Arthur Mack - Cyber Security
Resume:
ARTHUR MACK
adem6c@r.postjobfree.com
Cybersecurity professional ensuring technical security planning, testing, verification, and risk analysis in accordance with security regulations, frameworks, and company needs. Proficient in defining, organizing, and monitoring risk management, compliance, and cybersecurity programs. Proficient in Pen Testing, vulnerability analysis, research planning & execution, and security configurations. Adept at training and educating internal users on relevant cybersecurity procedures and preventative measures.
EXPERIENCE
06/2019 – PRESENT
SR. CYBERSECURITY CONSULTANT (CONTRACT)
abbtech, Tampa Fl
Performed onsite and remote servicing, security configurations, repair, and installation of hardware, software, and network devices. Performed file backups and configure new systems and applications and tested new computers according to established guidelines.
Performed troubleshooting, repairs, and installation of software and hardware for onsite and remote central Florida IRS customers.
Experience with TCP/IP protocols and extensive knowledge of network devices like Cisco switches, routers, load balancers, and reverse proxies.
Prepared standard login scripts with Python and establishing network access protocols to enable customers to gain local or remote access using NAC software for secure access.
Experience in using the common vulnerability scoring system (CVSS) and common attack vectors.
Provided insight and solutions for reducing vulnerabilities and the threat landscape for various customers.
Implemented multifactor- authentication and IAM resolutions to keep unauthorized users from accessing network resources.
Chose, implemented, monitored, and upgraded computer anti-virus and malware protection systems such as MacAfee.
Assisted in the design of a standardized patch management program.
Installed and administered Windows Server 2016, which included installing Active Directory, DNS, and DHCP.
Installed, maintained, and supported the company’s security systems such as Splunk, Anti-malware, DLP, Email Encryption, Endpoint scanning, Firewalls, and Intrusion Prevention System, etc.
Helped users with data backup as well as re-imaged failing data hard drives.
Expertise of information security industry and regulatory obligations (PCI DSS, SOX, NIST Framework 800 series, etc.)
Established plans to safeguard computer files against unauthorized alteration, destruction, or disclosure.
Performed risk assessments and tests on running data processing activities and security measures.
Migrated Windows Operating systems from 7 to 10 and help provision mobile devices for users.
Evaluate and report on new technologies, tools, and trends in the cybersecurity field, such as browser-based, security applications, and network support services.
Organize vendor demo sessions for security-minded organizations; and recommend the purchase of new tools to enhance the security posture for the client.
Knowledge of Advanced Persistent Threats (APT) activities with an understanding of intrusion set tactics, techniques, and procedures.
Utilized Wireshark for network troubleshooting, analysis, software, and communications.
Preformed scripting with Python to install updates and to rollback patches on IRS systems.
09/2018 – 05/2019
SECURITY ADVISOR FOR APPLICATION DEVELOPMENT (CONTRACT)
Proforma, Cleveland Oh
Designed and created applications and then tested the product for functionality and errors. Ensured that performance and security were functional within the code.
Interpreted application use cases into functional applications, including business functioning workflows.
Designed backend coding with C# to created APIs for clients to fetch data from servers etc.
Utilized Microsoft Visual Studio (.NET Framework) to write C# and Javascript code.
Utilized Fuzzing to test generated random inputs based on custom patterns and checking whether the application can handle such inputs properly.
Web protocols such as Perl, HTTP, SSL/TLS, HTML, and JavaScript.
Utilized Burp Suite to display HTTP messages, persistence, authentication, proxies, logging, and alerting.
I helped with bugs and bottlenecks and tested to help with solutions to these problems.
Used Selenium to record, edit, and debug tests, along with recording and playback of its scripts.
Utilized Bootstrap to create CSS forms, buttons, and navigation, for page layouts.
Collaborated with development team through GitHub to maintain version control for different projects.
Conducted perceptive, ad hoc analyses to examine ongoing or one-time operational issues.
Preformed Static and Dynamic testing to analyze code at fixed points/simulate controlled attacks on a running web application during its development.
Applied Fortify Static Code Analyzer to identify and pinpoints security vulnerabilities in source code early in the software development lifecycle.
Used Software Security Assurance to resolve security vulnerabilities.
Utilized Fortify WebInspect for dynamic application security testing.
Created style forms using CSS3 to give websites a more user-friendly look colors, fonts, etc.
09/2016 – 05/2018
CYBERSECURITY ENGINEER
Insight global consulting, San francisco CA
Analyzed vulnerabilities in the infrastructure (software, hardware, networks), investigates available tools, and countermeasures to remedy the detected vulnerabilities.
Monitored multiple systems and applications, including SolarWinds and AppDynamics, to be proactive in identifying anomalies and Intrusion detection to prevent issues.
Familiar with the following security-centric products: McAfee and Norton Anti-virus/Ad-aware, Host-Based Security System.
Complied with compliance standards like NIST, ISO, PCI, and educated users.
