Sign in

Information Security Analyst: SIEM: Incident Response/Malware Analysis

McKinney, TX
October 28, 2018

Contact this candidate


Clayton K. Morgan I


Mobile: 504-***-****

Information Security Analyst II


● 5 years professional experience in Cyber Security/ Information Security practices

● 7 + years of Information Technology experience

● Applying and Maintaining skill in serious lab environments.

● Collin College Information Systems Cyber Security Student (2016-2018).

● Maryville University Cyber Security Bachelor of Science (January 2019)

● Seeking challenging position: Cyber Security Purple Team (Red Team, Blue Team)

● Security Analyst/ SOC Security Analyst/ Information Security Analyst/

● Penetration Tester/ Vulnerability Management

● Cyber Security Specialist /CSIRT. Incident Response/ Security Management

● Seeking to apply skills with a company that promotes learning and growth to employees

● Persistent and and Highly Self-Motivated/Independent & Team Player

● Independent & Team Player

● Looking to get experience in Defensive/Offensive Security

● Interested in any Cyber Security position to develop skills Education

1. Associate of Applied Science Information Systems Cyber Security, 2018 Collin Community College, Frisco, TX

Feb 2016 - July 2018

2. Entertainment Business Bachelor Of Science

Full Sail University, Winter park, FL

May 2009 - September 2011


● Mile2, Certified Penetration Tester Engineer (CPTE) 2017-Present

● Mile2, Certified Professional Ethical Hacker (CPEH) 2017-Present

● Mile2, Certified Vulnerability Assessor (CVA) 2017-Present Experience

Information Security Analyst II: Incident Responder/ Malware Analyst (Contract) Governance,Strategy, Risk Management

AmerisourceBergen Corporation, June 2018 - October 2018 Frisco, TX 75034

● Network and Wireless Sniffing

● Social Engineering employees.

● Perform Triages/ Memory Analysis.

● Develop procedures for responses.

● Operated SOC floor HDD Screens & TVs

● Maltego: Build APT/Threat Actor profiles.

● Meeting with vendors and testing their product.

● Malware Analysis: Code and Behavior Analysis.

● Risk Assessments/ Penetration Testing/ Phishing.

● FireEye HX/CM NetSkope Looking Glass Cyveillance

● Created Physical integrated Virtual/Cloud Malware Analysis Lab.

● Create Playbooks, Policies, Procedures for Cyber Security Operations.

● Produce Reports for Vulnerability/ Threats/ Security Gap Assessments.

● Threat Hunting/ Threat Intelligence: Spotter:Dark-Web and Private Online Tools.

● Establish communications with executives, and dealing with law enforcement.

● SIEM: Securonix Snypr and Alien Vault : Across Fortune 11 Company Network.

● Manage SIEM: Securonix Snypr: Continuous Monitoring across Fortune 11 Company.

● L3 Security Analyst : Mentoring and Responding to Escalated Tickets from L1- L2 SOC. SOC Network Security Analyst, (Contract)

Masergy Security (HQ) February 2018 - May 2018

Plano, TX

● Vulnerability Assessments/ Scanning

● Active SIEM Network Security Monitoring

● Log Correlation from DHCP Server, Firewall, WAF, etc.

● Packet Sniffing/ Analysis

● Respond to Network Threats

● Blocking IP’s and Subnets

● Scanning Darknet IPs and Websites

● Recovering Base64 and Puny Encoded messages

● Reading Packet header information and Rebuild

● Checking Packets for PII, PHI, PCI, policy abuse

● Providing threat information based on clients networks.

● Ticketing and Escalating

● Proving help to higher tier Security Analyst

● Customer Service/ Remediation/ Advizing

● Communicate Security Issues to Management

● Searching for Emerging Threats

● Applying Updates to Security Products

Cyber Security Intern

Cyber Defense Labs, October 2016- January 2018

Richardson, TX

Vulnerability Scanning:

● Nessus


● Nikto

● Nmap Scripts

● Open-VAS

● GFI LanGuard

● Nexpose

● Titania Nipper

● Microsoft Baseline Security Analyzer (MBSA)

● QualysGuard

Tools used for different cases:

● Exploiting Systems, Software, and Services

● Metasploit

● Dirbuster

● Burp Suite

● Searchsploit


● NetCat & NCat

● W3af

● Social Engineering Toolkit

● Exploit Pack

● BeEF

● SQLMap & SQLNinja

● Security Onion

● Alien Vault

Configuring & Administering Windows and Linux:

● Hardening Operating Systems

● Patching and Updates

● Installing and Configuring Firewalls

● Installing Anti-Virus, Spyware, Adware, and File integrity Software

● Creating Passwords Policies, Email Policies, Using Encryption

● Removing unnecessary programs and users.

