC and saved the organization over $1.2 million per year.
• Phoenix enables the analysts to quickly obtain and correlate information from multiple sources (IDS/IPS, HBSS, OSINT, scanners, etc.) and integrates existing tools (Splunk, ticketing, reporting, analytics, etc.) into a single easy to use interface.
• Phoenix increased analyst productivity by 84% and lowered event and incident response time by 32%.

Cyber Threat Analyst

• Provided support for the ongoing analysis of threats capable of impacting resources being serviced by the NSOC NCD SP activity based on review of programmatic, technical, and daily review of open source intelligence (OSINT) as well as classified threat warnings and bulletins.
• Performed daily reviews of cyber threat warnings, bulletins, alerts, and incident reporting documentation produced by the director of National Intelligence (DNI), National Intelligence Council (NIC), Defense intelligence Agency (DIA), National Security Agency (NSA), United States Strategic Command (USSTRATCOM), Joint Task Force Global Network Operations (JTF-GNO), United State Cyber Command (USCYBERCOM), Central Intelligence Agency (CIA), Department of Homeland Security (DHS), and US Computer Emergency Response Team (US CERT).
• Coordinated and de-conflicted threat analysis activities and reporting with existing NSOC IAVM program infrastructure.

GBS Network Technician

• Installed and operated the Global Broadcast System which enabled the US ARCENT Command Group and G2 Intelligence/Security to view and analyze UAV feeds from throughout South West Asia.
• Completed over 350 maintenance actions and 12 real world missions to provide over 26,800 hours of secure and non-secure communications capability at 99% availability.
• Troubleshot satellite, data, and radio networks as well as Linux and Windows systems when any problems occurred.
• Ensured the dedicated network met DOD-CERT IAVA security standards to provide secure downloads for the US ARCENT G2 Intelligence team.

Network Technician

• Responsibilities included installation, operation and maintenance of tactical satellite radio equipment for the Coalition Forces Land Component Command (CFLCC).
• Served a the Network Control Station which provided a contingency network for all of Third Army’s military posts in Kuwait.

Noncommissioned Officer in Charge

• Responsible for the daily operations of the USARCENT (Army Central) Command Group. Responsibilities include: escorting congressional delegates, senators, and general officers (including the Secretary of State, Secretary of Defense, and over half the members of the US Congress and Senate in office at the time); plan and coordinate events such as dinners for distinguished visitors (including President and First Lady Bush).
• Provided support for and worked on a daily basis with General Officers including 6 Brigadier Generals, 1 Major General, and 1 Lieutenant General. Quickly learned the skills needed to work with the most demanding customers at the highest levels.