Clayton K. Morgan I
MCKINNEY, TX *****
Information Security Analyst II
● 5 years professional experience in Cyber Security/ Information Security practices
● 7 + years of Information Technology experience
● Applying and Maintaining skill in serious lab environments.
● Collin College Information Systems Cyber Security Student (2016-2018).
● Maryville University Cyber Security Bachelor of Science (January 2019)
● Seeking challenging position: Cyber Security Purple Team (Red Team, Blue Team)
● Security Analyst/ SOC Security Analyst/ Information Security Analyst/
● Penetration Tester/ Vulnerability Management
● Cyber Security Specialist /CSIRT. Incident Response/ Security Management
● Seeking to apply skills with a company that promotes learning and growth to employees
● Persistent and and Highly Self-Motivated/Independent & Team Player
● Independent & Team Player
● Looking to get experience in Defensive/Offensive Security
● Interested in any Cyber Security position to develop skills Education
1. Associate of Applied Science Information Systems Cyber Security, 2018 Collin Community College, Frisco, TX
Feb 2016 - July 2018
2. Entertainment Business Bachelor Of Science
Full Sail University, Winter park, FL
May 2009 - September 2011
● Mile2, Certified Penetration Tester Engineer (CPTE) 2017-Present
● Mile2, Certified Professional Ethical Hacker (CPEH) 2017-Present
● Mile2, Certified Vulnerability Assessor (CVA) 2017-Present Experience
Information Security Analyst II: Incident Responder/ Malware Analyst (Contract) Governance,Strategy, Risk Management
AmerisourceBergen Corporation, June 2018 - October 2018 Frisco, TX 75034
● Network and Wireless Sniffing
● Social Engineering employees.
● Perform Triages/ Memory Analysis.
● Develop procedures for responses.
● Operated SOC floor HDD Screens & TVs
● Maltego: Build APT/Threat Actor profiles.
● Meeting with vendors and testing their product.
● Malware Analysis: Code and Behavior Analysis.
● Risk Assessments/ Penetration Testing/ Phishing.
● FireEye HX/CM NetSkope Looking Glass Cyveillance
● Created Physical integrated Virtual/Cloud Malware Analysis Lab.
● Create Playbooks, Policies, Procedures for Cyber Security Operations.
● Produce Reports for Vulnerability/ Threats/ Security Gap Assessments.
● Threat Hunting/ Threat Intelligence: Spotter:Dark-Web and Private Online Tools.
● Establish communications with executives, and dealing with law enforcement.
● SIEM: Securonix Snypr and Alien Vault : Across Fortune 11 Company Network.
● Manage SIEM: Securonix Snypr: Continuous Monitoring across Fortune 11 Company.
● L3 Security Analyst : Mentoring and Responding to Escalated Tickets from L1- L2 SOC. SOC Network Security Analyst, (Contract)
Masergy Security (HQ) February 2018 - May 2018
● Vulnerability Assessments/ Scanning
● Active SIEM Network Security Monitoring
● Log Correlation from DHCP Server, Firewall, WAF, etc.
● Packet Sniffing/ Analysis
● Respond to Network Threats
● Blocking IP’s and Subnets
● Scanning Darknet IPs and Websites
● Recovering Base64 and Puny Encoded messages
● Reading Packet header information and Rebuild
● Checking Packets for PII, PHI, PCI, policy abuse
● Providing threat information based on clients networks.
● Ticketing and Escalating
● Proving help to higher tier Security Analyst
● Customer Service/ Remediation/ Advizing
● Communicate Security Issues to Management
● Searching for Emerging Threats
● Applying Updates to Security Products
Cyber Security Intern
Cyber Defense Labs, October 2016- January 2018
● Nmap Scripts
● GFI LanGuard
● Titania Nipper
● Microsoft Baseline Security Analyzer (MBSA)
Tools used for different cases:
● Exploiting Systems, Software, and Services
● Burp Suite
● NetCat & NCat
● Social Engineering Toolkit
● Exploit Pack
● SQLMap & SQLNinja
● Security Onion
● Alien Vault
Configuring & Administering Windows and Linux:
● Hardening Operating Systems
● Patching and Updates
● Installing and Configuring Firewalls
● Installing Anti-Virus, Spyware, Adware, and File integrity Software
● Creating Passwords Policies, Email Policies, Using Encryption
● Removing unnecessary programs and users.
