Cyber Security Analyst

RAVI SONI

Cyber Security Analyst

Brampton, ON, L6P 1L5 LinkedIn ad5xkq@r.postjobfree.com +1-647-***-**** Seeking a dynamic role as a Cyber Security role within a forward-thinking organization where I can leverage over 4 years of experience to enhance project efficiency and elevate data security. Committed to ensuring robust compliance with industry standards including PCI, NIST, ISO, and IRAM2. Proficient in conducting impactful threat modeling to reduce security incidents and designing optimized network infrastructure for enhanced resilience. Skilled in advanced network monitoring, cyber defense, security architecture, and penetration testing. Capable of leading threat-hunting operations and incident response plans to perform root cause analysis. Eager to apply my expertise in mitigating risks and contributing to the success of a progressive organization. Skills

• Methodologies: Agile, Waterfall

• Programming Languages: Python, Java, C++, Power Shell

• Cryptography and Compliance: PCI, NIST, ISO, IRAM2, CIS standards

• Networking Protocols: TCP/IP, IPv4, VPN, HTTP, DNS, LAN/WAN, OSPF, BGP, Proxies, NextGen firewalls

• Security Tools: Nmap, Snort, TCP Dump, Nessus, Wireshark, IAM, Core Impact, OpenVAS, HIDS/HIPS, SIEM

(Security Incident Event Management) solutions, Active Directory, EDR, IDS, IPS, DHCP, Splunk, Burp suite, OWASP TOP 10 Database: MS SSMS, MySQL, AWS RDS

• Cloud Technology: AWS, Azure, GCP

• Firewall Administration and environment: Cisco ASA and FortiGate, Malware Sandboxes

• Repository Tools and Frameworks: MS SharePoint Server, Confluence, GitHub, Cyber Kill Chain, MITRE ATT&CK framework, Azure DevOps, JIRA, or Zendesk

• Reporting, Modeling & Analytics Tools: MS Office, Microsoft products (Windows, Outlook/Exchange/O365)

• Other Tools: Vendor Risk Management, Incident and Threat Management, Archer Tool, Threat Hunting, Vulnerability Scanning, IoT Security, Identity and Access Management

• Soft skills: Excellent written and verbal communication, teamwork, leadership, and problem-solving approach Experiences

PTC, Canada

Cyber Security Analyst Jan 2023 - Present

• Conducted cyber maturity and gap assessments against industry and government standards such as NIST CSF, NIST 800-53, SOC, ITSG-33, and CIS Critical Security Controls, resulting in a 20% improvement in overall security.

• Executed Nessus active vulnerability scans and compliance checks, validating the integrity of the application and operating system configurations, achieving enhanced baselines, and reducing critical vulnerabilities by 30%.

• Managed project planning, scheduling, resource allocation, and risk management, resulting in a 15% reduction in project timelines and a 10% decrease in project costs.

• Conducted base-level analysis using Splunk and online resources to determine the legitimacy of files and emails, ensuring a reduction in false positives by 25%.

• Provided detailed assessment reports to business owners and the vendor management office, enhancing decision-making accuracy by 20%, and led Information Security Vendor Risk Management, identifying, and addressing gaps in cloud security architecture, resulting in a 30% reduction in security vulnerabilities.

• Collaborated with cross-functional teams, including IT, security, compliance, and business stakeholders, to implement security solutions, resulting in a 25% increase in organizational alignment with security goals.

• Utilized Cyber Kill Chain and MITRE ATT&CK framework to track cyber threats and enhance cybersecurity posture, leading to a 40% improvement in threat detection and response capabilities.

• Coordinated security tools integration work for new and existing company acquisitions, ensuring seamless integration and adherence to security policies and standards, resulting in a 20% reduction in integration time and costs.

• Enhanced Cryptography knowledge, secured communication channels, and implemented PCI, NIST, ISO, and IRAM2 standards, resulting in a 30% decrease in security vulnerabilities related to cryptographic weaknesses.

• Performed in-depth analysis using SIEM solutions and Malware Sandboxes to detect and mitigate threats across the enterprise, resulting in a 35% reduction in successful cyberattacks. Mike Sierra, India

Cyber Security Analyst Nov 2018 - Aug 2021

• Utilized Software Development Life Cycle (SDLC) to configure and develop processes and standard procedures, optimizing efficiency.

• Engaged in network vulnerability assessments, analysis, monitoring, and reporting, reducing potential risks.

• Diagnosed and resolved TCP/IP problems, troubleshooting connectivity issues in multi-protocol Ethernet environments, resulting in a 25% decrease in network downtime.

• Investigated network traffic from IDS/IPS, employing event correlation to assess and mitigate risks, improving threat detection.

• Conducted Network scanning using tools like Nmap and Nessus as part of penetration testing and forensic investigation, patching vulnerabilities, and enhancing system security, resulting in a 50% decrease in identified vulnerabilities.

• Developed a Security Control Assessment test plan, strengthening information system security controls.

• Utilized Wireshark and Cisco ASA firewalls to verify and filter network traffic, improving network reliability, and conducted root cause analysis in cyber investigations to identify vulnerabilities and mitigate potential threats.

• Created SSMS tool/add-in that logs all manually entered SQL queries securely, enhancing data security and compliance, and reducing data breach risks by 25%.

• Integrated strong analytical and problem-solving skills into daily tasks, resulting in efficient incident response and resolution, and implemented Cloud security best practices for AWS, ensuring the integrity and confidentiality of sensitive data.

Certifications

• ISC2 Certified Professional Candidate - Pursuing CISSP certification.

• CompTIA Security+ - Certified

• NSE1, NSE2: Fortinet Network Security Expert Level 1 and Level 2: Certified Associate

• AWS Academy Graduate: AWS Academy Cloud Foundations

• CyberArk: Trustee CyberArk Privileged Access Security

• Microsoft Certified: Security, Compliance, and Identity Fundamentals

• U.S. Department of Homeland Security: National Cyber Security, Integration Center Industrial Control System

• Google: Analytics Academy

• Cisco Networking Academy: Cyber Security

• IBM: Python for Data Science

Education

IT Project Management, Post Graduation

Centennial College Scarborough, ON, Canada

Information Systems Security, Post Graduation with Honors Georgian College of Applied Arts and Technology Barrie, ON, Canada Information Technology, bachelor’s degree

K.J Institute of Engineering and Technology Vadodara, GJ, India

Contact this candidate