Cyber Security Operations
Resume:
Urbain Dieme
Professional security specialist with extensive experience in vulnerability assessment, compliance, SOC analyst and penetration testing
Summary:
Security Analyst with experience of over 10 years in Cyber security operations.
Support monitoring of all Information Assurance Devices to identify and document all Intrusions and attempted intrusions.
Populate and maintain an intrusions database, and provide data analysis support; analyze data from Sensors, network security devices and applications using the security information event management systems, log servers, application interfaces and device consoles provided.
Document of evidence of system security compromise, generate of trend reports, and collect evidence of malicious or anomalous activity.
Report security incidents and/or network intrusions to Incident Handlers for dissemination to appropriate DOT points of contacts.
Identify anomalous and malicious activity.
Contribute to content creation, prioritize, rank and escalated incidents.
Provide support in the detection, response, mitigation, and reporting of cyber threats affecting client networks
Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security operations.
Maintaining proficiency in the use and production of visualization charts, link analysis diagrams, and Database queries.
Analyze and report cyber threats as well as assist in deterring, identifying, monitoring, investigating and analyzing computer network intrusions.
Provide recommendations based on best practice and experience to Develop processes that will enhance efficiencies needed to perform the above.
Understand the concept of arming the environment against threats
Thorough knowledge of Email investigations
Proficient with searching network logs to identify specific activity
Any other duties as requested by the Contracting Officer Representative and SOC management, Systems and Network Administration experienced,Proven Hands-on experience in Linux engineering especially Red Hat 5&6, Centos Fedora .Experienced in VMware Workstation, VMware, VMware Converter, and Hypervisor.
Configure and administer security rules and policies to permit and/or deny traffics based on company
Experience in Linux Firewall (iptables, system-config-firewall)
Experience in Performing User Account Management.
Knowledge on DNS/BIND, TCP/IP and Active Directory.
Experienced in monitoring applications on servers.
Experienced to apply patches, Tenable Security Center for vulnerability scans And Splunk for log analysis and troubleshooting.
Certifications & Training:
CompTIA Security + Certified
Microsoft Certified professional (MCP) - MCSE Digital Training center
Insight Technology – A+ Training - 1998
SQL Training Center Gaithersburg Business Center
Red Hat Linux and Centos Training.
Certified Ethical Hacker (CEH)
Education:
Associate Degree in linguistics, University of CAEN, France – 1996
Professional Experience:
Exelon Corporation, Bethesda Maryland January 2017 to Present
Security Monitoring & FISMA, FedRAMP Compliance Analyst
Responsibilities:
Work with the client, SaaS providers and internal development team to identify security gaps and resolve them to protect client data.
Establishing, monitoring, and re-assessing systems Plan of Action and Milestones to effectively address systems weakness or vulnerabilities.
Maintain A&A project documentation in CSAM and update the documents on an annual basis as part of the continuous monitoring RMF requirement.
Perform independent compliance reviews, tracking, and continuous monitoring of RMF A&A packages.
Advise developers and assist with the Lifecycle Assessment and Authorization (A&A) process and developing SSP.
Provide support for security related FedRAMP compliance controls; and audit systems, services, and processes to verify adherence to company security policies and procedures.
Central point of contact for questions about company’s FedRAMP security practices and support process for responding to Federal customer security questionnaires.
Develop information security policies, standards, procedures, and best practices to support a FedRAMP moderate operating environment
Actively participate in the risk management program.
Perform security risk assessments, analyze results, and provide recommendations for mitigations/enhancements.
Develop security controls and processes that align with company policies and meet regulatory requirements, FedRAMP specifically.
As a team member for the client Exelon Corporation assisted in implementing a robust patch management regiment to maintain infrastructure functionality to aid in the adherence to Cyber Security policies on various systems.
Updated and reviewed A&A Packages to include Core Docs, Policy & Procedures, Operations and Maintenance Artifacts, SSP, SAR, FIPS 200, FIPS 199, POA&M, BIA, PTA, PIA, and more Collected Operation and Maintenance artifacts on an ongoing basis so that Security Control Assessment (SCA) seamless.
Provided security expertise and guidance in support of security assessments and supported A&A activities according to the A&A project plan.
Reviewed authorization documentation for completeness and accuracy for compliance and facilitated Security Control Assessment and Continuous Monitoring Activities.
Executed examine, interview, test procedures in accordance with NIST SP 800-53A Revision 4.
Oversaw the preparation of a Comprehensive and Executive Certification & Accreditation (C&A) packages for submission to the Information Assurance Program Office for approval of an Authorization to Operate.
Reviewed and updating System Security Plan based on findings from Assessing controls using NIST SP 800-18 rev1, NIST SP 800-53a rev4 and NIST SP 800-53.
Applies appropriate information control for Federal Information Security based on NIST 800-37 rev1, SP 800-53 rev4, FIPS 199 and FIPS 200.
Port scanning with tools like Nmap to obtain the list open/active ports and potential services running on the target system
Vulnerability scanning with tools like Nessus or Burp Suite to identify specific weaknesses in the software and services running on target system and WebInspect, Nikto to scan web server
Kali Linux, Metasploit, Aircrack-ng, Zenmap for offensive security
Using STIG/SCAP for regulatory compliance and create POA&M to track weaknesses.
