Brian Chuong, Developer in Calgary, AB, Canada
Brian is available for hire
Hire Brian

Brian Chuong

Verified Expert  in Engineering

IT Security Developer

Calgary, AB, Canada

Toptal member since August 21, 2023

Bio

Brian is a highly skilled and experienced IT professional specializing in security. Throughout his 25+ year-long career, he has developed a deep understanding of information security principles and best practices. Brian has an excellent knowledge of various IT domains, including manufacturing, banking, and IT services.

Portfolio

TC Energy
Security Architecture, Secure Application Design, Operational Technology (OT)...
TC Energy
Incident Response, EnCase, Email Forensics, Splunk, ArcSight...
TC Energy
Software Packaging

Experience

Availability

Part-time

Preferred Environment

Window Defender ATP, RSA, Passwordstate, Splunk, Rapid7, Microsoft 365, RD Web, Palo Alto Networks, McAfee

The most amazing...

...thing I've built and implemented is RSA multi-factor authentication (MFA) that I integrated with different applications.

Work Experience

Security Solution Architect | Technical Lead

2021 - PRESENT
TC Energy
  • Designed and implemented RSA multi-factor authentication (MFA) and integrated it with Active Directory (AD), Palo Alto Captive Portal, and other applications for operational technology (OT).
  • Created and implemented Splunk infrastructure and integrated it with applications for collecting security events in OT for the security operation team.
  • Designed and implemented Passwordstate for password management.
  • Developed and implemented Rapid7 Solutions for the vulnerability management team and integrated them with security information and event management (SIEM).
  • Implemented Microsoft 365 Cloud App Security (Microsoft MCAS) and integrated it with SIEM and Cortex XSOAR.
  • Worked on SailPoint to find a solution for privileged access management (PAM) and identity access management (IAM).
  • Worked on finding a solution for TSA tasks for OT endpoint anti-virus scans and MFA for a corporate restriction zone.
Technologies: Security Architecture, Secure Application Design, Operational Technology (OT), RSA (Cryptosystem), Trellix Endpoint Security (ENS), Trellix EDR, Trellix Solidcore, Trellix ePolicy Orchestrator, Passwordstate, Rapid7

Senior Security Analyst

2007 - 2021
TC Energy
  • Maintained a no-major-incident record throughout my tenure as a senior security analyst, demonstrating my exceptional incident presentation and risk mitigation skills.
  • Conducted in-depth email investigations, identified the root causes of security incidents, and provided reports to senior management.
  • Supported and managed a wide range of security tools and technologies, like Microsoft Defender ATP, Palo Alto XDR, Demisto SOAR, Trellix Endpoint Security, ePolicy Orchestrator, VirusScan Enterprise, ArcSight, Splunk, Vectra, RSA, and BeyondTrust.
  • Developed red and blue teams and created procedures and guides for team members by leveraging advanced techniques and threat intelligence feeds to identify and neutralize potential threats before they could cause harm.
Technologies: Incident Response, EnCase, Email Forensics, Splunk, ArcSight, McAfee Endpoint Security, McAfee MVISION Endpoint, Threat Intelligence, Cortex XSOAR

Technical Team Lead

2003 - 2007
TC Energy
  • Managed and distributed workload among team members, ensuring tasks and projects were assigned based on individual strengths, skills, and expertise.
  • Mentored and cross-trained the team members, focusing on enhancing technical skills and promoting professional growth through workshops, seminars, and individual coaching sessions.
  • Created an automation package to migrate Windows NT to XP systems, including profile migration, application installation, and printer migration.
Technologies: Software Packaging

Architecture, Design, and Implementation of MFA for an OT Environment

I developed and implemented MFA within the OT environment to bolster security measures and fortify the overall security stance. As part of this initiative, I built the RSA platform and seamlessly integrated it with AD for user identification. Also, I deployed RADIUS servers and clients to support various endpoint systems such as Palo Alto Captive Portal, Windows, and more.

To streamline user access to the OT environment, I integrated the MFA system with the Palo Alto Captive Portal, serving as a gateway. This portal now requests users to input their username and passcode, and upon a successful authentication process, grants them access to a terminal system for the industrial control system (ICS) through the Remote Desktop Protocol (RDP).

Moreover, I meticulously devised disaster recovery protocols and break-glass solutions for the MFA implementation, ensuring the system remains resilient and can effectively handle unforeseen scenarios.
MAY 2015 - MAY 2023

GIAC Certified Forensic Examiner (GCFE)

Global Information Assurance Certification (GIAC)

JANUARY 2013 - JANUARY 2021

GIAC Certified Intrusion Analyst (GCIA)

Global Information Assurance Certification (GIAC)

AUGUST 2010 - AUGUST 2022

GIAC Security Essentials Certification (GSEC)

Global Information Assurance Certification (GIAC)

SEPTEMBER 2004 - PRESENT

Microsoft Certified Systems Engineer

Microsoft

MARCH 2004 - PRESENT

CCNA

Cisco

AUGUST 2003 - PRESENT

Linux+ Certified

Linux Professional Institute

MAY 2003 - PRESENT

CompTIA Security+

CompTIA

Tools

Splunk, McAfee, ArcSight, McAfee Endpoint Security, McAfee MVISION Endpoint

Languages

VBScript, Python 3

Platforms

Rapid7, Red Hat Linux, Cortex XSOAR

Other

Window Defender ATP, RSA (Cryptosystem), Passwordstate, Security Foundation, Windows NT, Microsoft 365, RD Web, Software Packaging, EnCase, Palo Alto Networks, Cisco Switches, Routing, Intrusion Detection Systems (IDS), Network Traffic Analysis, Incident Response, Email Forensics, Threat Intelligence, Security Architecture, Secure Application Design, Operational Technology (OT), Trellix Endpoint Security (ENS), Trellix EDR, Trellix Solidcore, Trellix ePolicy Orchestrator

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring