Cyber Security Computer Science
Resume:
MIGUEL VASQUEZ
TECHNICAL SKILLS
Vulnerability Assessment & Scanning, Remediation implementation, MPR, Cyber Security Awareness Training, Phishing, SharePoint, Zscaler, Proofpoint, SonarQube, Rapid7, Blackduck, Splunk, Bit9, Nessus, Nexpose, BitSight, VirusTotal, FireEye, ServiceNow ticketing and AWS
EDUCATION AND CERTIFICATIONS
UNIVERSITY OF MARYLAND
Bachelor’s in Computer Science
EASTERN GATEWAY COMMUNITY COLLEGE
Associate’s in Computer Science, May 2021
Certifications:
AWS Security Engineering Certification
Insightappsec Certified Specialist
PROFESSIONAL EXPERIENCE
CIENA, Hanover, MD July 2018– Present
Cyber Security Operations Analyst (January 2023 – Present)
•Conducted SonarQube training sessions, guiding individuals in the identification and resolution of vulnerabilities in software applications.
•Facilitated impactful learning sessions to empower teams, fostering a deeper understanding of SonarQube's capabilities.
•Conducted company-wide training sessions to enhance cyber security awareness and educate employees on best practices for security.
•Designed and executed phishing simulations to assess the company's susceptibility to phishing attacks.
•Executed comprehensive security scans using SonarQube and Rapid7, ensuring a thorough assessment of application security.
•Applied expert knowledge in running scans, promptly identifying vulnerabilities, and implementing effective remediation measures.
•Collected and analyzed data for Metrics, Performance, and Reliability (MPR) metrics, offering valuable insights for informed decision-making.
•Presented MPR metrics in a clear and concise manner, fostering understanding and facilitating data-driven discussions among colleagues.
•Spearheaded the integration of Blackduck, SonarQube, and Rapid7 into Splunk, optimizing the security monitoring and response process.
•Collaborated with cross-functional teams to ensure seamless integration and enhanced performance within the Splunk environment.
•Proactively researched new ASOC/ASPM tools, staying ahead of industry advancements, and recommended their adoption for the company's benefit.
•Implemented innovative solutions based on research findings, fortifying the company's security posture and overall resilience.
•Collaborated with colleagues to ensure the effective utilization of three scanner tools for scanning critical IT applications.
•Worked in tandem with team members to establish and maintain a robust scanning process, contributing to the security assurance of key IT assets.
Cyber Security Engineer (January 2021 – December 2022)
•Developed and maintained a security website to educate the company on evolving security risks and trends.
•Collected and analyzed data to measure the effectiveness of phishing awareness initiatives and implemented strategies to enhance resilience.
•Played a key role in leveraging SonarQube and other security products to ensure the security of company software.
•Conducted assessments and implemented measures to identify and remediate vulnerabilities in software applications.
•Utilized x-analytics to monitor and ensure timely completion of tickets related to third-party vendor risk assessment.
•Implemented effective tracking mechanisms to monitor task progress, ensuring that security-related tickets were handled promptly and efficiently.
•Worked on the development and tracking of tasks for the Product Security team.
•Collaborated with team members to define and manage tasks, ensuring alignment with security objectives and timely resolution of security-related issues.
IT Strategy & Governance Associate (January 2019 – December 2020)
•Biweekly updates to the cybersecurity website with the latest security information, contributing to heightened cybersecurity awareness among company personnel.
•Conducted daily reviews of ten to twelve Service Now ultra-region tickets, ensuring downloaded programs had no malicious intent, bolstering the company's cybersecurity defenses.
•Executed monthly scans using Bit9, Nessus, Nexpose, BitSight, VirusTotal, and FireEye to verify the company's software's currency and identify and address vulnerabilities promptly.
•Daily gathering of System Administrator (SA) information and ticket details, facilitating the seamless completion of the SA Tickets process.
•Ensured timely and accurate compilation of SA information, contributing to the efficiency of the overall ticket resolution process.
Cyber Security Analyst Intern (July 2018 – December 2018)
•Updated the cybersecurity website biweekly with fresh security information, effectively increasing cybersecurity awareness among employees.
•Conducted daily checks on one to two thousand suspicious domains, ensuring the safety and integrity of domains associated with the company.
•Monthly utilization of Raspberry Pi hardware to update cybersecurity content, contributing to the continuous enhancement of colleagues' cybersecurity knowledge.
•Reviewed ten to twelve Service Now ultra-region tickets daily, ensuring the absence of malicious intent in downloaded programs and maintaining the security integrity of the company's systems.
•Conducted monthly scans using Bit9, Nessus, Nexpose, BitSight, VirusTotal, and FireEye to ensure the company's software is up-to-date and free from vulnerabilities.
•Implemented a robust scanning 0routine to proactively identify and address potential security risks, ensuring the overall security posture of the organization.
Contact this candidate