● Configuring Virtualization Software (VMware, VirtualBox)

● Monitoring VMs with Security Onion and AlienVault OSSTIM IT System Assessor/ Junior Vulnerability Manager

CSP/ Southern Life Recording Studios, June 2012- March 2016 Dallas, TX

Oklahoma City, OK

● 1. Resolve open tickets for clients & staff

● 2. Installing/Uninstalling workstations, laps, routers, LAN, WAN

● 3. Maintain Workstations System and Security Updates and Patches

● 4. Maintain installed and removed software

● 5. Made system accounts per who needed access

● 6. Provided help with software and hardware

● 7. Create, and Maintain, and Store Backups

● 8. Scan workstations for malware

● 9. Vulnerability Scanning

● Technical documentation/ Vulnerability Reports

Recording Engineer/ IT Specialist,

CSP Recording Studios, May 2006- April 2012

New Orleans, La

Dallas, TX

● 1. Record Professional Vocals

● 2. Write tickets for clients

● 3. Installing/Uninstalling workstations, laps, routers, LAN

● 4. Made repairs and Upgrades (RAM, HDD, Screens, Systems)

● 5. Maintain Workstations System and Security Updates and Patches

● 6. Maintain installed and removed software

● 7. Create, and Maintain, and Store Backups

● 8. Provide Confidentiality, Integrity, and Availability Services for Clients. Computer Languages:

1. C++/C# (Learning)

2. Python (Learning)

Experiences Outside of Work:

● Information Security Standards:

● Penetration Execution Standard (PTES)

● Open Source Security Testing Methodology (OSSTMM)

● Penetration Testing Framework (PTF)

● OWASP Open Web Application Security Project (OWASP)

● NIST 800-115 Technical Guide to Security Testing (NIST 800-115)

● PCI DSS Payment Card Industry Data Security Standard (PCI DSS)

● ISSAF Information Systems Security Assessment Standard Framework (ISSAF)

● Risk Management Guide for Information Technology Systems (SP 800-30)

● Standards for Information Systems Auditing (ISACA) Kali Security Tools

● Metasploit W3AF BeEF Nikto Searchsploit Burp Suite JohntheRipper

● Wireshark TCPDump Ng-Suite NMAP Masscan THCHydra Dirbuster Red Teaming External/ Penetration Testing Internal

● Creating CnC Servers Social Engineering

● Network/Web Application/ IoT Exploitation

Configuring Firewalls/ Web Application Firewall

● Cisco Palo Alto Juniper FortiGate

Virtualization Software

● VMWare VirtualBox

Intrusion Prevention Systems Intrusion Detection Systems SIEM

● AlienVault Security Onion SIEMonster Sercureonix Snypr

● Writing Technical documentation (Security Programs, Guidelines, Policies, etc)

● Configuring/Administering Windows 7-Server 2016, Linux, OSX, BSD, Android

● Top 10 OWASP Web Application Attacks Network Attacks

● Canvas Core Impact Other Vulnerability Scanners

● Incident Response Plans/ Disaster Response Plans

● Cisco Routers Cisco Switches VPN’s

● Cloud Network Security Monitoring

● Network/Security Administration

● Networking TCP/IP Concepts

● Amazon AWS/ Other VPS

● ServiceNow/ConnectNow

● Attack CounterMeasures

● TOR/ TOR Scanning

● Troubleshooting

● Carbon Black

● Management

● Amazon AWS

● Cloud MSSP

● Encryption

Current Activities

● Member of Dallas Hackers Association

● Member, ISSA North Texas Chapter, 2016- Current

● Practicing Security Testing on home lab (Physical, Virtual, Web)

● Security Testing in Serious labs (Physical, Virtual)

● Taking Courses towards Bachelors in Cyber Security 2018-Current

Contact this candidate