Single point of contact to the customer with the client for security related events.
Developed approved Standard Operating Procedures (SOP's), including escalation procedures for clearing various hardware and software platforms, as new requirements are identified or arise.
Resolved and logged all user requests, incidents, and resolutions via ServiceNow.
Built incident tracking and documentation repository using SharePoint.
Analyzed traffic flow patterns by capturing packets on the network using Wireshark (packet analyzer) to identify rouge protocols and nodes on the network.
Set up groups, users, and passwords in Active Directory.
Led base-level analysis to determine the validity of files, domains, and emails using tools such as Wireshark as well as online applications such as Virus Total.
Educated workers about computer security and promote security awareness and security protocols.
Monitored a worldwide network for cybersecurity events and anomalies using a variety of tools such as Splunk.
Utilized Security Information and Event Management tools (SIEM), Host-based and network-based Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention (DLP) solutions.
Assisted with RSA tokens to help users to authenticate to network resources.
09/2013 – 05/2016
SECURITY NETWORK TECHNICIAN
COMPUTER-GENERATED SOLUTION, Edison NJ
Diagnosed computer security problems, monitor computer processing systems, install software, and perform tests on computer equipment and programs.
Performed troubleshooting with hardware, software, and connectivity.
Program-designated Public Key Infrastructure (PKI) Trusted Agent responsible for interfacing with the Certificate Authority (CA), managing certificates for servers and personnel, configuring certificate revocation applications.
Utilized Lotus Notes to give customers secure access to server applications, including email, calendars, personal information managers (PIM), and the Web.
Extracted PCAP and .bin files from Wireshark for use in additional research and analysis on an anonymous network.
Helped users with Remote Access using VPN and Windows Remote Desktop.
Used Symantec Security Information Manager to resolve security alerts.
I installed email certificates to client machines to access email accounts.
Utilized tools such as Splunk, to identify suspicious Web and email traffic going in or leaving the network.
Maintained server applications, updates, backups, anti-virus, security compliance scans.
Supported Cisco network troubleshooting and testing, ability to detect and address/fix persisting issues.
Analyzed network packet captures to locate issues and recognize traffic flows (i.e., Wireshark, TCPdump).
Experience with scripting languages such as Python, or PowerShell
Experience using automated vulnerability assessment tools (Nessus, Metasploit, Nmap, Burp Suite, etc.) as well as manual assessment techniques.
I have worked with Microsoft Baseline Security Analyzer to access missing security updates.
06/2010 – 05/2013
NETWORK ADMINISTRATOR
Johnson Services Group, Westmont IL
Configure and deploy clustering and network load balancing for home health application.
Monitor and troubleshoot network issues including routers, switches, VPN and wireless broadband connection for 45 Windows 2003 servers including six area offices.
Network Configuration and setup of new unit at the hospital in Baltimore office in Maryland includes patch panel, VoIP phone, network printer and wireless access point and router setup.
Troubleshoot and supported 600 users for technical problems for Active Directory, Windows XP, Vista, Exchange 2003/2007, Blackberry server and Windows 2003 server operating systems.
Supports VoIP telephone network and VPN client including Terminal Services manager.
Monitor and manage multiple sites backup using Veritas Netbackup and Retrospect softwares.
Reported on network usage and bandwidth utilization.
Installed new networking hardware and equipment to expand capabilities.
01/2005 – 05/2010
SYSTEMS TECHNICIAN
General Dynamics, Tampa fl
Provided E-Mail technical support and analysis to local and global systems at the Enterprise level
Provided support and administration of the Active Directory (AD) in a Windows Server distributed environment.
Provided technical support to clients regarding the resolution of product hardware, software and operating system issues via phone or remote access for all supported applications or products.
Perform daily monitoring of application software through native tools and SCOM.
Reviewed system logs for applications and review trends for vulnerabilities in systems.
Ran updates and patches on services and systems to address founds threats and vulnerabilities.
Maintained and managed DNS, DHCP, WINS, SNMP and NTP in a Windows environment.
Performed root cause analysis and resolved root cause of issues of Windows and Exchange messaging systems.
Analyzed system logs and utilized monitoring tools to identify potential issues with computing systems.
Worked cooperatively with others on a team to share information, resolve conflicts and make decisions in all aspects of information technology and/or network operations.
Created and maintained documentation of hardware/software, application, processes and other related information.
Responded to end-user inquiries on the telephone, and via email.
Planned network and server upgrades around time-frames that would have the least impact on production and operations.
Communicated with vendors regarding application bugs and planned implementation schedules of application updates.
EDUCATION
BS INFORMATION TECHNOLOGY,
University of south florida
TAMPA, FL
TRAINING AND CERTIFICATIONS
Security +
Network +
EC - Council Certified Ethical Hacker
CSSP Analyst II - DoD 8570
CSSP Infrastructure Support - DoD 8570
CSSP Incident Responder - DoD 8570
Contact this candidate