Customer Service Help Desk

Contacts

Professional Summary

Experience

Rasheed Andrew

**************@*****.***

Email: **************@*****.*** LinkedIn: https://www.linkedin.com/in/rasheed-andrew-56bb9378 Phone number: 347-***-****

A Cybersecurity and FullStack Engineer Specialist that delivers exceptional technical engineering and fortified security measures for a diverse application base. Expertise in Mac OS, and iOS. Resolves complex hardware and software issues tailored to specific security needs and fortified system security through implementation of multiple protocols. Highly effective communication and customer service skills which are pivotal in collaborating with both end-users and teammates to resolve issues swiftly. Extended hands-on experience with help desk ticketing systems such as ServiceNow & Monday.com, along with security tools like Snyk and Veracode empowering to manage tasks with a high level of efficacy. High proficiency in Xcode, SwiftUI and Swift which allows for effective and safe logic writing and the testing and building of of iOS and MacOS applications. Highly passionate about continuous learning and aspirations to further expand professional skill set resulting in a prospective asset to any forward-thinking IT team. Very eager to bring all acquired multifaceted capabilities to all future roles. Fullstack iOS Engineer / Application Security Engineer February 2023 - Current Illuscio (stealth start-up), Santa Monica, CA

• Conducted security audits on CI/CD pipelines to assess architecture and identify vulnerabilities Developed a port connection manager in Swift and SwiftUI to enable flexible IP address and protocol adjustments, ensuring fast and secure data transmission

•

• Configured advanced security features within Azure DevOps Repositories

• Designed and implemented features for iOS, visionOS, and macOS applications using Swift

• Engineered a toast alert manager utilizing Swift and SwiftUI for enhanced user interaction

• Created custom user interfaces for various applications using Swift and SwiftUI, optimizing user experience

• Produced immersive AR experiences utilizing RealityKit

• Developed a video player framework for applications employing Swift and SwiftUI

• Enhanced iOS framework capabilities for data management and processing from a C++ library using Objective-C and SwiftUI

• Enhanced iOS framework to manage and process data from a C++ library using Objective-C and Swift Used MotionScape to effectively simulate and deploy seamless transitions and animations in applications for an immersive user experience

•

• Crafted immersive experiences with Spatial Audio technology

• Optimized a C++ library for efficient client-server communication

• Debugged and resolved issues within applications and SDKs

• Acquired proficiency in Rust programming language to support future development initiatives

• Wrote code to fetch and render interactive 3D models

• Designed High-Level Architectures to support vulnerability and threat modeling

• Simulated and evaluated CDN strategies using architectural frameworks

• Implemented OWASP Top 10 and NIST frameworks to enhance security in CI/CD pipelines

• Integrated Snyk and Veracode as a SAST tool into the tech stack for vulnerability scanning and management in CI/CD

• Configured Snyk and Veracode within Azure pipelines and IDEs to manage vulnerabilities effectively

• Conducted bi-weekly vulnerability scans using Snyk and Veracode, generating detailed reports with mitigation strategies

• Collaborated with technical leads to address vulnerabilities in the codebase

• Managed APIs using Postman for streamlined development processes

• Conducted manual code reviews to ensure code quality and security

• Demonstrated and evaluated SonarQube and SonarLint for code quality improvements

• Utilized Sonatype for binary and artifact management to complement SAST operations platforms

• Delivered presentations to showcase project progress and outcomes

• Promoted best security practices during presentations and team discussions

• Managed Mobile Device Management (MDM) and Mobile Application Management (MAM) using Microsoft Intune

• Utilized Slack, Microsoft Teams, SharePoint, and Stream for effective team communication and collaboration

• Reviewed and managed pull requests for code changes and enhancements

• Collaborated cross-functionally within teams to solve complex challenges and achieve project goals

• Effectively communicated with business and executive stakeholders to align technical solutions with organizational objectives Fullstack iOS Engineer / Application Security Engineer October 2020 - February 2023 Target, New York, New York

Wrote code using swift to check and validate credential requirements of password and email during authentication process on iOS Mobile devices

•

Implemented and managed the use of MFA, Password history, Password complexity, Biometric authentication, Tokenization, Hashing and Salting for a safe and secure authentication process

•

• Implemented customer identity and access management (CIAM) into web and mobile applications using AWS Cognito

• Implemented authentication processes to AWS cloud services using AWS IAM Implemented the concept of Ethical hacking to run penetration tests in order to find and manage vulnerabilities within the application while following the OWASP Mobile Application Security Project Standards

•

Conducted regular security assessments to identify vulnerabilities in the application and assess the application's overall risk posture using OWASP ZAP, SonarQube, Snyk and Veracode

