Yue (Tom) Qin
Plainsboro, NJ 732-***-****
ad27a1@r.postjobfree.com www.linkedin.com/in/tom-qin-cyber
Cyber Automation and Data Analysis
Spearhead Innovative Solutions to Streamline Operations and Support Strategic Decision-Making
Guide teams with clear vision, fostering collaboration, and instilling culture of innovation and excellence. Demonstrate strong analytical thinking and problem-solving skills in cyber automation by systematically evaluating complex data sets, identifying root causes, and applying innovative solutions. Foster collaboration through effective communication and able to convey intricate technical concepts to diverse stakeholders. Adapts swiftly to evolving challenges, ensuring efficient and effective resolution in dynamic cybersecurity environment.
Expertise
Cyber Threat Intelligence
AI Automation
Data Analysis
Security Framework and Protocols
Data Warehousing
System Integration
Vulnerability Analysis & Report
Technical Skills
Programming Skills: Python, Pandas, Pytorch, Networkx, SQL, Shell Script, JSON, Perl, and C / C++
Software: Cortex XSOAR (Demisto), Docker, Hadoop, MSSQL, MYSQL, Tableau, TFS, Archer, ServiceNow, Mongodb, JIRA, Confluence, Splunk, VMware, AWS, LDAP, Kerberos, Hadoop, and WebSphere.
Cyber Intelligence API: CrowdStrike, Mandiant, Bae Systems (MISP), Flashpoint, Booz Allen Hamilton, Intel471, MITRE ATT&CK Framework, and TeamT5.
Other Knowledge: Agile methodology, software development life cycle (SDLC), CI/CD through TFS
Professional Experience
CITIGROUP, Weehawken, NJ, Warren, NJ, and New York, NY
Cyber Fusion Center Intelligence Lead Analyst 2015 - 2023
Created multiple automation solutions to transform manual alert systems into robotic and intelligence processes, gained efficiency, minimized human error, and provided analytic and data-driven solutions.
Developed a comprehensive vulnerability reporting solution by integrating Mandiant, Intel471, and NIST APIs. Created prioritization matrix including 'zero-day' threats, exploits, CVSS scores, and threat actors. Combined results with the firm’s software catalog to generate more effective patch prioritization.
oGenerated 1560 hours of resource-saving annually.
oImproved critical vulnerability response times from months to days.
Designed and implemented an Indicator of Compromise (IOC) collection system that parsed and synthesized proprietary data from CrowdStrike, Mandiant, Bae Systems, Flashpoint, and BAH, as well as Open-Source Intelligence (OSINT) for real-time security datasets through RIST API. The output is ingested into ServiceNow alerting systems via API. The process includes IOC tagging and de-duplication procedures, which resulted in 4680 hours of resource-saving, improved data quality, and automated 60% of total alerts, enhancing operational efficiency and enabled team to focus on more complex tasks.
Supervised development of consolidated web-based digital search for internal and vendor cyber intelligence reports, streamlining over 3 dozen report types including PDF, Words, Excel, Html, and Text format, enhancing analysts' search capabilities and speed. A bulk IOC de-duplication process is added to cut-down the search time more than half.
Developed solution to track IOCs used by threat actors, identifying and grouping shared tools across groups, resulting in resource savings of 1352 hours. Provided linkage matrix to senior management to help make informed decisions on security measures.
Created compromised card solution for fraud center solution, leveraging external vendor intelligence and dark web searches to automate alerts for compromised credit cards and login credentials, strengthening security measures, and mitigating potential loss and repudiation damage.
CITIGROUP, Weehawken, NJ, Warren, NJ, and New York, NY
Middleware Support Specialist 2009 - 2015
Implemented and supported projects such as Buildforge, WebSphere, and Zlinx for firm’s consumer department as well as documental teams. Established WebSphere HA environment utilizing HACMP and WebSphere Application Cluster HA environment.
Developed Shell and Perl scripts to monitor the status of cluster nodes, ensuring reliability and availability.
Automated SSL certificate expiration date monitoring custom Shell scripts and implemented email alerts to notify certificate owners, enhancing proactive management for both intranet and internet through proxy servers.
CITIGROUP, Weehawken, NJ, Warren, NJ, and New York, NY
Senior AIX System Administrator 2000 - 2000
24x7 production support for multiple Enterprise Data Warehouse systems such as Diner Club cards, Citi Mortgage data warehouse, CBNA consumer Promotion Inventory database warehouses, and CAM (Cards Analytical Model) which retrieves data from several different sources for loading into the Enterprise Data Warehouse for a variety of firms banking and credit cards. The Enterprise Data Warehouse provides online access to a large variety of customer information.
Built up entire data warehouse for RBNA project, by using HMC and Dynamical Logical Partition (DLAPR), leveraged heavily on scripting to automate day to day work.
Coordinated with IBM to migrate 54 SP2 nodes to 8 Regatta boxes. Configured NDM for internal and external secure data transmission.
Supported for SP environments with EMC Powerpath and Volume Logical for large data storage.
Education Certifications
Doctor of Philosophy (PhD), Physical Chemistry, Oklahoma State University, Stillwater, OK
Master of Science (MS), Physical Chemistry, Jilin University, China
Bachelor of Science (BS), Physical Chemistry, Wuhan University, China
IBM Certified Advanced Technical Expert for RS / 6000 of AIX (AIX / 4.3 System Administration, SP2 System Administration, AIX Install / Recovery, TCP / IP Communication)
IBM Certified WebSphere / 6.1 Administrator