Conduct Security Assessment via document examination, interviews, and manual assessments; Populate the Requirements Traceability Matrix (RTM) with results of Security Assessment.
Manage Splunk knowledge objects (Apps, Dashboards, Saved searches,scheduled searches,Alerts)
Monitoring the infrastructure using Splunk platform
Took actions to ensure that the target systems met within the established quality procedures before being
handed back over to internal company clients Enforcing security Baseline on Clients servers
Patching using ansible framework.
Patching Solaris and Red hat servers using Ansible tool
Patching Rack servers
Red Hat Enterprise Linux 5 : version 5.9
Red Hat Enterprise Linux 6 : version 6.10
Red Hat Enterprise Linux 7 : version 7.4
Oracle Solaris 10 : no change
Oracle Solaris 11 : version 11.4
Solaris and Red hat UIQ servers
Phi servers and Solaris phi servers
Handled Zone servers and phi servers and Solaris phi servers and disks mirroring
Provided 24/7/365 systems support as necessary for the diverse needs of the organization. Conduct integrated analysis of multiple audit logs as well as Intrusion Detection System And Intrusion Prevention System using NIDS,HIDS and NIPS,HIPS.
Analyze data collected to determine if there are any security anomalies that require further action if so classify and document the incident logs and boot file stems and troubleshooting these VMware servers, power cycling
As part of my daily tasks, i implemented hardening, such as disabling ports, services, passwords
Carpathia Hosting, Ashburn, VA January 2015 to January 2017
Tier II & III Systems Administrator
Responsibilities:
Provided Tier 2 & 3 Systems Administration/Engineering of Windows, & Linux Server environments, & Storage devices
Provided operational support in response to monitoring alerts and resolving incidents Delivers customer-focused support through phone calls and ticket-based communications. Responsible for system maintenance, hardware & OS upgrades, software & application patching, server hardening, & resolving security risks.
User management, Creating and managing user account, groups and access levels
Monitored System Performance of Virtual memory, Managing Swap Space, Disk utilization and CPU utilization and Logical Volume Management
Systems Security Administration and User administration using Role Based Access Control Installs and maintained applications on Linux servers
Performed periodic system maintenance including OS and application patching on Linux
Performed data backup and restores for tape and disk platforms using Avamar, eVault, & Symantec Netback up
Managed and configured environments using VMware cloud Director, Hyper-V, & Citrix XenCenter and Virtual box
Responds to telephone calls, email & client requests via tickets(Service Now) for technical support of Servers
Worked closely with others to troubleshoot complex customer issues and document solutions
Use Splunk to Create and manage app, Creating users, role, permissions, and configured management reports and dashboards
Analyze security based events, risks and reporting instances Install, test and deploy monitoring solutions with Splunk services
Use Nessus to Analyze vulnerability scan results, system audits, and log events and clarify customer technical inquiries
Recommends systems modifications to improve network and hardware components as needed.
Manages assigned tickets to ensure SLA compliance & customer satisfaction
Scripting experience with bash shell to automate tasks and work.
Sprint Telecommunication, Herndon, VA January 2009 to December 2015
Linux System Administrator & SQL Server Database Administrator
Responsibilities:
Installs, configures and maintains Linux servers (Red Hat 4, 5 & 6, SUSE & Ubuntu) and supported applications
Responsible for system configuring/hardening by turning off unnecessary services; Perform system backups and recovery Built CentOS and RedHat Linux servers
Performed disk configuration & File Systems Management Created and Managed File Systems with LVM
Monitoring System Performance of Virtual memory, Managing Swap Space, Disk utilization and CPU utilization
Controlling the System Logging services, and examining system Log Files of system events Experience installing VMware
Installs and updates various programs using yum
Installs security fixes, kernel and OS patches via BSM tool
Performed configuration management in coordination with security guidelines
Monitors system performance using top, SAR, IOTOP, IOSTAT to ensure production jobs completed Coordinated Incident Management activities
Provided on call after hours support for escalated problems using DVI for remote login User management, Creating and managing user account, groups and access levels
Systems Security Administration and User administration using Role Based Access Control and Supported the project through the Remedy ticketing system to meet service level agreements Responsible for minimizing server downtime
Supported network Operations including identification of network issues
Maintain current LAN/WAN environment and provide troubleshooting when necessary Designed, configured, and optimized network & SQL server Database Administrator
Developed database procedures, triggers and SQL scripts Administered and manage all Microsoft SQL Server database systems
Participated in the design, maintenance, enhancement, object coding, and administration of all Microsoft SQL Server databases.
Developed plans, analyze problems and define future requirements.
Performed development testing, conversion, implementation, tuning and capacity planning.
Monitored and supported daily database maintenance operations.
Assisted in the migration from SQL Server 2000 to SQL Server 2005.
Worked with Windows 7/8, 10, SQL Server Integration Packages, and new server installation.
Contact this candidate