Cyber Security Incident Response

JUAN CARLOS CONTRERAS LOPEZ

Cybersecurity Expert and Incident Response Specialist

Phone: 720-***-**** / 409-***-****

Location: Denver, Colorado / Texas, USA

Email: *************************@*****.***

LinkedIn: www.linkedin.com/in/juan-carlos-contreras-325284331 EDUCATION

Universidad Tecnológica Aguascalientes (UTA)

Bachelor's Degree in Computer Systems Engineering

Professional License: 80595283

PROFESSIONAL PROFILE

I am a highly motivated cyber security professional with over 8 years of experience in protecting critical infrastructures and sensitive data in corporate environments. My background includes roles in security analysis, incident response, and risk management, where I have demonstrated exceptional skills in identifying vulnerabilities and implementing effective solutions to mitigate threats.

With a solid foundation in Computer Systems Engineering and multiple internationally recognized certifications, such as Certified Ethical Hacker (CEH) and Certified Information Systems Security Professional (CISSP), I possess a deep understanding of IT security best practices and compliance regulations. My proactive and analytical approach allows me to anticipate security issues before they escalate into critical incidents, thereby ensuring business continuity and protecting organizational assets. I have led teams in implementing security strategies that have resulted in a significant reduction in security incidents and an improvement in the overall security posture of the company. My experience includes managing advanced security tools such as SIEM, next- generation firewalls, and Data Loss Prevention (DLP) solutions, as well as conducting penetration testing and security audits.

I excel in communicating complex technical concepts clearly and effectively to non-technical audiences, facilitating collaboration among multidisciplinary teams and raising security awareness throughout the organization. Additionally, I am strongly committed to continuous education and updating my skills in a rapidly evolving field. As a passionate cyber security professional, I am constantly seeking new opportunities to apply my knowledge and contribute to creating safer digital environments. I am prepared to take on complex challenges in data protection and IT infrastructure, and I am eager to collaborate with teams that share my vision of a safer digital world. WORK EXPERIENCE

Stratus Meridian LLC IT Security Engineer

Dallas, Texas 01/08/2024 – Present

• Supervised the implementation of next-generation firewalls in the network infrastructure, enhancing security and performance with a focus on minimizing operational disruptions.

• Managed and monitored Sophos UTM Firewall and Endpoint Antivirus, ensuring data protection and business continuity.

• Conducted security assessments and system audits to identify vulnerabilities and recommend improvements in the security infrastructure.

• Provided technical support to internal clients and resolved network issues, managing tickets through ServiceNow with a 95% first-contact resolution rate.

• Coordinated the management of the Anti-Spam system, improving the efficiency of phishing threat detection and mitigation.

Softtek Cyber Security Analyst

Aguascalientes, Mexico Feb 2020 – 01/08/2024

• Acted as Cyber Incident Response (CSIRT) and SOC Tier 2, managing and resolving security incidents in real time.

• Conducted phishing and malware analysis, extracting Indicators of Compromise

(IOCs) and developing effective mitigation strategies that reduced the risk of future attacks by 30%.

• Implemented and managed accounts in CyberArk, facilitating agent onboarding and troubleshooting in Windows and Unix systems.

• Monitored and managed security events using ATP systems, WAF, IDS/IPS, and firewalls, analyzing alerts and escalating critical incidents to the response team.

• Contributed to the implementation of data security policies and Varonis configuration, enhancing visibility and protection of sensitive data in on-premises and cloud environments.

Tech Mahindra Security Consultant III

Aguascalientes, Mexico Jan 2018 – Feb 2020

• Provided training and guidance in cyber incident response, specializing in advanced phishing analysis and malware reverse engineering techniques.

• Developed and executed attack simulations and incident response exercises to improve team preparedness and reduce incident response time.

• Collaborated in the implementation of DLP solutions, ensuring that confidential information was protected against leaks and unauthorized access.

• Participated in the evaluation and selection of security tools, improving the company's security posture through the integration of advanced technologies. Nissan A1/A2/Compas IT Risk Security Operations

Aguascalientes, Mexico Jul 2014 – Jan 2018

• Led the IT security operations team, managing security incidents and malware analysis, ensuring the protection of critical systems.

• Implemented a continuous improvement program in security processes, achieving a 40% reduction in incident response time through process optimization and staff training.

• Coordinated security event management, utilizing tools such as Microsoft Defender ATP, Cisco IPS/FW, and Azure to monitor and respond to threats in real time.

• Conducted periodic vulnerability assessments and security audits, developing detailed reports and recommendations for senior management on the state of IT security.

• Acted as the point of contact for coordination between security teams and other departments, facilitating communication and collaboration in risk management. CERTIFICATIONS

1. Certified Ethical Hacker (CEH)

• Description: This certification validates a professional's ability to think and act like an ethical hacker. It provides knowledge of hacking techniques, tools, and methodologies to identify and remediate vulnerabilities in systems and networks.

2. CompTIA Security+

• Description: A foundational certification covering information security principles, including risk management, cryptography, and network security. Ideal for those looking to establish a solid foundation in cyber security. 3. Certified Information Systems Security Professional (CISSP)

• Description: Globally recognized, this certification is for experienced cyber security professionals. It covers a broad spectrum of topics, including risk management, security architecture, and identity and access management. 4. Certified Information Security Manager (CISM)

• Description: This certification is designed for those who manage, design, and oversee an organization's information security. It focuses on risk management and security governance.

5. Certified Information Systems Auditor (CISA)

• Description: CISA is a certification that validates the ability to audit, control, and secure information systems. Ideal for professionals working in IT audit, control, and security.

6. Microsoft Certified: Azure Security Engineer Associate

• Description: This certification validates skills in implementing security solutions on Microsoft Azure. It covers identity management, data protection, and network security in cloud environments.

