Information Security System
Resume:
LOUIS O. ANIBABA
Middle River, MD *****
714-***-**** ad38ys@r.postjobfree.com
PROFESSIONAL SUMMARY:
With over nine years experienced and knowledgeable in Cybersecurity protocols, such as BMRE (Basic Malware & Reverse Engineering) professional tools; TAF, Xacta and CSAM, Nessus, Nexus,
Metasploit, Burp-suite, Kiterunner, Kioptrix, Amass, Web Inspect, Qualys, HP-Fortify, Cisco IPS, Bro and Splunk, ArcSight and QRadar. Efficient and familiar with Federal Information Security ACT (FISMA), Federal Information Processing Standard (FIPS-199), NIST Standard and Acceptable Risk Safeguard (ARS). Experience in system security testing DAST and SAST tools and continuous monitoring, auditing, Technical Writing, Testing of Information controls and developing security policies, procedures and guidelines. Excellent communication and presentation at both professional and team capacity. Generate and review updated Information Security System Policies, System Security Plans, and Security baselines in accordance with NIST, FISMA, OMB App. III A-130 and industry best security practices. Applied appropriate information security control for Federal Information System based on NIST 800-37 rev1, SP 800-53, FIPS 199, FIPS 200 and OMB A-130 Appendix III. Experience in Identity Access & Management (IAM) to determine and implement efficient and effective methods.
WORK EXPERIENCES:
Lanibaba realty Notary and IT Consultation LLC: 09/2022- Present: Creating my personal company and exploring working on C2C, or 1099; developing skills and preparing for CISSP. Performing Auditing for clients and checking the automation for small business and Nessus scan for various clientele.
TISTA TECH/VA, Baltimore, Maryland 21220-Cybersecurity Specialist, Senior (SMS), Network
Security Service Line, Senior SIEM QRadar Engineer: 08/2021-09/30/2022
•Learn to apply CRE, Rules Set, and Offenses; QDI, X-force, Watson, Network threat analysis • Using the Log Source GUI to add new IP, system logs, create new Users, add wireless collection and new flow.
•Perform basic forensic with the User Behavioral analysis input and FireEye-iSight intelligence. •
Review MITRE Attack Tactics &Techniques report for accuracy of events
•Review Watson reports on offense to make further request for escalation.
•Using DSM GUI to Parsing unknown-logs, creating Case with IBM expert to provide answers and troubleshooting.
•Performing QRadar Vulnerability Scanning/Management (QVM) investigation and set up scanning. SIEM use to gather information for Auditors, UBA of employees, Network threat analytics. • QRadar Risk Manager (QRM) is used to analyze and make decision risk Patching or 3rd party covering.
•QRadar Incident Forensics (QRIF) is utilized by the incident response team to gather more information and in conjunction with Watson and IBM-Xforce to make professional decisions as needed.
•Performed configuring of QRadar and Dynatrace, SNMP set up, Application set up, and correlation
of rules.
•Analyzing logs from Palo Alto Firewall and corelating new threat into Custom rules
•Execute and maintain application portfolio to include business drivers, support, and ownership roles and responsibilities.
•Participated in CDM Splunk-Dynatrace configuration set up, create and monitor users’ behavior, adding new patches to the system to free up memories and make the system available to our clients.
•Check and update the working Service Now tickets as new updates are implemented.
Crest Consulting Group LLC, Rockville, Maryland 20855; Soc Analyst III/ Q-radar Analyst: CISSP and CISM Trainee: 11/2018-08/2021
•Learn and applied the OWASP training, USING Zed Attack proxy (ZAP)
•Learn and applied Pen-testing to augment our Web applications Firewall (WAF).
•Perform external, internal, targeted, blind and double-blind testing network infrastructure.
•Performed vulnerability testing, risk analysis and security assessment, and exploitation.
•Research and recommend security upgrades based on budget and utilize the updated reports.
•Performs and evaluates vulnerability scans within a multi-platform, large enterprise environment.
•Perform application system scanning and maintain application portfolio to include business drivers, support, and ownership roles and responsibilities.
•Manage privileged users and control privileged account access to authorized individuals only and restrict rights based on “a need to know “.
•Learn about CyberArk and serve as a Subject-matter-expert for CyberArk in a large enterprise.
•Performing diagnosis of CyberArk system related problems and support.
•Engage with the CyberArk vendor to ensure ongoing and adequate level of technical maintenance and support for all component parts.
•Hands on experience in installing, troubleshooting, maintaining CyberArk (10.3 and above) Password Management tool.
•Experience in configuring various CyberArk components like EPV, PVWA, PSM, Private Ark, CPM and others.
•Proficient in SQL server queries and scripting and Power-shell Scripting.
•Perform and support (IAM) Identity and Access management, with physical security assistance.
•Provide a detailed audit report of all privileged account access and record privileged activity for audit proof and forensic analysis.
•Proficient with Jenkins and GitHub, JavaScript and C++, Linux, Ubuntu, Ruby etc.
•Perform SIEM analysis with Arc-Sight and Q-Radar for various clientele.
