BROOK D. MERRITT Jr IT Security Analyst Jr Pen-Tester Security+ Certified

linkedin.com/in/brook-merritt ad00na@r.postjobfree.com 585-***-**** Rochester, NY. 14609 Top 2% TryHackMe

PROFESSIONAL SUMMARY

Technically proficient in IT Help Desk, Cybersecurity & Penetration-Testing fundamentals; with a unique understanding of interdisciplinary behaviors, to maximize team outcomes. Always optimistic and faces challenges head-on with a high level of critical thinking and a solution-minded outlook. Has a solid record of providing exemplary customer service and communications within highly technical environments across a variety of industries. An asset to any organization. Avid “TryHackMe” labs and CTF enthusiast. RELEVANT WORK EXPERIENCE

Calero MDSL – 2023 – Jr IT Security Analyst

Daily responsibilities included: Implementation, maintenance, configuration and support of all internal systems, employees, clients and peripheral subsystems in an Enterprise Endpoint User Support related role in a TEM software company; to include but, not limited to: MS Sharepoint, Azure AD, Active Directory, MS Intune, 365 Admin, Exchange Admin, MS Teams, Remote Desktop Support, VPN Support, Physical Networking (Hardware and Software) within corporate HQ office setting, Help desk Support and Critical Ticketing System.

Effectively and efficiently bypassed login credentials on a Mac Pro laptop for recently separated mid-level marketing employee which resulted in critical deadlines being met for entire marketing team handling a company-wide re-branding campaign, saving the company thousands of dollars in redundant costs and lost data. “I hacked the Mac!”

Collaborated with global associates and employees on a wide variety of network issues daily to effectively reduce priority and other tickets in the IT Help Desk queue. Rochester Institute of Technology – 2022 - Cybersecurity & Web Application Penetration- Testing Apprentice

Performed vital security research and analysis (Penetration-tests) on clients' computing systems

(Active Directory GPE environments to include but, not limited to Access Control Lists and privileged access, that directly impacted work-flows, security compliance, risk assessments

(Governance, Risk and Compliance) and, network infrastructure.

Functional familiarity with Relational Database Systems like SQL, pulling queries, and Identity Access Management (IAM) similar to Active Directory Domains.

Identified critical vulnerabilities of web applications through a variety of reconnaissance, network scans (Nessus, Nmap) and exploitation using Kali Linux, Burp Suite, OWASP Zap, Nikto, Dirbuster & Nmap. Provided suggestions for remediating risks and patching vulnerabilities; according to NIST 800-37 security “best practices” when in-scope of project parameters.

Prevented devastating loss of revenue to company by clearly documenting and explaining risk assessment findings to company stakeholders; along with associated severity ratings (Nessus, CVE, CVSS). Explained potential devastating impact (if unresolved) to business operations and stakeholders.

Performed collaborative risk assessment & vulnerability report writing. Rochester Institute of Technology – 2020 - Help Desk Analyst / Cybersecurity Bootcamp

Prevented significant data loss, system crashes, and negative financial impact through efficient facilitation of service ticket requests. Provided essential problem recognition, resolution and follow up for both, routine and complex user problems and, escalated the issue when appropriate.

Evaluated and prioritized incoming help tickets, emails and requests from users and staff experiencing problems with software configuration, networking issues, hardware and other IT- related topics and accurately logged and tracked ticketing-queries and maintained accurate and updated records related to problem documentation/resolution.

Learned quickly, the fundamentals to Access Control Lists, Multi-factor Authentication and encryption.

Familiarity with SIEMs and ability to understand and identify inputs and data sources.

Solidified a fundamental knowledge of security processes (port-mapping, vulnerability identification & remediation, anomaly detection), platforms (networking, firewalls, proxies, cloud- based and WAN/LAN) and risk categorization frameworks (NIST, CVE, ISO). EDUCATION

Rochester Institute of Technology – 2022 - Cybersecurity and Web Application Penetration- testing Apprenticeship (Comp-Tia Sec+ Certified)

(Upcoming CEH/Pen+ exams, pending availability)

Rochester Institute of Technology – 2020 – Cybersecurity and Help Desk Analyst Bootcamp Certification

Le Cordon Bleu College – 2015 – 2017 – Bachelor's Degree (Summa Cum Laude, 3.90 GPA)

Culinary Management

Le Cordon Bleu College – 2013 – 2015 – Associate’s Degree (President’s List, Dean’s List, Cum Laude, 3.75 GPA)

Hospitality and Restaurant Management

MILITARY SERVICE

U.S. Army Reserves / Regular Army – 1987-1990 – (MOS-91A Medical Specialist/ 13B Artillary)

Attained Spec 4 / E-4 Rank