Information Security Cybersecurity Engineer
Resume:
Sunday Dosumu
**** ***** **** ****, *****, MD ***15
Email: *********@*****.*** Phone: 443 -788 -7409 OBJECTIVE
Seeking a Information Security/Security Operations Center Analyst position PROFESSIONAL PROFILE
Experienced Cybersecurity Engineer with a 5-year track record, proficient in managing vulnerabilities, implementing Identity and Access Management solutions, overseeing Authentication Services, conducting threat hunting, and proficient in firewall management, IDS/IPS configuration, and data loss prevention.
Possess a robust comprehension of the OSI layer model and specialized expertise in identifying application-level vulnerabilities.
Cybersecurity, Incident Management, and compliance support of Enterprise Infrastructure
Security policy interpretation and implementation requirements to ensure confidentiality, integrity, information, systems, and network availability.
Highly motivated, organized, and results and detail-oriented with excellent interpersonal, communication, and presentation skills.
Possessed a unique combination of technical abilities, communication skills, and the ability to multitask, allowing me to collaborate with end-users or businesses.
TECHNICAL SKILLS
Security Technologies: Nessus Security Center, Nmap, Wireshark, IDS/IPS; Log Management, Anti-Virus Tools; (Norton, Symantec), Security Information and Event Management (SIEM)
Application: MS Office (Word, Excel, Outlook, PowerPoint, Access); Wireshark, NMAP, Nessus, ArcSight, Google Docs, Active Directory, Identity and Access Management, CrowdStrike Endpoint Detection and Response (EDR)
Operating Systems: Windows, Unix-Based Systems (Linux).
Software: MS Office (Word, Excel, Outlook, Access, PowerPoint)
Framework: Mitre Att&cK, Cyber Kill Chain, ISO 27001/02, Cybersecurity Framework EMPLOYMENT HISTORY
Cybersecurity Engineer Jan. 2022 – Present
Providence Motors LLC, Bladensburg, MD
Responsibilities:
Performs vulnerability scanning with Nessus to detect potential risks on single or multiple assets across the enterprise network, assessing missing patches, weak passwords, unauthorized changes, and misconfigured privileges.
Develops, coordinates, implements, and maintains standards and procedures to protect information systems, data security, and integrity.
Leverage Nessus to identify systems compliance risk levels, identify non-compliance issues and security vulnerabilities, and manage remediation activities.
Daily review of logs and alerts from IDS/IPS devices and DLP system.
Analyzed Symantec DLP reports, delivering key metrics to the manager for informed decision- making.
Manage Symantec DLP to monitor and safeguard network communications, ensuring user data security within and outside the corporate network.
Support the Threat Management Team in implementing Proofpoint Email security solutions, contributing to the quarantine of outbound emails violating DLP policies.
Conduct thorough checks on the configuration and health of Data at Rest (DAR) and Data in Motion (DIM) Servers.
Execute system vulnerability scans on servers and infrastructure devices using Nessus, maintaining a vigilant approach to security monitoring.
Manages the remediation of security issues and findings across the enterprise.
Creates, evaluates, and interprets internal and external information security policies and standards and participates in decision-making.
Supports the development and delivery of Information security education and awareness.
Coordinates with vendors and third parties to manage information security risks.
Observe and analyze traffic to learn valuable lessons from known malicious actors and determine countermeasures against such threats.
Provides daily status updates on existing cybersecurity incidents to follow up with clients/customers to ensure satisfactory resolution.
Develops risk assessment reports, identifying threats and vulnerabilities in systems. Conducts security control assessments to assess the adequacy of implemented management and operational, privacy, and technical security controls.
Performs system risk management following the NIST risk management framework.
Manages enterprise system security plan, Risk assessment, and Privacy policy development.
Perform incident response to investigate and resolve computer security incidents.
Develop follow-up action plans to resolve reportable issues and communicate with other Analysts to address security threats and incidents.
Prioritize and differentiate between potential intrusion attempts and false positive alerts.
Assisted with enhancing the incident response processes and procedures to improve incident response times, analysis of the incident, and overall SOC functions.
Provides Incident Response (IR) support when analysis confirms an actionable incident.
Manages information security risk assessment and research and recommends remediation plans and strategies.
Provides strategic consulting on security risk assessment, analysis, and compliance and recommends remediation plans and strategies.
Monitor and protect business and sensitive data in motion, in use, and at rest.
Send alerts and conditionally block data transfer when detected by Enterprise DLP-defined policy violations (events).
Incident detection and response: monitor and investigate data security incidents, such as unauthorized access attempts, breaches, or insider threats. Analyze security logs, alerts, and system reports to identify abnormal behavior and respond promptly to mitigate potential data loss or leakage.
Risk assessment: assess the organization's data landscape to identify vulnerabilities and potential. Threats and risks associated with data loss.
Evaluate existing security measures and conduct gap analysis to determine areas that need improvement.
Apply risk-based decision-making through a review of vulnerability remediation timeframe exceptions.
Support expansion of vulnerability detection sources, including adding sources into the remediation workflow and reporting
Assist in metric review to identify interesting trends and areas of potential focus to improve overall vulnerability remediation targets.
Cybersecurity Specialist Jan. 2019 – Dec. 2021
Alpha Technology Group, MD
Responsibilities
Conduct Network Security Monitoring on services including firewall, Web Application Firewall, Data Loss Prevention, and IDS/IPS.
Partnered with business departments to identify policy, procedure, and process gaps.
Managed and analyzed business violations of security policy and standards.
Prepared risk analysis documentation, reports, and recommendations
Coordinated with stakeholders and system owners to ensure compliance with security processes and controls.
Conducted follow-up meetings to assist information system owners in remediating outstanding security findings.
Developed risk assessment reports by identifying threats and vulnerabilities to the system.
Provided detailed reports on security findings and worked with development teams to remediate.
Managed vulnerability remediation and compliance requirements of applications to meet the regulations.
Conducted comprehensive system vulnerability scans on servers and devices using Ope Nessus Professional, addressing open ports, sensitive data exposure, weak credentials, and inadequate security controls.
Review and validate false positive reports from Nessus through the Common Vulnerability Scoring System (CVSS) before escalating identified vulnerabilities for remediation.
Utilized Nmap for comprehensive security auditing, identifying operating system and application versions on network hosts.
EDUCATION AND BACKGROUND
Certificate Program: In Seed Transformation ` Nov. 2022 Stanford Graduate School of Business, Stanford, CA
Doctor of Veterinary: In Medicine ` May 1989
University of Ibadan, Nigeria
MEMBERSHIP & CERTIFICATIONS
CompTIA Security+ May 2024
Contact this candidate