•Network Forensics and threat analysis using STRIDE, PASTA and LINDDUN
•Performing work on systems on iCloud, Amazon’s web service (AWS), Microsoft’s Azure and IBM cloud.
•Learn and practice with IBM Q-radar and SIEM development with a contractor that recently changed and updated their system.
•Using Q-Radar to scan and detect vulnerabilities and integrate any recommended updates and configuration.
•Learning RFP and RFQ and discussing with stakeholders on a weekly basis.
•Utilized HP-Fortify on demand to set up and monitor Application Security, Free Open Source and both Static and dynamic testing.
•Advanced knowledge static analysis tools and methods and knowledge of dynamic analysis tools and methods
•Advanced knowledge software engineering concepts: GOF software design patterns, SOLID design principles (SRP, OSP, LSP, ISP, and DIP) and design methods (Scrum, XP, Lean, Waterfall).
•Perform Pen-testing analysis on systems, maintain logs and malware scanning, Snort, wireshark, web-inspect, Qualys and Nmap, Dir buster, golan-go.
•Monitor and perform administrative on Enterprise Splunk, adding new personnel, assisting with patching and memory rebuild, gather logs for audit, granting access to new users.
Edison Security Operation Center, California 92821 Security Analyst II—August 2013, -- May 2016.
•Work with Ubuntu, Kali-Linux, Linux, Ruby, GitHub and Windows server environments
•Perform reverse engineering of using GitHub for malware attacks.
•Compose and maintained proper security assessment plans documentation for project plans, security plans, self-assessments, SIEM, POAM, SAR, and the ISSM
•Assist with some coding analysis and reviews using Bash, Sql and other coding protocol.
•Participated as an alternate shift lead as necessary, mentor new associates on process and procedure, manage group mailbox, and open tickets for new incidents.
•Engage with the CyberArk vendor to ensure ongoing and adequate level of technical maintenance and support for all component parts.
•Provide a detailed audit report of all privileged account access and record privileged activity for audit proof and forensic analysis.
•Monitor security patch levels of the servers, workstations and network environments, and antivirus systems.
•Perform Pen-testing analysis on systems, maintain logs and malware, Application scanning, Snort, Wireshark, Web-inspect, Qualys and Nmap.
•Network Forensics and threat analysis using STRIDE, PASTA and LINDDUN
•Configure and troubleshoot network perimeter security infrastructure devices.
•Assess Vulnerabilities and provide Recommendations to fix Ticketing System.
•Triage potentially malicious events to determine severity and criticality of the event.
•Analyze network traffic using a variety of analysis tools in support of service objectives.
•Used HP-fortify to set up application security, Free Open Source, dynamic and static testing for total updates of reports as required.
•Perform security audit logs as recommended by NIST 800-92
•Perform Pen-testing to analyze each system and perform risk analysis.
•Perform vulnerability scanning with Nessus, Web-Inspect tools and Qualys to generate reports.
•Build IAM end to end functional and automated test plans.
•Implemented information security requirements for IT Systems through System Life Cycle from requirement definition phased through disposition.
•Conducted Security Risk Assessment and documented Key Controls.
•Helped guide System Owners and ISSOs through Certification and Accreditation (C&A) Process, ensuring the technical control Security Systems are in place and being followed according to the Federal Guideline (NIST SP 800-53).
•Installing and updating CyberArk with latest vendor updates.
•Operation and maintenance of the CyberArk system to ensure that CyberArk continues to be fully functional and provides the required level of service.
•Advanced knowledge static analysis tools and methods and knowledge of dynamic analysis tools and methods
•Advanced knowledge software engineering concepts: GOF software design patterns, SOLID design principles (SRP, OSP, LSP, ISP, and DIP) and design methods (Scrum, XP, Lean, Waterfall).
SOUTHERN CALIFORNIA UNIVERSITY OF HEALTH SCIENCE January 2011 -- August 2017;
Doctor of Chiropractic; Learning medical language and protocols, non-IT related
Long and Foster Inc; 2007-2011 o Licensed Realtor and investor- perform credit check, customer services that entails family relocation into Maryland. o Coordinate and educate clients the benefits of home buying in Maryland, enlighten then about the law and commitment of a contract in Maryland.
TEKsystems Employment Agency, New Jersey 07054; Security Analyst Specialist I – May 2004– September 2007.
•Work with both Linux and Windows server environments.
•Adapt and quickly learned a new position and industry to further develop analytical and technical
skills.
•Enforce an enterprise security policy around privileged account behavior which is flexible enough to meet granular audit needs (e.g., how often a privileged credential should change and password complexity).
•Provide Access Management support for the US Army battalion, including granting New User Account Activation, setting up a time frame for Password Resets and User Deactivation.
•Protect audit records in tamper-proof storage against unauthorized access, modification or deletion of logs
•Experienced in aspects of security technologies such as: IDS/IPS, port and vulnerability scanners, and network detection used in performance of daily activities.
•Analyzed over 1000 security Questionnaire responses and completed ICD 503 documentation within a reasonable period in compliance with NIST 800-53 rev 4
•Perform Pen-testing analysis on systems, maintain logs and malware scanning, Snort, wireshark, webinspect, Qualys and Nmap.
