Information Security Engineer

SYNCLAIR A MOKOM

*************@*****.*** Plano, TX 75093 507-***-****

IT SECURITY ENGINEER

PROFESSIONAL PROFILE

Skilled Information Security Analyst/Engineer with expertise in identifying threats and providing intelligent analysis and positive actions. Extensive knowledge in regulating data access, and a regular participant in continuing education to understand the latest trends and technologies. Strong ability to work effectively in a team environment, capacity to work independently and willingness to seek advice/assistance. Respectable records that includes recommending security improvement, evaluating and identifying vulnerabilities, and improving overall system efficiencies.

CORE COMPETENCIES

Monitoring and Diagnosing Networks

Disaster Recovery and Incident Response

Securing the Cloud

Identity and Access Management

PROFESSIONAL EXPERIENCE

Motorola Solutions, Inc. June 2019 – Present

IT Security Engineer

Assess security vulnerabilities, identify mitigation plans and successfully implement them.

Develop and maintain appropriate Information Security technical documentation as well as providing reviews and updates of existing policies and procedures.

Administer, monitor and manage servers & endpoint security platform (AV, HIPS, etc.), firewalls (Cisco ASA & Palo Alto), enterprise security event log management, two factor authentication (DUO), OS/platform security standards, vulnerability management (Tenable.io).

Research mindset, with a hold on where to look for relevant information pertaining to threats, vulnerabilities and Security best practices that include changes in technology as it pertains to environment

High level understanding of Distributed Denial of Service (DDoS) protection measures that can be implemented on network security devices.

Working knowledge of information security program frameworks, including ISO 27001, NIST SP 800-53, FedRAMP

Cottonwood Financial Ltd, Irving TX September 2018 – June 2019

(Financial Institution)

IT Security Engineer

Ensure that all systems, applications, endpoints, and networks have appropriate and adequate security controls in place.

Specific experience in monitoring, evaluating, and interpreting vulnerabilities, CVEs, remedies, mitigation measures, techniques for escalation, social engineering tactics, phishing techniques, and performing vulnerability assessments

Review, prioritize and recommend information security improvements as they relate to the achievement of the company’s business goals and objectives.

Identify and correct deficiencies in defensive operations, policies, and procedures to implement an improved and self-sustaining security posture.

Experience with Veracode (SAST), Nessus (Vulnerability Scanner), Sumo Logic (Log aggregator), Malwarebytes EPR (AV), ELK Stack (SIEM), Trend Micro & ESET (AV’s)

Research emerging technologies in support of ongoing security practice and enhancements.

Knowledge of compliance requirements (PCI, HIPAA, SOX) and security best practice guidelines (ISO 27001/27002, NIST, COBIT).

Maverick Quant Group, Dallas TX January 2015 – August 2018

(IT Consulting Firm)

Information Security Analyst

Scan system devices for vulnerabilities according to compliance policies – Nessus

Collaborate with high-performing Agile teams and individuals to accomplish goals.

Experience analyzing network, event and security logs – Splunk, Palo Alto, Sonicwall, Symantec.

Experience deploying, administering, and developing multiple Identity Management systems with SailPoint IdentityIQ.

Perform security assessment task – Scapy (Python)

Monitoring cloud-based resources and applications – Amazon Cloudwatch

Work with appropriate technology areas to identify potentially elevated risks and perform assessments and mitigating controls. Recommend any adjustments required to meet company policy, regulatory requirements, and industry best practices.

Banque Internationale Du Cameroun Pour l’epargne et Le Credit January 2011 – November 2013

(A $20B Financial Institution HQ’d in Douala, Cameroon with 10,000 employees)

IT Specialist

Refined and improved existing documentation system, resulting in reduced labor costs totaling $10,000 annually via increased workplace efficiency.

Investigated arising incidents caused by malicious activities and identified false positives.

Perform log analysis from various security controls, including firewall, proxy, HIPS, endpoint security, application and system logs to identify possible threats to network security.

Consulted with sales department to implement enhanced security and verification system for new client inquiries, which resulted in a 50% decrease in spam messages sent through the online form.

Specific experience in monitoring, evaluating, and interpreting vulnerabilities, social engineering tactics, phishing techniques, and performing vulnerability assessments.

Made recommendations on best network log/visibility sources for purposes of SOC build-out and SIEM/correlation

Improved security measures to protect privacy of customer contact and financial information. This led to a 25% increase in customer satisfaction rating in 9 months period.

Advance level knowledge of Active Directory, LDAP, Single Sign-On, VPN, SAML, and OAuth.

EDUCATION & CREDENTIALS

Colorado State University – Global Campus 2017

Bachelors of Science in Information Technology

Awards of Achievement:

Information Systems Management and Architecture

Network Security and Analysis

University of Yaounde II, Cameroon 2012

Masters in Business Law.

University of Buea, Cameroon 2010

Bachelor of Laws

PROFESSIONAL CERTIFICATIONS

CompTIA Security +

AWS Certified Security – Specialty

Microsoft Certified Azure Engineer (In Progress – anticipated completion on 30/06/2020)

CISSP (In Progress - anticipated completion 30/09/2020)

Contact this candidate