JOHNNY ZHENG

Cyber Security Professional

Email: adi3z2@r.postjobfree.com

LinkedIn: http://www.linkedin.com/in/johnny-zheng

Education:

Buffalo State College Dec 2018

Bachelor of Science in Computer Information System

Udacity Nanodegree Nov 2020

Cyber Security Professional

Skill:

Language: Chinese (Mandarin), English

Programming Language: C++, JavaScript, HTML, MySQL

Technologies: Nmap, VirtualBox, 7zip, CIS control, Nessus, HashCat

Work Experience:

Revature: Technology Development Jan 2020 - Apr 2020

Assistance Software Engineer

Designed an interactive website using HTML and CSS together with JavaScript

Implemented data access objects(DAOs) to perform CRUD operations

Used JDBC to prepare request statements and connect to SQL database

Hosted the application on an Apache Tomcat server

Center for Diagnostic Imaging (CDI) Feb 2019 - Aug 2019

Data Analysis & Data Entry

Transforms raw data collected through our internal systems into actionable information.

Cooperating with other team leaders, work with collects, and analyzes metrics.

Manipulates data to provide meaningful insights; Identifies and explores cost drivers.

Projects:

Hospital Incident Response: Cyber Security Analyst Nov - 2020

Many hospitals noticed that a FIN4 Bit Cryptor had pop on the system, showing the original files have been deleted and will only be recovered by sending bitcoins to the provided address within the next 60 hours. Delete this application hospital will not get their file and documents back to the original location.

Responsibilities:

A detailed summary of the situation, asset, impacts, threat actor, threat motivation, and threat techniques.

Use Nessus to run a vulnerability scan against the log server level by critical, high, medium, low.

Use penetration test against the user's passwords by Brute Force Attack and reinforce weak passwords.

Create an Incident response plan checklist and recommendation to eradicate malicious software.

Environment / Technologies: Window 10, Hashcat, brute force attack, Nmap.

Douglas Financials Inc: Security Operation Specialist Oct - 2020

Douglas Financials Inc (DFI from here forward) has experienced booming growth and, as a result, is ready to add a Security Analyst position. Previously Information Security responsibilities fell on our System Administration team.

Responsibilities:

Authorization to each folder, Disable game(Xbox), Disable remote service.

Using Cisco syntax, create the text of a firewall rule allowing a new DFI partner WBC International.

Create IDS rules to alert an IP address receiving a high volume of ICMP traffic.

Use TFTP protocol to transfer a file, and on top of the Internet User Datagram Protocol (UDP).

Create a firewall alert response and provide a mitigation response.

Create directories with proper authentication permissions to access files and documents on the CentOS.

Environment / Technologies: Linux(CentOS), RDP, SSH(via PowerShell), Firewall rules, VPN encryption, IDS, DDos, TFTP, File Hash

SwitchTech: Cybersecurity GRC analyst Oct - 2020

SwiftTech prides itself on being first-to-market with innovative technology solutions that improve work efficiency for companies worldwide. Their latest product is a Software-as-a-Service (SaaS) solution that makes Project Tracking a breeze. Also, expect SaaS vendors to provide a SOCII report to establish a baseline for cybersecurity controls and validate their effectiveness. Recently hired an outside firm, Firehawk Security, to perform a readiness assessment in preparation for pursuing a SOCII attestation report.

Responsibilities:

Explains SwiftTech's overall cybersecurity risk posture as Risk Accepting, Risk Neutral, or Risk Averse.

Identify regulatory frameworks, standards, or guidance that use to measure the existing security controls.

Identified relevant security frameworks to compare the Firehawk Security Data Flow diagram

Use the control measures pointed out by Firehawk to start a basic risk assessment and

Develop a new information security policy to incorporate the control measures pointed out by Firehawk.

Environment / Technologies: Window 10, CISO, SOCII, VPC3, TLS, Network diagram, VPN

Contact this candidate