•Utilize detailed processes and procedures to analyze and escalate critical information security incidents.
•Compiled and computer two running cyber honey pots for data collections and analysis.
•Conducted system security assessments based on NIST 800-53
•Compiled security documentation, security assessment reports, system security and contingency plans, and disaster recovery plan.
•Compose and maintained proper security assessment plans documentation for project plans, security plans, self-assessments, SEIM, POAM, SAR, and the ISSM
•Ensure that CIA triad requirements are meant for databases and Identity.
•Perform security audit logs as recommended by NIST 800-9
•Reviewed Privacy Impact Assessment (PIA) System of Record Notice (SOR)
•Conduct reverse-engineering for known and suspected malware files.
•Perform analysis to evaluate and analyze complex malicious code using tools, including dissemblers, debuggers, hex editors, un-packers, virtual machines, and network sniffers.
•Perform updating and reviewing A&A Packages which include Core Docs, Policy & Procedures, Operations and Maintenance Artifacts, SSP, SAR, FIPS 199.
•Generated Configuration Management Plan (CMP), and Version Description Document (VDD) for information systems.
•Operation and maintenance of the CyberArk system to ensure that CyberArk continues to be fully functional and provides the required level of service.
•Network Forensics and threat analysis using STRIDE, PASTA and LINDDUN
•Learned about GitHub development and Jenkins, associated with malware resolution.
•Experience in Source Code Vulnerability Scan, SAST, DAST and Manual Penetration testing.
•Learned to perform static analysis tools and methods and knowledge of dynamic analysis tools and methods.
•Advanced knowledge software engineering concepts: GOF software design patterns, SOLID design principles (SRP, OSP, LSP, ISP, and DIP) and design methods (Scrum, XP, Lean, Waterfall).
United State Navy: USS Belleau-Wood LHA-3, Sasebo, Japan. Aviation Boatswain-Mate Handler-ABH AN-3/ E-3- November 1994-November 1998
Launch and retrieve helicopters and Harriers.
Perform daily crash gear safety checks and fire extinguisher checks.
Perform daily security patrol and stand watch at flight and hanger decks.
Supervise and certify new recruits from boot camp. Key Skills and Strengths:
Networking and Packet Analysis
Network Forensics and threat analysis using STRIDE, PASTA and LINDDUN
Windows Operator Fundamentals and Command Line
Linux Security, Fundamentals, and Command Line, PEN Testing, Malware Analysis (In development) DAST and SAST scanning.
Cyber Software Exploits and Defense (In development)
Troubleshooting, analyzing and repairing problems of computer elements such as desktop computers, laptops and various components/peripherals of an IT network.
Performing and setting up CyberArk creating a central repository to share and store proprietary or confidential data.
Proficient using Nmap, Burp-suite, Metasploit, Wireshark, Snort, Nexus, HP fortify etc.
Administering and monitoring performance of LAN/WAN network using remote connection tools.
Expertise in troubleshooting Hardware and Operating system related issue Experience in Anti-Virus Management - McAfee Enterprise Ed, Remote Console Excellent knowledge of Client/Server architecture, OSI layers, TCP/IP networks.
Various types of PC hardware such as, Apple/Mac, Dell, HP and Toshiba
Good understanding of Network Topology (LAN/WAN/Subnets/VPN/Firewalls).
Installed Security patches to servers & performing password reset for service accounts.
System and network performance and monitoring.
Customer service oriented: Ability to serve and communicate with different types of customers efficiently.
Efficient in Reverse engineering- Using tools such as Linux, windows 10, and Quora Programming and Software Skills
Software: Microsoft Office and Office 365, Adobe Photoshop, Dreamweaver MX, Flash Professional, Flash Catalyst, Flash Lite, Adobe InDesign, Matlab, Xilinx, Silos, Logic Aid, Circuit maker.
ASP. Net, WinForms, WCF, WPF, Silverlight, HTML5, AJAX, Web services, RPC, Bootstrap.
Programming Skills: Java, C++, PHP, SQL, JavaScript, Ruby, Familiar with Cascading Style, VHDL, Matlab, STK, C#NET, VB.NET, VB 6.0, XAML, HTML, XML/XSLT, X-PATH, XQUERY, WEB TECH.
Devices: Nexys2 Board, 68HC11-Microcontrolled, VMware, Ubuntu, etc. EDUCATION: CREST CONSULTING GROUP LLC-August 2018-2021
CISSP eight domain training for the certification exam, learning the managerial skills; o August
2018- October 2018-Training o Completion of 64hrs in IT SECURITY, CYBER SECURITY, FISMA, and SECURITY ASSESSMENT & AUTHORIZATION.
Learn about Cloud Computing, Office 365, and OSI.
Learn about CyberArk and the software like Endpoint Privilege manager fundamentals.
Completed Linux AWS concept and Essential, Python and other tools.
Morgan State University, Baltimore, Maryland: January1999-December 2003 Bachelor of Science in Biology
(minor in Chemistry)
Members of black chemist, members of biology club, worked as a Lab technician for microbiology and genetic professors.
Work as tutor in Chemistry and Calculus I and II
Contact this candidate