Josh Sisto

Sacramento, CA · (209) 418-3488 · josh@joshsisto.com

Network Security Engineer with extensive experience in cybersecurity, systems administration, and IT services. Proven expertise in designing, implementing, and managing security solutions across complex environments, including cloud infrastructures and enterprise networks. Skilled in penetration testing, incident response, and securing CI/CD pipelines, with hands-on experience in monitoring and enhancing security posture using tools such as Splunk, Kubernetes, AWS, and various cybersecurity frameworks. Adept in policy development, compliance with security standards, and team leadership. Holds multiple CompTIA certifications and a strong foundation in automation, scripting, and network management.


PDF

Experience

Network Security Engineer

CONFIDENTIAL

Currently working as a Network Security Engineer for a large organization.

August 2024 - Currently Employed

Security Analyst

Security Analyst for OTSI (Office of Technology and Solutions Integration) working with CWDS (Child Welfare Digital Services) on the CARES and CARES-Live projects. Implemented Splunk for monitoring and increasing security posture across the applications. Assisted in transitioning CARES-Live to Kubernetes, integrating Falco and Sysdig with Splunk for enhanced monitoring. Developed pentesting processes for the CARES-Live web app using Burp Suite, Kali Linux, and other tools. Created an Incident Response plan and ensured compliance with SAM and SIMM standards.

  • Implemented Splunk for log monitoring, security posture improvement, and system auditing for CARES and CARES-Live
  • Assisted in Kubernetes migration for CARES-Live and integrated Falco and Sysdig for monitoring with logs sent to Splunk
  • Performed penetration testing using Burp Suite, Kali Linux, and other security tools; developed pentesting processes
  • Monitored and secured the AWS and Salesforce-based CARES application using Okta, Mulesoft, AdobeAEM, and DocuEdge
  • Developed the Incident Response plan and ensured alignment with SAM (State Administrative Manual) and SIMM (Statewide Information Management Manual)
  • Secured CI/CD pipeline, making technology decisions to ensure security throughout the application development lifecycle
  • Implemented security policies and monitoring tools, including Nessus, Tenable, New Relic, and Splunk
  • Utilized AWS services such as GuardDuty, Bastion Host, ECS, Aurora, Kafka, Lambda, IAM, VPC Flow Logs, and Kinesis Firehose
  • Worked with contractors on project management and used Jira and Confluence for tracking and documentation
December 2020 - August 2024

Operations Manager

Kelly OCG (Intel)

Operations manager for Kelly OCG at Intel. Leading a team of engineers and technicians to provide validation support for Intel's VPG 3D graphics group. Providing technical support, research, and validation services to help advance the organization’s technology initiatives. Applied automation solutions, software design, and programming strategies.

  • Create and maintain Python, BASH, and PowerShell scripts for automation solutions
  • Participate in ongoing collaborative development, improvement, implementation and adoption of automation test solutions, test data and test result reporting
  • Create, document, maintain, extend and execute automation test coverage in close coordination with developers and other SQA team members
  • Work as part of the team to develop processes for effective monitoring and reporting of automation test cycle results
  • Communicate and support all project-related information in a timely and professional manner as dictated by team need and testing processes
February 2017 - December 2020

Entrust IT Solutions

Senior IT Consultant
  • Responsible for 1200 nodes monitoring with N-able, Cacti, Nagios, and other network monitoring services
  • Keep an inventory of clients machines for updates, repairs, and replacement
  • Maintain multiple clients firewalls, servers, desktops, backups, email, and WAN/LAN
  • Install, maintain and upgrade the computing and networking systems, applications, hardware, software and network infrastructure
  • Audit security logs, reports and authentication features to ensure security
  • Configuring new workstations, setting up user accounts, and allocating mass storage space
  • Troubleshooting, planning for, and responding to service outages and other problems
  • Virtualize systems, create cloud redundancy, maintain and manage backups
  • Create weekly and monthly reports of, security, inventory, hardware, patch, backup, and licensing for each client
October 2012 - May 2016

Skills

Programming Languages & Tools
Workflow
  • Mobile-First, Responsive Design
  • Cross Browser Testing & Debugging
  • Cross Functional Teams
  • Agile Development & Scrum

Interests

Apart from being a web developer, I enjoy most of my time being outdoors. If I'm not out camping with my friends, I'm out running the trails of Folsom, or the rivers of Sacramento with German Shepherd. I'm a big MMA fan, and jiu-jitsu white belt. I also enjoy indoor rock climbing and juggling with my girlfriend.

Projects