Information Security Analyst
Resume:
L onDa rius Cunningham
*** ***** **** **. ***********, Georgia 30281
************@*****.***
Summa ry of Qualification:
The ability to serve as a corporate Security/Compliance Analyst by ensuring technical security
p lanning, testing, verification and risk analysis in accordance with TCP/IP protocols. Capable of
defining, deploying and monitoring r isk management, compliance, and information security p rograms.
E D UCAT IO N:
• Computer Information System, Devry University, Decatur, GA (3 years)
• Systems Security Certified Practitioner (459735)
• Certified Information Systems Auditor (in progress)
• CompTia Security + (COMP001020373825)
• Cisco Certified Network Associate Security (CSCO11671231)
• Cisco Certified Network Associate (CSCO11671231)
• Cisco Certified Design Associate (CSCO11671231)
P rofessional Memberships
• Information Systems Security Association
• ISACA Atlanta Chapter
• ISC2 Atlanta Chapter
Honors
• Achieved the Committee of National Security Systems 4011 Training Standard (CNSS 4011)
Knowledge, skills and abilities:
• Knowledge of security concepts and controls, disaster recovery and policy development.
• Can demonstrate oral and writ ten communication skills to interface effectively with all levels
of management.
• Experience with IT systems & processes, IT infrastructure, SDLC and change management
p rinciples.
• Experience with audit planning & business processes and practices.
• Understanding of information security management frameworks such as COBIT and ISO
27001.
• Knowledge of security concepts, access control mechanisms, policies and procedures.
• Knowledge of current t rends and developments in the security field through t raining, reading
appropriate li terature, attending related seminars and conferences and hosting product
demonstrations.
• Understanding of Sarbanes-Oxley (SOX) risk and control principles and the role of IT
application and general controls in the corporate environment.
• Knowledge of operating systems, LAN/WAN, telecomm, databases, firewall security and
application controls.
• Ability to properly manage and prioritize resources and projects.
• Ability to communicate with other external security teams (C.E.R.T)
• Team player who can operate effectively within a matrix management environment.
• Working knowledge in t roubleshooting information security-related problems and incidents.
• Working knowledge of anti-virus systems, vulnerability management, and violation monitoring.
• Strong knowledge of security policy, procedure, standards and guidelines.
• Working knowledge of security, audit, and control methods and concepts.
• Working knowledge of security architecture including encryption, firewalls, and VPNs.
• Attention to detail/accuracy and the ability to maintain confidentiality and integrity.
• Working knowledge of Windows Operating System and IT Infrastructure security.
• Ability to work in high production environments and respond quickly and effectively under
p ressure and deadlines.
• Strong understanding of information technology auditing techniques and solid understanding
of data analysis
• Baseline understanding of auditing techniques.
• Strong analytical, writ ten communication, interpersonal, listening, interviewing,
organizational, consulting, and presentation skills
• Strong documentation skills (narratives and f low charts)
• Knowledge of information technology tools used in the audit process including ACL, Access,
Excel, PowerPoint, Visio, etc.
• Detail and deadline oriented
• Strong relationship skills
Networking P rotocols:
• TCP/IP, Rip/Ripv2, SMTP, FTP,IPSEC, PKI, OSPF, EIGRP, BGP, MPLS, Frame Relay, VLANs,
T1 and VPN technology.
Technical Skills:
• Qualys, Nessus, Postini, EMMA, EventTracker (SIEM), Junos Pulse, Solarwinds, Windows XP
P rofessional, Windows 7, BMC Remedy, Numara Trackit, Word, Excel and Visio.
P rogramming Language :
• C, C#, COBOL
Network Ha rdwa re:
• Cisco Catalyst Switches (ex. 2950, 2960, 3550, 3560, 3750 series)
• Cisco Routers (ex. 1700, 2600XM, 800 ISR series, 3700, 2800, 3800, 7200 series)
• Cisco Chassis ( ex. 4500, 6500, 7609 series)
• Cisco Phones (ex. 7940, 7960, 7971 series)
• Cisco ASA Firewall (ex. 5505,5510,5520)
• Cisco Wireless AP (1131,1142)
• Cisco WLC 4402, 5508
• Cisco ACS 4.2
• AirWatch MDM
• Juniper SA6500
• Fortinet 1240B
• F5 Big-IP LTM 3400 Series 9.1.2
• McAfee Web Gateway
• Reflex IDS/IPS
• SEPM (Symantec Endpoint Protection Management)
WORK EXPER I E NCE:
Rollins INC., Atlanta, GA
Information Security/Compliance Analyst, March 2012 - Present
Responsibilities:
• Serve as the primary point of contact for all IT-related audits, including external (PCI, SOX)
and internal audits
• Monitor the security of critical systems (e.g., e-mail servers, database servers, web servers,
etc.) and changes to highly sensitive computer security controls to ensure appropriate system
administrative actions, investigate and report on noted i rregularities.
