Jocelyn Khuu

Security Engineer

Summary

Hello! I'm Jocelyn. A Security Engineer focusing on enterprise security and IAM. Currently working remotely from New York.

Experience

01/2022 - Present

Clover Network, Inc.

Security Engineer

  • Oversee patch management for endpoints, increasing user patching by 70%
  • Manage endpoint security for over 900 devices by hardening systems according to CIS benchmarks
  • Spearheaded deploying asset management system SnipeIT through Terraform and Puppet on GCP instances
  • Create Python scripts to automate OpenLDAP IAM tasks to query and modify user attributes
  • Configure SSO for applications through ForgeRock and update configurations
  • Manage GCP IAM permissions in Terraform for developers and develop RBAC IAM policies
  • Monitor and respond to detections in Crowdstrike and Lacework and participate in on-call
  • Complete vendor security assessments for applications and work with GRC on audits
06/2021 - 01/2022

Petal Card

IT Support Specialist

  • Lead IT as sole IT support for NY HQ and VA locations supporting over 150 systems
  • Administered Google Workspace, Okta, Slack, Zoom, Zendesk, JIRA, Confluence, and JAMF Pro
  • Increased user patching by over 40% by deploying DeprecationNotifier via JAMF and bash scripting to nudge users to complete security updates
  • Identified gaps in IT Security and worked cross-functionally to improve and implement new processes and policies and assisted with SOC2 compliance for endpoint and IT security
  • Completed Zendesk and Okta integration to enhance security with MFA after hours for over 50 users and worked with customer operations teams to ensure minimal impact
04/2019 - 06/2021

Facebook

Enterprise Support Tech

  • Spearheaded deployment of Go2Chef to use Chef-Solo for off-corp Linux (Fedora) provisioning, enabling over 2,000 Fedora users to provision and bootstrap systems from home
  • Acted as escalation for configuration management and client security issues relating to Chef, MDM profiles, and 802.1x certificates by troubleshooting from stack traces and logs and tracking trending issues
  • Collaborated with Client Security and Internal Detection and Response Team (IDR) on malware removal and troubleshooting security software such as Santa (binary authorization), MDATP, Carbon Black, and Osquery
  • Developed Python tool for automated Chef upgrades on Linux systems by dynamically generating JSON config files, bootstrapping Chef with Go2Chef, and querying Chef’s Omnitruck API for metadata and package downloads
04/2018 - 04/2019

Stanford University

Computing Support Analyst II

  • Provided tier 2 desktop support for over 2,000 faculty and staff
  • Troubleshot endpoint management software (IBM BigFix) and security software (SCEP) for over 5,000 systems
  • Ensured all devices met HIPAA compliance requirements for encryption, backup, and device registration

Education

University of California, Irvine

Bachelors Business Economics