Justin Kelso Resume 2017

1. Justin Kelso
Purcellville, VA 20132
Justin.Kelso.Resume@gmail.com
571/*/888/*/9147
(ISC)² Certified Information Systems Security Professional (CISSP)
Professional Background: 15 years of Experience
Product Management – HPE ArcSight
Drive improvement and innovation in the ArcSight product portfolio through interaction with customers, field
organizations, and internal stakeholders. Translate complex requirements into features and solutions for ArcSight
products. Specializations in security operations, investigations, case management, and workflow optimizations.
Senior Pre-Sales Engineer / Solutions Architect:
Responsible for the creation of technical solution components of strategic sales including the design, presentation,
and demonstration of security and risk management solutions engineered to meet individual customer requirements.
SOC Analytics Development:
Translated customer requirements into analytical processes, techniques, and tools utilized by SOC analysts at all
levels to gather, interpret, and report security incident information.
Security Operations Center Supervision:
Oversaw and directed daily operations of the SOC, acted as focal point for customer interactions, and ensured the
timeliness and accuracy of all deliverables.
Work Experience:
Regional Product Management Director – HPE ArcSight, AMS
HPE Enterprise Security Products - ArcSight
Aug 2015 - Present
Purcellville, VA
 Provide subject matter expertise in cyber security and security operations to ArcSight Product Management and
Development organizations to improve feature / function and foster meaningful innovation in products and solutions
 Research and analysis of competitive products and market trends in security and analytics spaces to develop
requirements for product improvements, new offerings, product strategy, and go-to-market
 Gather and translate complex customer pain into requirements for product improvements and new offerings
 Synchronize cross-product initiatives between individual product lines and de-conflict prioritization of key features
 Align efforts between field organizations, professional services, and support to accelerate resolution of customer
technology escalations. Identify opportunities for product and process improvements to better serve customers
 Develop and deliver product and technology enablement to increase the expertise of field organizations and partners
 Interface with Product Marketing to develop and refine product messaging and assist with strategic initiatives
 Private and public speaking and presentations to evangelize products offerings and facilitate customer interaction
and technology adoption.
Senior Pre-Sales Engineer / Solutions Architect
HP Enterprise Security Products
Oct 2011- Aug 2015
Herndon, VA
 Responsible for the creation of technical solution components of strategic sales including the design, presentation,
and demonstration of security and risk management solutions engineered to meet individual customer requirements
 Fostered and managed numerous complex customer relationships across US Federal market. Leveraged subject
matter expertise to become trusted advisor to existing and prospective customers
 Developed and delivered technical product and solutions training to customers, partners, and internal organizations
 Evangelized HP solutions across technical portfolios through work with HP and partner marketing organizations via
trade shows and technical workshops
 Displayed thought leadership and initiative in the development of unique technical materials on advanced strategic
designs and revitalized competitive intelligence programs through training, research, development, and presentation
of competitive materials to the world-wide sales / pre-sales staff

2. ArcSight Technical Instructor
Knowledge Consulting Group
Feb 2010 – Oct 2011
Reston, VA
 Provide classroom and training on the ArcSight family of products including ESM, Logger, and Connector software
 Lead network engineer / architect; evaluate initial equipment utilization and topology design; identify weaknesses
and limitations; redesign and implement topology and equipment configuration changes to better promote efficiency
and security across all corporate networks
 Serve as network security subject matter expert. Collaborate with management to develop and execute security
policy and secure operations guidelines; design enterprise security architecture plan for monitoring, IR, and SIEM
SOC Watch Officer / ArcSight Content Manager
Nortel Government Solutions
Nov 2007 - Feb 2010
United States Senate SOC: Manassas, VA
 Lead daily operations and personnel within 24x7 Security Operations Center (SOC). Provided expertise and
guidance to the identification and resolution of all cyber security threats and attacks, foreign or domestic, against
systems and networks owned or operated by the United States Senate nationwide
 Lead investigation of all security events / incidents. Provided top tier analysis during investigations to identify the
vector of attack, and scope of impact; created on the fly recommendations for response, remediation, and prevention
 ArcSight Content Developer: created ArcSight content to intelligently interpret over 100 million alerts a day
identifying suspicious activity fitting various attack vectors. Content is capable of identifying most compromises
resultant from zero-day exploitation or targeted attacks from malicious actors. Designed to place valuable data at the
fingertips of security analysts. Information formatted to be easy to interpret and analyze by all levels expertise
 SOC Subject Matter Expert (SME). Applied expert level analytical and problem solving skills to incident
investigation and response. Provided guidance and recommendations to customer. Fostered working relationships
with other members of the Government Forum of Incident Response and Security Teams (GFIRST) community
Information Security Engineer Senior Professional
CSC – Eagle Alliance
July 2007 - Oct 2007
National Security Agency: Ft Meade, MD
 Actively monitored various Intrusion Detection Systems (IDS) for indicators of possible cyber-attacks,
misconfigurations, and malicious logic attempts to enter or traverse Agency networks
 Provided real-time network traffic analysis services; actively searched for anomalous activity, virus and worm
communications, and possible attempts to exploit Agency assets or networks
 Monitored enterprise-wide virus reporting system, processed virus alerts to prevent the spread of malicious logic
within Agency’s enterprise networks
 Utilized open source media to identify cyber security threats such as newly released viruses, worms, and 0-day
exploits; compiled identifying information on new threats and analyzed network traffic for indications of occurrence
Network Security Team Lead
USAF
Sept 2006 - July 2007
National Security Agency: Ft Meade, MD
 Lead National Security Agency’s network defense for all agency information systems and networks worldwide
 Detect cyber attacks against NSA/CSS information assets and direct protective actions in real-time
 Focal point for all emergency situations involving NSA information assets
 Coordinate real-time analysis of network security events to ensure network integrity and availability
 Manage response to virus outbreaks on NSA networks, ensuring the mission is able to continue without degradation
 Proactively identify zero-day vulnerabilities in NSA networks and coordinate measures to prevent exploitation
 Provide real-time information to the Intelligence Community and Joint Task Force- Global Network Operations on
computer security issues and network status
Extended history 2001 - 2006 available upon request.