Security Analyst Information
Resume:
Bertrand Tuyisenge
************@*****.*** 207-***-**** Austin, Texas 78754
PROFESSIONAL EXPERIENCE
Overall Experience
• 3 years of experience with SIEM and vulnerability
• 2 years of security engineering experience (IAM, AWS, Azure)
• 3 years of program management and ticketing systems.
• 2 years of security analyst experience
• 2 Years of governance, risk and compliance experience
• 1 year of DevOps Experience
• 2 years of full stack development
WEX Inc. July 2022 – Present
Information Security Analyst /Engineering Remote Portland, ME
• Managed vulnerability assessment and remediation efforts and successfully closed security findings within strict deadlines.
• Designed and implemented security policies and procedures, ensuring compliance with ISO 27001, NIST and GDPR regulations.
• Conducted regular security audits and risk assessments, providing actionable insights to enhance the security posture.
• Developed custom security scripts and tools to automate repetitive tasks, improving operational efficiency by 25%.
• Worked closely with development teams to embed security best practices into the software development lifecycle (SDLC).
• Led comprehensive security assessments, identifying and mitigating critical vulnerabilities in cloud infrastructure and applications.
• Conducted in-depth code reviews using tools like Veracode, Checkmarx, and HPe Fortify, resulting in a 30% reduction in high-risk vulnerabilities.
• Collaborated with Red Team to perform penetration testing and develop threat models, improving the overall security resilience.
• Implemented automated security solutions, including SAST, DAST, and SCA tools, enhancing the efficiency of the security review process.
• Ensured all the exceptions had resolution plans and compensating controls in place while remediating the findings
• Worked with CISO and other teams to prioritize the findings based on their severity (critical, highs) and provided everything needed for audit.
• Regularly reviewed the browser extensions in place to make sure their codes are updated, and the manifest version is up to date.
• Collaborated with the development team, and DevOps for coding best practices and deployment.
• Led the initiative to integrate security controls into CI/CD pipelines, reducing the time to detect and remediate vulnerabilities by 40%.
Real Digital Information Security Analyst Remote Feb 2021- June 2022
• Assisted in monitoring and analyzing security events, identifying potential threats, and initiating incident response procedures.
• Performed security vulnerability scans using tools like Nessus and Qualys and provided detailed reports on findings through PowerBi.
• Supported the implementation of network security measures, including firewalls, IDS/IPS, and VPNs, ensuring secure access and data protection.
• Maintained and updated security documentation, including policies, procedures, and incident reports.
• Ensured cybersecurity hygiene, managed BitSight and SSC
• Took a lead on the policy exceptions and vendor management side (PCI, SOC, SaaS, AI and other assessments, HIPAA, API Assessment)
EDUCATION
• University of Southern Maine Master of Science, Computer Science and Cybersecurity
• Southern New Hampshire University August 2020 Bachelor of Science, Information Technology
• Thrive Cybersecurity Program Israel, October 2020 CERTIFICATES
• CompTIA CYSA+, November 2023
• CompTIA Security +, Feb 2023
• Penetration Testing Course Associate (ICSI, UK), March 2021
• Python Hacking Course, January 2021
• Web Application Penetration Testing Practical (WAPT), December 2020
• Network Security Specialist (ICSI, UK), June 2020
• Advanced Ethical Hacking, January 2020
Skills and Tools
• Security Tools: Veracode, Checkmarx, HPe Fortify, Nessus, Qualys, Burp Suite, Metasploit
• Programming Languages: Python, Java, JavaScript, C++
• Frameworks: OWASP, NIST, ISO 27001, GDPR
• Technologies: Docker, Kubernetes, AWS, Azure, GCP, LogicGate, Netskope, Axonius, Qualys, Splunk, Jira, Azure, NMAP, Virtual Machine, Ansible, Scripting, Jenkins, Coupa, Certa.
• Soft Skills: Strong analytical skills, excellent communication, team collaboration, problem-solving
Contact this candidate