7. Cisco Certified CyberOps Associate

• Description: This certification focuses on the skills necessary to work in a Security Operations Center (SOC). It covers security event monitoring, incident response, and threat management.

8. AWS Certified Security – Specialty

• Description: This certification validates expertise in protecting data and applications on Amazon Web Services (AWS). It covers topics such as identity management, data protection, and incident response in the cloud. 9. GIAC Security Essentials (GSEC)

• Description: GSEC is a certification that demonstrates a professional's practical knowledge in cyber security. It covers topics such as risk management, cryptography, and network security.

10. Certified Cloud Security Professional (CCSP)

• Description: This certification is designed for those working in cloud security. It covers cloud security architecture principles, compliance, and risk management in cloud environments.

11. Offensive Security Certified Professional (OSCP)

• Description: This certification is recognized for its practical approach to penetration testing. Candidates must demonstrate skills in exploiting vulnerabilities and ethically gaining access to systems. 12. ITIL Foundation

• Description: ITIL is a framework of best practices for IT service management. This certification provides a basic understanding of how to align IT services with business needs.

TECHNICAL SKILLS

Cybersecurity

• Threat Analysis: Experience in identifying, analyzing, and mitigating cyber threats using threat intelligence and forensic analysis tools.

• Incident Response: Skills in managing security incidents from detection to recovery, focusing on minimizing impacts and documenting lessons learned. Security Tools

• SIEM (Security Information and Event Management): Experience using tools like Splunk and QRadar for collecting, analyzing, and correlating security event data.

• Firewalls and Intrusion Prevention Systems (IPS): Configuration and management of firewalls (Palo Alto, Cisco ASA) and IPS/IDS systems to protect the network from attacks and unauthorized access.

• Antivirus and DLP (Data Loss Prevention): Implementation and management of antivirus solutions (Symantec, McAfee) and DLP to protect sensitive data and prevent information leaks.

Penetration Testing and Vulnerability Assessment

• Penetration Testing Tools: Experience using Metasploit, Nmap, Burp Suite, and OWASP ZAP for penetration testing and security assessments of web applications and networks.

• Vulnerability Analysis: Utilization of tools like Nessus and Qualys to conduct vulnerability scans and generate detailed reports with mitigation recommendations. System Administration

• Operating Systems: Extensive experience in administering and configuring Windows and Linux (Ubuntu, CentOS) systems, including software installation, user management, and security configuration.

• Virtualization and Cloud: Knowledge of virtualization technologies (VMware, Hyper- V) and cloud services (AWS, Azure) for implementing and managing secure environments.

Networking and Protocols

• Network Configuration: Skills in configuring networks, including VLANs, VPNs, and NAT, as well as managing network devices

• Security Protocols: Knowledge of security protocols such as SSL/TLS, IPsec, and SSH to secure communications over the network.

• Identity and Access Management

• Access Control: Implementation of access control policies and identity management using tools such as Active Directory and LDAP.

• Multi-Factor Authentication (MFA): Implementation of MFA solutions to enhance security for access to critical systems.

• Security Methodologies

• Security Frameworks: Familiarity with frameworks such as NIST, ISO 27001, and CIS Controls for implementing effective security practices.

• Risk Management: Experience conducting risk assessments and security audits to identify and mitigate vulnerabilities in IT infrastructure.

• Development and Scripting

• Scripting: Knowledge of scripting languages such as Python and Bash for automating security tasks and data analysis.

• Secure Development: Understanding of DevSecOps practices and secure development principles to integrate security into the software development lifecycle. Values

Integrity: I act with ethics and honesty in all situations, ensuring that the decisions and actions I take in the field of cybersecurity align with professional standards and organizational policies.

Responsibility: I take responsibility for my actions and decisions, ensuring that each task I perform in data and system protection is backed by a proactive approach that considers security implications.

Commitment: I am deeply committed to the protection of information and the security of systems, dedicating time and effort to stay updated on the latest trends and threats in cybersecurity.

Collaboration: I value teamwork and interdepartmental collaboration, understanding that cybersecurity is a collective effort that requires the active participation of all members of the organization.

Adaptability: I possess the ability to quickly adjust to changes in the technological environment and emerging threats, allowing me to implement effective solutions in dynamic situations.

Strengths

Critical Thinking: I have the ability to analyze complex cybersecurity problems logically and systematically, enabling me to identify vulnerabilities and propose effective data-driven solutions.

Attention to Detail: I excel in identifying critical details that others may overlook, which is essential for detecting vulnerabilities and preventing security incidents. Technical Knowledge: I possess a strong command of cybersecurity tools and technologies, including firewalls, Intrusion Detection Systems (IDS), and digital forensics, allowing me to implement and manage effective security solutions. Communication Skills: I have the ability to translate complex technical information into understandable terms for non-technical audiences, facilitating training and awareness regarding security throughout the organization.

Results Orientation: My focus is centered on achieving specific and measurable goals in the field of cybersecurity, always seeking to improve the organization's security posture and minimize risks.

Proactivity: I anticipate potential problems and threats before they materialize, implementing preventive measures and mitigation strategies that protect the organization's infrastructure. Learning Agility: I have a constant desire to acquire new knowledge and skills in the field of cybersecurity, participating in courses, certifications, and conferences to stay at the forefront of emerging trends and technologies.

Stress Management: I possess the ability to work under pressure and effectively resolve security incidents, maintaining composure and making informed decisions during critical situations.

"I am excited about the opportunity to contribute my skills and experiences and to be part of a team that values innovation and growth. I am confident that my passion for cybersecurity and my commitment to excellence will allow me to add value from day one. I appreciate your consideration of my application and look forward to the possibility of discussing how I can contribute to the success of your team."

Contact this candidate