Andy Keating

Cybersecurity Architect | CCSP | GWEB

Visitor Count

August 2023 – Present

Principal Member of Technical Staff in InfoSec
Manage operational challenges and strategic initiatives
Provide architectural recommendations on datacenter, cloud, zone builds
Recommend security based practices for product feature integration
Prepare and present critical security metrics for leadership
Provide technical assistance and guidance to various technical teams within the InfoSec organization leveraging historical expertise and knowledge of the broader strategy
Evaluate and test new software solutions as part of creative solutioning for unique business problems
Principal security liaison for organizational projects
Secure integration efforts with external partners, including controls review, auditing, and testing

June 2022 – August 2023

Lead security liaison and engineer for a large merger-acquisition
Deployed state-of-the-art email security platform and reported associated time and cost savings
Technical lead on Enterprise Data Protection/DLP program
Implement defensible architecture across the enterprise
Scope security gaps and identify solutions
Evaluate solutions to best address cybersecurity use cases

March 2020 – June 2022

Build out the Cloud Security Incident Response procedures
Build and maintain Cloud Access Security Broker policies including DLP, configuration monitoring, and Shadow IT
Secure cloud environments (AWS, Azure, Google Cloud)
Identify organizational risk in the cloud infrastructure

April 2018 – March 2020

Build and maintain DLP policies for email, Office365, McAfee Endpoint
Perform incident response duties - responding to DLP violations, malware infections, dangerous browsing activity, etc.
Conduct corporate investigations as requested - lost/stolen devices, suspicious browsing, etc.

August 2016 – March 2018

Recommend tuning and adjustments of SIEM and IDS tools to decrease false positives and increase helpful detections
Manage reported/potential security incidents (SQL Injections, DDoS, Malware infections)
Respond to detected policy violations (P2P traffic use, inappropriate internet use, etc.)
Security remediation tactics such as blocking email addresses and URLs, submitting signature update requests to McAfee, assessing outdated practices
Perform packet analysis and reconstruct streams to identify the context of suspicious activity
Perform malware analysis in sandbox environment

January 2016 – August 2016

Monitor and review security logs to ensure user and network software are up to date and safe
Identify threats to the network, from both internal and external sources
Ensure security policies are comprehensive and sufficient for the protection of Protected Health Information and are in compliance with HIPAA regulations
Provide application support

July 2007 – December 2015

Starting as a call center agent, and moving up into various positions including program management, vendor and client management, business systems analysis, and database administration

Bachelor's Degree, Cybersecurity (September 2021)

Certified Cloud Security Professional (CCSP)

GIAC Certified Web Application Defender

AWS Certified Solutions Architect - Associate

**See my Credly for a complete list.**

Agentic AI - Risk and Cybersecurity Masterclass - 2025

SANS MGT520: Leading Cloud Security Design and Implementation – 2021

Security: Cloud Security, SASE/SSE, Data Protection and DLP, Email Security, SaaS, Threat Modeling

Tools and Technologies: AWS, Azure, Agentic AI, Generative AI, Security Posture Management (xSPM), Office365, EDR, IAM

Management: Metrics Reporting, Communication, Training, Documentation, Mergers & Acquisitions (M&A), Project Planning

Compliance: HIPAA, HITRUST, PCI, CFIUS, Compensating Controls, Risk Acceptance