● Configuring Virtualization Software (VMware, VirtualBox)
● Monitoring VMs with Security Onion and AlienVault OSSTIM IT System Assessor/ Junior Vulnerability Manager
CSP/ Southern Life Recording Studios, June 2012- March 2016 Dallas, TX
Oklahoma City, OK
● 1. Resolve open tickets for clients & staff
● 2. Installing/Uninstalling workstations, laps, routers, LAN, WAN
● 3. Maintain Workstations System and Security Updates and Patches
● 4. Maintain installed and removed software
● 5. Made system accounts per who needed access
● 6. Provided help with software and hardware
● 7. Create, and Maintain, and Store Backups
● 8. Scan workstations for malware
● 9. Vulnerability Scanning
● Technical documentation/ Vulnerability Reports
Recording Engineer/ IT Specialist,
CSP Recording Studios, May 2006- April 2012
New Orleans, La
● 1. Record Professional Vocals
● 2. Write tickets for clients
● 3. Installing/Uninstalling workstations, laps, routers, LAN
● 4. Made repairs and Upgrades (RAM, HDD, Screens, Systems)
● 5. Maintain Workstations System and Security Updates and Patches
● 6. Maintain installed and removed software
● 7. Create, and Maintain, and Store Backups
● 8. Provide Confidentiality, Integrity, and Availability Services for Clients. Computer Languages:
1. C++/C# (Learning)
2. Python (Learning)
Experiences Outside of Work:
● Information Security Standards:
● Penetration Execution Standard (PTES)
● Open Source Security Testing Methodology (OSSTMM)
● Penetration Testing Framework (PTF)
● OWASP Open Web Application Security Project (OWASP)
● NIST 800-115 Technical Guide to Security Testing (NIST 800-115)
● PCI DSS Payment Card Industry Data Security Standard (PCI DSS)
● ISSAF Information Systems Security Assessment Standard Framework (ISSAF)
● Risk Management Guide for Information Technology Systems (SP 800-30)
● Standards for Information Systems Auditing (ISACA) Kali Security Tools
● Metasploit W3AF BeEF Nikto Searchsploit Burp Suite JohntheRipper
● Wireshark TCPDump Ng-Suite NMAP Masscan THCHydra Dirbuster Red Teaming External/ Penetration Testing Internal
● Creating CnC Servers Social Engineering
● Network/Web Application/ IoT Exploitation
Configuring Firewalls/ Web Application Firewall
● Cisco Palo Alto Juniper FortiGate
● VMWare VirtualBox
Intrusion Prevention Systems Intrusion Detection Systems SIEM
● AlienVault Security Onion SIEMonster Sercureonix Snypr
● Writing Technical documentation (Security Programs, Guidelines, Policies, etc)
● Configuring/Administering Windows 7-Server 2016, Linux, OSX, BSD, Android
● Top 10 OWASP Web Application Attacks Network Attacks
● Canvas Core Impact Other Vulnerability Scanners
● Incident Response Plans/ Disaster Response Plans
● Cisco Routers Cisco Switches VPN’s
● Cloud Network Security Monitoring
● Network/Security Administration
● Networking TCP/IP Concepts
● Amazon AWS/ Other VPS
● Attack CounterMeasures
● TOR/ TOR Scanning
● Carbon Black
● Amazon AWS
● Cloud MSSP
● Member of Dallas Hackers Association
● Member, ISSA North Texas Chapter, 2016- Current
● Practicing Security Testing on home lab (Physical, Virtual, Web)
● Security Testing in Serious labs (Physical, Virtual)
● Taking Courses towards Bachelors in Cyber Security 2018-Current