Cybersecurity Professional
Resume:
Phillip C Porter
Cybersecurity Professional
214-***-**** ********.******@*******.***
linkedin.com/in/phillipcporter
Professional Summary
Detail-oriented SOC and GRC Analyst with 4+ years in real-time threat detection, monitoring, and incident response using tools like Splunk, QRadar, and CrowdStrike. Experienced in root-cause analysis and developing response strategies to minimize downtime and prevent data loss. Skilled in risk assessment, policy development, and ensuring regulatory compliance with frameworks such as NIST, ISO 27001, and PCI-DSS. Proven ability to conduct thorough audits, develop security policies, and enforce data protection regulations across enterprise environments.
Education
Master of Science in Cybersecurity — University of Dallas
Master of Business Administration (MBA) — University of Dallas
Bachelor of Arts in Communications — University of Minnesota
Relevant Coursework: Network Security, Cryptography, Application Security, Cloud Security, Risk Management, OSI Modeling, NIST Framework, ISO 27001/002, CIS Benchmarks, Security Analytics, Windows OS, iOS, Digital Forensics, AI and Machine Learning for automation
Certifications
CompTIA Security+
AWS Certified Cloud Practitioner
Progress toward CySA+, CISA, and CISM certifications
Professional Experience
Cybersecurity Analyst
Cognizant Technology Solutions — July 2023 to August 2024
Monitored and analyzed security alerts from SIEM tools (Splunk and QRadar) to detect and respond to threats in real-time.
Conducted threat hunting activities by investigating abnormal user behaviors and network traffic patterns to proactively identify and mitigate potential security incidents..
Participated in incident response activities, including containment, eradication, and recovery, in collaboration with the IT and forensics teams.
Documented all incidents and created post-incident reports to refine the incident response plan and recommend security improvements.
Collaborated with cross-functional teams to implement robust security controls, driving compliance across multiple business units.
Assist in the development of AI-driven cybersecurity solutions focused on combating email-based threats such as phishing, socially-engineered attacks, and account takeovers, enhancing security posture across client organizations.
Utilize behavioral analysis and machine learning algorithms to identify patterns in human behavior, helping to predict and prevent advanced email threats in real-time.
Assist efforts in threat intelligence gathering by monitoring and analyzing emerging email-based cyber threats, keeping Abnormal Security’s clients informed and protected from sophisticated attacks.
GRC-Specific Contributions:
Conducted comprehensive risk assessments for critical assets and third-party vendors, identifying potential risks and implementing mitigation strategies.
Developed and updated security policies to align with ISO 27001 and NIST standards, ensuring compliance with regulatory requirements.
Performed regular compliance audits, gap analyses, and reported findings to senior management, facilitating corrective action plans where necessary.
Collaborated with cross-functional teams, including legal and IT, to ensure the organization’s security posture adhered to GDPR, PCI-DSS, and HIPAA standards.
Cybersecurity Consultant
Mindlance — April 2022 to July 2023
Assisted with the management of security alerts and supported senior analysts in malware analysis and response.
Configured and updated firewall rules, and assisted with vulnerability scanning and patch management activities.
Participated in weekly threat intelligence briefings to stay updated on new attack methods and mitigation strategies.
Conduct security assessments and risk analyses on client systems to identify potential vulnerabilities, leading to a 10% reduction in successful attacks over the past year.
Act as a primary liaison and subject matter expert on cybersecurity for clients and internal stakeholders, offering guidance on best practices for threat prevention and cybersecurity awareness.
Develop and present security training sessions for clients on recognizing and mitigating socially-engineered email threats, contributing to a 25% improvement in client phishing awareness scores.
Engage in continuous research on cybersecurity trends and emerging threats, ensuring that Abnormal Security’s solutions remain at the forefront of industry standards and innovations in email security.
GRC Analyst-Specific Bullet Points:
Assisted in developing and managing risk assessments and vendor assessments, contributing to a centralized risk register.
Supported external and internal audit processes by gathering evidence, documenting controls, and preparing compliance reports.
Participated in the development and rollout of a compliance training program for employees, increasing awareness of data privacy policies and regulations.
Auditor
Franklin American Mortgage Company — June 2014 to February 2022
Conducted meticulous reviews of loan application files, assessing accuracy, completeness, and compliance with internal guidelines and external regulatory standards, ensuring thorough validation.
Systematically examined and audited loan files post-approval to verify the authenticity of documentation, cross-check data accuracy, and confirm adherence to established lending criteria, ensuring comprehensive validation.
Skills
SOC Analyst-Specific Skills:
Threat Detection & Incident Response: SIEM (Splunk, QRadar), SOAR (Exabeam), Malware Analysis, Log Analysis, IDS/IPS, Threat Intelligence
Security Operations: Security Event Monitoring, Root Cause Analysis, Endpoint Protection, Vulnerability Management, Incident Triage
GRC Analyst-Specific Skills:
Governance & Compliance: NIST 800-53, ISO 27001, GDPR, HIPAA, PCI-DSS, SOX, Regulatory Audits, Policy Development
Risk Management: Risk Assessments, Remediation Planning, Compliance Audits, Controls Implementation
Technical Skills:
Security Tools: Splunk, CrowdStrike, Qualys, Nessus, Zscaler, ProofPoint, Microsoft Defender
Network Security: Firewalls, VPNs, IDS/IPS, Network Segmentation, Intrusion Detection
Cloud Security: AWS, Azure, Cloud Compliance
Soft Skills:
Leadership, Cross-Functional Collaboration, Communication, Problem-Solving, Analytical Thinking
Professional Memberships
Member, Information Systems Security Association (ISSA)
Member, Information Systems Audit and Control Association (ISACA)
Summary of Qualifications
4+ years of hands-on experience in SOC operations and GRC frameworks, with a proven record of enhancing security posture and maintaining compliance.
Expertise in implementing risk management strategies, performing log analysis, and conducting threat detection using cutting-edge security tools.
Strong leadership skills demonstrated by mentoring junior analysts and leading cross-functional teams to improve security processes and drive compliance initiatives.
MS in Cybersecurity and MBA provide a strong foundation in both technical cybersecurity and business strategy, ensuring a well-rounded approach to security and risk management.
Projects
ISO 27001 Certification Project: Worked with the compliance team to prepare for ISO 27001 certification, ensuring all security controls were documented and met the standard’s requirements.
Vendor Risk Assessment Program: Developed and implemented a vendor risk assessment program to evaluate third-party risk exposure and enhance supply chain security.
SIEM Implementation Project: Assisted in configuring and deploying Splunk for enterprise-wide monitoring, setting up custom dashboards and alerts.
Incident Response Playbook Development: Developed playbooks for ransomware, phishing, and data breach incidents to standardize the SOC’s response procedures.
Contact this candidate