•

• Implemented the concept of obfuscation to properly secure source code

• Designed the application's security infrastructure and solutions to ensure optimal protection using Microsoft Visio and Draw.io

• Conducted threat modelling exercises using PASTA, VAST and Stride Deployed and configured security solutions such as WAF, IDS, EDR, monitoring tools, alerting tools, visualization tools and encryption tools

•

Used HTTPS and Key-chain to Implement strong encryption methods to protect card holder data both during transmission and while at rest on iOS devices

•

• Wrote read and write rules to secure access to sensitive data within Google cloud and Google Firebase

• Wrote test cases to support the automated test of UI elements and logic using XCTest

• Researched new technologies to be utilized in the organizations application security processes Responded to security breaches or incidents, worked to mitigate their impact, and conducted post-incident analysis to prevent future occurrences

•

• Continuously monitored the organization's networks and systems for security breaches or intrusions using SIEM solutions

• Regularly tested the application to find vulnerabilities that an attacker could exploit using SonarCube and Snyk code Conducted SAST, DAST, SCR, Vulnerability analysis, Runtime protection, SCA, IAST, MAST, CSA and penetration testing to better secure the SDLC

•

Trained and educated staff about security best practices, including recognizing phishing attempts, using strong passwords, and following company security policies using KnowBe4 and Wombat Security Technologies

•

Hardening of security to mitigate insecure authentication/Authorization, insecure communication, improper credential Usage, insufficient cryptography, inadequate Privacy controls and Insecure Data Storage

•

• Ensured communication with backend servers and payment processors securely used encrypted channels (HTTPS)

• Securely stored secrets using AWS Secrets Manager

• Ensured that software, applications, and systems were regularly updated with the latest security patches

• Followed NIST Special Publication to enhance the security, protect user data, and follow industry best practices Collaborated with other departments (like IT, HR, legal, and operations) to ensure organization-wide security compliance using Microsoft Teams and Slack

•

Ensured that the organizations applications complied with external regulations and standards relevant to its industry, such as GDPR, HIPAA, or PCI-DSS

•

Stayed updated with the latest security trends, threats, and best practices by attending seminars, workshops, or conferences such as Feedly, Google Scholar and Twitter

•

Collaborated with the software development team to ensure that applications and software were developed securely, considering best practices like secure coding with the use of SonarQube and GitGuardian

•

Fullstack iOS Engineer / Application Security Engineer September 2019 - September 2020 lobes (stealth start-up), New York, New York

Wrote code using swift to check and validate credential requirements of password and email during authentication process on iOS Mobile devices

•

Implemented and managed the use of MFA, Password history, Password complexity, Biometric authentication, Tokenization, Hashing and Salting for a safe and secure authentication process

•

Implemented the concept of Ethical hacking to run penetration tests in order to find and manage vulnerabilities within the application while following the OWASP Mobile Application Security Project Standards

•

• Creation and implementation of complex Data structures, API, protocols, extensions and Enums Used HTTPS and Keychain to Implement strong encryption methods to protect card holder data both during transmission and while at rest

•

• Implemented the concept of obfuscation to properly secure source code

• Conducted threat modelling exercises using PASTA, VAST and Stride

• Regularly tested the application to find vulnerabilities that an attacker could exploit using SonarCube and Snykcode Conducted SAST, DAST, SCR, Vulnerability analysis, runtime protection, SCA, IAST, MAST, CSA and penetration testing to better secure the SDLC

•

Education

Certifications

Information Security Analyst August 2016 - November 2019 BestLink strategies, chesapeake, Virginia

• Identified cyber and information security risks through consistent review of business applications and infrastructure systems.

• Supported internal and external security reviews, audits and control evaluations. Collaborated closely with senior leaders to advise on appropriate risk management and mitigation while maintaining client support.

•

• Completed vulnerability and penetration testing.

• Drafted incident reports and conducted investigations to uncover vulnerabilities within processes.

• Conducted risk analysis and provided recommendations for remediation or mitigation. IT Help Desk May 2014 - August 2016

Penn State University, University Park, Pennsylvania

• Provided technical support and troubleshooting assistance to end-users via phone, email, and in-person interactions.

• Resolved hardware and software issues promptly, ensuring minimal downtime and maximum productivity for users.

• Installed, configured, and maintained operating systems, software applications, and peripheral devices.

• Assisted in the setup and deployment of new workstations, laptops, printers, and mobile devices.

• Collaborated with other IT teams to escalate and resolve complex technical issues efficiently. Bachelor of Science (B.S.): Computer Science - Penn State University. (University Park), State College, PA July 2016 I acquired a major in Computer Science and a minor in Industrial Design.

• (ISC) Certified in Cybersecurity - CC

• CompTIA Security+

• CS50P - Harvard University (Certified in Python)

• IBM - Application security and monitoring

Contact this candidate