BASCO, JOFRAN JR. P., CEH

+63-923-*******

adenk7@r.postjobfree.com

I.CAREER SUMMARY

An experienced IT Professional with more than 7 years of relevant experience in Information Security. Holds and passed professional IT certifications Information Security (EC-Council Certified Ethical Hacker). Knowledgeable with Vulnerability Assessment and Penetration Testing, handling and managing SIEM and Security Operation Center Incident Management, Microsoft Windows Active Directory. LAN and WAN computer networking, Windows and Linux Operating System.

II.WORK EXPERIENCE

September 2017 – Present:

ABS-CBN Corp., Information Security Analyst, Tasks:

Provide Information Security support and expertise in this following areas:

Network Security (Fortigate Firewalls)

Identity and Access Management (SailPoint)

Data Loss Prevention (Symantec)

End-Point protection (Trend Micro)

Cyber Incident Response (IBM QRadar SIEM, Symantec MSSP)

User Awareness (Cofense)

Major Duties and Responsibilities:

Work and partner with teammates and with different groups within the IT department as well as the business to protect and control access to data, systems, networks and end-points.

Monitor data loss prevention incidents and report unauthorized activities.

Performs independent review and prepare reports based on monitored changes with regards to configuration on Firewall

Monitor and control identity and access management, be it regular users or privileged for applications, Active Directory, etc.

Monitor, identify, respond and remediate security incidents (network, endpoint, application, etc.)

Assist in the daily implementation, maintenance, monitoring and management of different security tools and technology such as but not limited to Firewalls, IPS/IDS, WAF, SIEM, VA, DLP, Anti-virus

Provide support for execution of security controls and analysis

Provide inputs and identify improvements on information security, compliance, documentation, and awareness

Perform routine IT risk and security administrative tasks

Perform other tasks as required by immediate supervisor

September 2014 – September 2017:

Security Bank Corporation, IT Security Officer, Tasks:

Performed independent review of Internet access and Firewall configurations and provided inputs in policy definition and/or updating of IT security policies.

Regular Duties

Performed independent review and prepared reports based on monitored processes:

Internet access

Change configuration on Firewall

Active Directory access

Anti-Virus updates (Sophos)

Web Vulnerabilities Monitoring (QualysGuard)

Handled VA/PT engagement of commissioned third party.

Involved in patch management.

Identified available patches or threats

Performed regular review and assessment of whether applications have been patched for known security vulnerabilities.

Educated users as well as management about the security patch and why patch management is necessary.

Released IT Security Bulletins

Occasional or Special Duties:

Performed other duties as assigned by the Section Head and CIO.

Updated of ITG BCP Manual

Acted as backup for application access review.

Responded to Security-related User queries, problems, and concerns in a concise and time fashion

Acted as point of contact for third party Security Information Event Management Application (SIEM) and File Integrity Management (FIM)

April 2013 – September 2014:

Trend Micro, Premium Support /Special Services Queue Engineer, Tasks:

Provide solutions to client’s technical and non- technical problems with existing Premium Service Plan.

Capable of handling advanced malware related issues and collecting of malware sample files.

Efficient in product related, operating system and network configurations.

Supports out of scope services to NABU region clients that has QVC laptop/desktop

July 2012 – April 2013:

Trend Micro Philippines, 1st level Technical Support Cloud Security Engineer, Tasks:

Receives call inbounds from APAC and NABU region.

Assures the quality of phone & email support while resolving technical issues during customer’s first contact.

Proficient in various malware handling tools.

Executes architectural troubleshooting steps in resolving internet connection problems.

Well-trained to do basic configuration of Microsoft Windows Operating System.

Provide solution’s to client’s non-technical and technical problems.

Finishes tasks assigned by the Team Lead.

Actively participates in Beta Tests for new Trend Micro product.

January 2012 – June 2012 (Internship)

GXS Philippines, 1st level Technical Support Associate Information Systems Security Specialist Information Security Group, Tasks

Internship for 520 hours and extended (tasks more on conducting audit reports like firewall audit, wireless and vulnerability scan, updating security policies and conducting knowledge training presentations).

September 2011 – December 2011(Internship)

MSI-ECS, 1st level Technical Support Management Information System Team, Tasks

Internship for 520 hours, (tasks more on hardware failures, Machine assembly and software SOP installations, Able to analyze possible cause of hardware, software & network connection failure & errors, Update Fixed Asset Assignment).

III.TECHNOLOGY SKILLS

Security:

Vulnerability Management (Qualys and Nessus)

Penetration Testing (BurpSuite)

IPS/IDS (Fortigate, Checkpoint)

SIEM (QRadar and Splunk)

Data Loss Prevention (Symantec, Sophos)

Anti-Virus (Trend Micro)

File Integrity Monitoring (Tripwire)

OWASP Zap.

Network and Systems:

Active Directory

Firewall (Fortigate, Checkpoint, Stonegate)

Basic Router & Switch Configuration

Operating Systems:

Linux (Kali Linux)

Microsoft Windows Desktop OS (7, 8, 8.1, 10),

Microsoft Windows Servers (2003, 2008, 2008 R2)

Programming Language:

HTML / CSS

PHP

JavaScript

MySQL

XML

IV.EDUCATION

A.Education

2008 –2012 FEU- East Asia College

Nicanor Reyes Sr. St. Sampaloc, Manila, Philippines

Bachelor of Science in Information Technology

2004 – 2008 Angelicum College

M.J. Cuenco St. Sto. Domingo, Quezon City, Philippines, High School

V. Honors/Awards/Certification Received

Certified Ethical Hacker certification, Next Generation Technologies Global Incorporated, September, August 5 – 9, 2019

Certificate of completion in Pandora Security Labs, Network Vulnerability Assessment and Penetration Testing

Microsoft Certified Professional [MCP] Windows 7 Configuration, March 22, 2013

Academic Scholar, FEU – East Asia College, 2008

Certificate of participation in FEU-East Asia College, Cisco Networking Competition, 2010

CCNA 4, FEU – East Asia College, December 2010

CCNA 3, FEU – East Asia College, October 2010

CCNA 2, FEU – East Asia College, April 2009

CCNA 1, FEU – East Asia College, October 2008

VI.Seminars/Trainings/Attended

Certified Ethical Hacker, Next Generation Technologies Global Incorporated, September, August 5 – 9, 2019

Operating System Security and Auditing, ISACA Manila, March 17 - 18, 2017

Network Vulnerability Assessment and Penetration Testing Training, Pandora Security Labs, August 15 – 17, 2017

Ethical Hacking, Social Networking and Cloud Computing, FEU – East Asia College, August 24, 2011

VII.REFERENCES

Available upon request

Contact this candidate