• Conduct network vulnerability assessments using tools to evaluate attack vectors, identify
system vulnerabilities and develop remediation plans and security procedures.
• Serve as the security project manager, developing project objectives, maintaining project
schedules, and coordinating project activities.
• Manage the SIEM infrastructure.
• Define, establish and manage security risk metrics and track effectiveness.
• Research new developments in IT security in order to recommend, develop and implement new
security policies, standards, procedures and operating doctrines across a major global
enterprise.
• Provides security-consulting services to all departments and project teams requiring
representatives from IT.
• P rovide security expertise and recommendations to protect all resources.
• Postini email Administrator
• Airwatch Administrator
• Symantec Endpoint Protection Management Administrator
• Conduct periodic security audit reviews and r isk assessments.
• Develop security policy, procedure, password standards and controls.
• Administer system security, audits, and network access and security operations.
• Perform penetration tests; identify exposure and r isks, and report findings to management.
• Analyzed security incidents and presented a quarterly report to the CIO.
• Perform analysis of syslog, firewall, IDS/IPS and Windows logs.
• The ability to balance r isk mitigation with business needs.
• Develop programming solutions to streamline security administrative procedures, which
i nclude access request tracking procedures, project management reports and other security
related reports.
• Provide guidance for protection against detecting and eradicating viruses. Perform
i nvestigative work to identify the cause of the infection and execute computer programs to
eradicate the virus that was reported.
• Work in the post-audit phase to assist stakeholders in preparing a response to audit findings.
• P repare and present status reports, risks, recommendations, and lessons learned to all levels
of management.
• Perform periodic reviews of process controls and technical controls to ensure continuous
adherence to laws, rules, and regulations.
• Participate in strategy sessions with management and subject matter experts to develop
effective and cost-efficient testing and remediation plans.
• Build and drive compliance to IT processes and regulatory compliance framework
• Develop control inventory and monitor compliance using tools for key controls identification,
monitoring, gap-analysis, and remediation actions
• Develop metrics and analysis to demonstrate control adherence and effectiveness for regulatory
standards and controls.
Abacus Solutions
Cisco Technical Engineer, January 2010– January 2012
Responsibilities:
• Overall responsibility for network procedures and standards development.
• Network design including IP Numbering, access control, queuing, quality of service, capacity
p lanning, capacity modeling, routing and switching.
• Network monitoring.
• Primary responsibility for maintaining, designing and administering multi-homed, mission
critical BGP routed connections to the Internet.
• Track, assign and inventory ip addressing and creates reports of usage/availability.
• SLA creation and reporting.
• Analysis of new technologies and assessment of feasibility.
• Configuration of all network equipment, security devices, authentication servers and network
management software.
• Review and analysis of log files and performance metrics.
• Scheduling and implementation nation-wide moves adds and changes of LAN/WAN/WLAN
equipment.
• Administration of vendor support relationships.
• Design, configuration and implementation of network security technologies including IDS,
F irewalls, Access Control Servers, authentication servers and access control lists.
• Engineer, test and implement quality of service, header compression and other advanced
queuing technologies to maximize the quality of critical applications.
• Test plan development and implementation
• Develop and implement network testing processes.
• Network application testing.
• Implementation of change management and control processes.
• Other responsibilities as assigned.
Newell Recycling
Desktop Specialist, Mar 2003- Mar 2009
Responsibilities:
• Diagnosed and resolved technical problems in a multi-user environment, 1000 - 2500 users.
• Experience with end-user support (first-call resolution, problem t racking via automated
system, prioritizing work requests).
• Assisted in rollout of Navision Microsoft Dynamics for corporate office and branch locations.
• Performed Active Directory configuration for user groups.
• Responsible for data entry of over 5,000 accounts.
• Developed procedures and training plans for accounting managers.
• Developed, modified, and tested overall system backup and recovery strategies for assigned
systems.
• Served as a technical focal point for the installation and configuration of hardware and
software on personal computers and for personal data assistants associated with assigned
systems.
• Served as a systems administrator responsible for planning, coordinating, modifying,
i mplementing, and t roubleshooting in order to meet customer needs.
• Work pertains to the administration of all systems, including associated hardware platforms,
software applications and numerous interfaces included in the Local Area Network (LAN) and
W ide Area Network (WAN).
• Served as a technical focal point on multiple operating systems and computer platforms.
• Evaluates machine usage and develops plans for the necessary acquisition to support future
automation (hardware and software) requirements.
• A nalyzed, evaluated, and recommended hardware/software changes to various computer
systems.
• Considered factors such as compatibility with standard systems, conversion or implementation
costs, and impact on existing equipment.
• I nstalled, configured and tested products and equipment being reviewed by management.
• Implemented system software changes, operating system releases and maintained the
operational status of systems.
• Diagnosed system failures to isolate source of problems between equipment, system software,
and application programs.
• Advised staff on issues pertaining to operating systems and hardware status.
• Commended by management for quickly resolving issues and ensuring business productivity.
• Performed other duties as assigned.
Contact this candidate