Information Security Analyst
Resume:
Lawrenceville GA, *****
Bruce Nichols
***********@*****.***
Phone: 404-***-****
Information Security Analyst
My goal is to leverage my extensive 17 years of IT professional history to deploy, maintain and protect companies from a variety of security threats. Maintaining the integrity of company data is vital to the continual growth and reputation of a company. My goal is to work with a thriving company and applying the focus of my broad technical skillset of risk mitigation and deployment of necessary controls to ensure that vulnerabilities, threats, controls and security related matter are proactivity addressed. It is a personal objective that I remain up-to date on new security procedures and protocols while quickly adapting in an ever changing environment and protecting your company’s most valuable systems and data assets.
Security & Network Attributes
Cisco SourceFire AMP; Cisco SourceFire URL Content filtering; Cisco IDS/IPS; McAfee ePO; McAfee DLP; McAfee Endpoint Protection; Fortigate Firewall; Damballa; SOX Compliance; PCI Compliance; Microsoft Outlook; MimeCast Spam Filter; Nessus; Vulnerability Scans; Networking; Risk Assessment; Issue triage; Threat response; Corporate Security Policy Creation; Security governance development; Production support; Change management; Production deployment; Server build; Script writing; Server Administrator; Active Directory
Professional Certifications
Certified Ethical Hacker (CEH)
Security + ce
Professional Experience
IT Security Analyst Rollins Inc. – Atlanta 3/12 - Present
Responsible for ensuring the confidentiality, integrity and availability of the company’s information assets.
Serve as the primary advisor on all security matters relating to vulnerabilities, threats, and controls
Provide URL Content and Web Filtering for business internet connections
Network Intrusion prevention using built in Snort analysis tools to Monitor traffic
Monitor MPLS traffic and DMZ for malicious activity
Provide deep content inspection for suspicious files
Configured firewall products such as Fortigate for packet inspection
Leveraged Damballa to Identify hidden infections in real time on live traffic and confirm device infection by APT or malware
Used DLP Agent based application for Endpoint to track, monitor, block Sensitive data from leaving company
Network component monitoring network traffic in Motion and at rest
Policies created alerts on Specific set of rules around Personal Information
Scanned for vulnerabilities within systems
Compliance scanning plugins for PCI, SOX, and other systems
Scans to map out attack paths through network based on vulnerabilities
Provide security-consulting services to all departments and project teams requiring representatives from security
Perform detailed analysis of syslogs (firewall, IDS/IPS and Windows, VPN) for patterns and anomalies related to APT’s
Research new developments in IT security in order to recommend, develop and implement new security policies, standards, procedures and controls.
Serve as the security project manager, developing project objectives, maintaining project schedules, and coordinating project activities.
Define, establish and manage security risk metrics and track effectiveness.
Perform vulnerability scans; identify exposure and risks, and report findings to management.
Perform periodic reviews of process controls and technical controls to ensure continuous adherence to SOX compliance.
Corporate Policies Written around Security Governance: Security Risk Acceptance VPN Policy, Password Standards Data Disposal and Destruction policy, Network Access policy, Wireless policy, Acceptable use Policy, SSL Certifications
Network Administrator WorldPay - Atlanta 6/2003 – 7/2011
Responsible for ensuring that all company Network aspects remained operational and resolving any network or security related issues
Duties included operating as the point of contact for any Active Directory Exchange admin needs as well and production deployment and Change Management
Serve as the primary advisor on all security matters relating to vulnerabilities, threats, and controls
Operated as a Unicenter Administrator, tasked with providing up to date performing monitoring of the Server environment.
Supported code and database changes
Completed multiple script writings for prod system roll outs, system updates, and threat protection procedures
Assist in the ongoing development of the Company’s security architecture – identify areas of opportunity, research alternatives and recommend solutions
Responsible for implementing security controls, perform maintenance and prevent, detect, analyze and respond to security incidents
Monitor the security of critical systems (e.g., e-mail servers, database servers, web servers, etc.) and changes to highly sensitive computer security controls to ensure appropriate system administrative actions, investigate and report on noted irregularities
Took on a project manager roll to assisted in the creation of high level project scoping and project plan building
Developing project objectives with maintaining project schedules through the course of the project lifecycle
Worked with the department project manager to coordinating security and network project related activities
Duty Function Overview: Security related task surrounding vulnerability and threat defense, Perform server builds, Data Center Cabling, Fault Tolerance planning, Disk Management, AD File Security, Account and mailbox setup, Complete on-boarding process, VPN setup, User permissions administration
System Administrator WebVanGroup – Atlanta GA 1/2000 – 4/2003
Responsible for Exchange, and Active Directory administration along with Various network administrator task
Serve as the primary advisor on all security matters relating to vulnerabilities, threats, and controls
Perform periodic reviews of process controls and technical controls to ensure continuous
Participate in strategy sessions with management and subject matter experts to develop effective and cost-efficient testing and remediation plans
Completed Activity Directory management as a system admin
Provided Network Design accompanied with performance monitoring
Developed Fault Tolerance planning
Performed VPN Setup, Disk Management, VPN Setup
Professional Credentials
Clayton State University – MCSA Certification – Information Technology 2008
AIU – Information Systems – Computer Systems Networking and Telecommunications 2006 - 2008
Contact this candidate