Professional Documents
Culture Documents
Nystrom
E-mail : martin.nystrom@gmail.com Website: xianshield.org,
blogs.cisco.com/author/martinnystrom,
linkedin.com/in/mnystrom
Objective
Build and operate cyber security programs to protect customers and enterprises
Profile
Proven cyber security executive with experience delivering $50M+ portfolios, building and leading customer-facing security
services, and corporate InfoSec
Specialties
Work experience
Cisco Security Services December 2015 Present
Director
Responsible for global delivery of rapidly growing $55M managed security portfolio, including advanced cyber threat detection
and security device management.
24x7 delivery across 4 global Security Operations Centers (SOC) in USA, APAC, and EMEAR
Directs global team of team of senior security investigators to hunt threats using advanced threat intelligence, security
telemetry, and advanced analytics
Delivers and cultivates rapid threat detection and mitigation using Cisco Sourcefire IPS with AMP, ThreatGrid
sandboxing, advanced threat intelligence using CIF, Soltra, and OpenSOC, including Hadoop for consuming, parsing
and analyzing 6 Gbps at each PoP, with all forms of system telemetry and syslog
Delivers expert security device management including monitoring, planned changes, patch management, and
architectural growth
Specialist in cyber security for healthcare and public sector
Martin G. Nystrom 1
24x7 advanced cyber threat detection across 4 global Security Operations Centers (SOC) in USA, APAC, and EMEAR
Responsible for rapidly growing $5.5M service portfolio
Manages team of senior security investigators to hunt threats using advanced threat intelligence, security telemetry,
and advanced analytics
Delivers and cultivates rapid threat detection using Cisco Sourcefire IPS with AMP, ThreatGrid sandboxing, advanced
threat intelligence using the CIF, and OpenSOC, including Hadoop for consuming, parsing and analyzing 6 Gbps per
PoP, with all forms of system telemetry
Curates hot threats to rapidly respond and monitor for IOCs gleaned from emerging attacks, conceptual attacks, and
urgent vulnerabilities such as Heartbleed and Shellshock
Developed and coordinated broad InfoSec strategy to detect and contain advanced threats
Coordinated all CSIRT operations to ensure investigations, analysis, and engineering functions execute consistently
Architected, budgeted and delivered new $1M portfolio for CSIRT, enabling global cyber security solutions and growing
investigations staff of 60.
Managed successful delivery of massive security response portfolio including Splunk, Cisco WSA, Cisco IPS,
Sourcefire FirePower and AMP, Cisco ESA, FireEye, Passive DNS collection, DNS-RPZ, Cisco ISE, Lancope
StealthWatch, and Mandiant, collecting over 20 billion events per day into 1TB of growing events per day.
Lead and drove improvements to information security monitoring and incident response
Developed strategy for broader team, ensuring project portfolio alignment with strategic objectives Conducted global
threat summit with diverse IT staff, drove projects to mitigate identified threats Tested and drove improvements to Cisco
products (CS-MARS, CS-IPS, others) by regularly engaging engineering/marketing based on deployment experience
Developed standardized incident response handbook for global investigative staff, coordinated input and approval
across HR, Legal, and internal auditors
Selected to attend Cisco Global Technical Leader Program, 2008
Martin G. Nystrom 2
Developed and delivered Secure Web Programming in Java course for global development staff Provided on-call
incident response support: troubleshot high impact incidents, deployed firewall changes, investigated security incidents
Developed Partner Business Central - a portal into e-channels applications that allow Cisco partners to select, compare, and
configure Cisco products, then interact with Cisco distributors for pricing, availability, and ordering. Product built in Java, using
XML/XSL, CORBA, and Oracle, allows data exchange with business partners using XML over HTTP. Enabled RosettaNet
integration for standardized message exchange with Cisco business partners.
Education
Master of Engineering
North Carolina State University
Master of Engineering in Computer Science
Bachelor of Arts
Iowa State University
BA, Business Administration in Management Information Systems (MIS)
Certifications
Certified Information Systems Security Professional (CISSP)
specialization: Information Systems Security Architecture Professional (ISSAP)
Martin G. Nystrom 3
Cisco Certified Network Associate (CCNA)
Martin G. Nystrom 4